NOD32 and MS SQL

Is anyone aware of any issues between NOD and SQL?

I have the SQL directory excluded from AMON, but since I installed NOD, the server has locked up hard twice.

Any info or links are greatly appreciated.

 

What version of sql are you running? I have it running on a sql server 7 and no problems.

 

SQL Server Developer Edition v.8.00.384 (SP1)
on Windows 2000 Advanced Server (SP4)

Thank you.

 

Please make sure IMON's icon is grey (not red). If it's red, click the Quit button in the main IMON panel and reboot the machine to remove IMON completely from the system.

 

I've been running NOD and SQL Server 2005 Express Dec04 CTP (9.0.981) on a development machine without any apparent problems. Granted, however, I'm not running SQL all of the time and/or really pushing it much, just when I am testing out some functionality.

 

As you alluded to - that's probably not a great test scenario for someone wanting to know the NOD32/MsSQL interaction for a production server environment.

fwiw - we have NOD32 running on a win2k3 machine running MsSQL server 8 I think... we have no more problems with SQL/Server than we had with any other Anti-Virus software.... we have fully migrated ONE of the SQL/Server databases to a MySQL database running on another box (still access it via CFM on the win2k3 machine) and are actively trying to get the client owner of the other application to convert AWAY from SQL/Server too.

Problems we have with SQL/Server are NOT caused by any AV interaction - rather SQL/Server itself - let's just leave it at that!

 

Agreed, definitely not the same as someone running it in production.

I only responded to say that there weren't any immediately and obviously noticeable problems (like hard lockups as soon as the server process started) on my end with the version I had. That's all. You never know what information might help. BTW, I don't even bother excluding the SQL data directory because I don't have AMON configured to scan all files... so it wouldn't touch the mdf's and ldf's anyway.

 

Thanks for all the replies.

I have disabled IMON (grayed out) and have excluded the SQL directory from AMON.

When I first encountered this server, it had no AV and no updates whatsoever. I installed NOD and immediately detected the Win2K/CodeRed.D trojan and deleted it. I also applied SP4 and some 40 critical updates. The server has stabalized and has not locked up today

I have not researched this virus and its consequences to a SQL server so any insight is appreciated.

 

Update from my last post, the server just locked up again. What's interesting is that it happened at exactly the same time yesterday, 12:15pm. I guess there is some virus activity still on there even tho NOD is running.

 

Is it possible to reboot the server and run a scan in Safe Mode? There is a thread HERE on tweaking Nod32 for such a scan.

Alternatively, can you slave that drive off a clean virus free computer and run a scan that way?

Hope this helps...

Let us know how you go.

Cheers

 

I ran the code red cleaner and it deleted the following:
c:\inetpub\scripts\root.exe
The trojan.virtualroot was successfully removed.

Looking back at the NOD logs, this file was not listed.

Hopefully this will stabalize the server.

When I have an opportunity, I will try to scan in safe mode. Thanks for the tip!

 

Do you mean the whole server locked up, or that MS/SQL server locked up and the server it's (windows) was working?

If you meant the latter - it's normal! MS/SQL Server is the worst DBMS I've EVERY worked on - and I've worked on TONS! Basically, the server can run for anything from hours, to days, sometimes weeks, but then MS SQL/Server will lock up and the ONLY way to get the flippin' thing back is to do a reboot!

We have SQL/Server restarts scheduled in the middle of the night - it has reduced the number of lock ups of the SQL engine, but not eliminated them -and this is a SQL/Server machine with only ONE active appplication using the DBMS... !!!! Junk, junk and MORE M$ junk!