NOD32 v4 Network Problems?

Discussion in 'ESET NOD32 Antivirus' started by stevef1, Mar 24, 2009.

Thread Status:
Not open for further replies.
  1. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    Hi all just want some ideas on a problem i have just installed nod32 v4 to all computers at my site and am now having issues with computers (windows xp sp3) slow browsing i.e i use dfs on a windows 2003 sp2 server (its a domain controler) to redirect user home folders to a nas (dell windows storage server) all was working great but now we seem to have these "slow downs" any ideas i think i have set up all exclusions, anyone have a list that works for them of exclusions (work stations, servers etc)

    thanks

    stevef1
     
  2. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
  3. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    Thanks for that but still have the same issue, think i might just look for an alternative to NOD32....any ideas or should i try to down geade to 2.7??


    stevef1
     
  4. bradtech

    bradtech Guest

    Try the following setting below for your slow network access times.

    http://img529.imageshack.us/my.php?image=networkscan.png
     
  5. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    Thanks mate, done that as well as including exclusions for : \\domainname\sysvol\domainname, \\domain\dfsroot, any redirected folders, anything in the windows folder (just in case)
    i just dont know what next, tried the following today.
    ran netsh winsock reset (in case of problems with winsock
    uninstall nod32
    and the test computers worked great, reinstalled nod32 and everything slowed......grrrrrr

    stevef
     
  6. bradtech

    bradtech Guest

    Here are my exceptions I have on all my Servers, and clients.. I'll leave out work related exceptions..

    C:\Documents and Settings\All Users\ntuser.pol
    C:\Windows\ntds\*.*
    C:\windows\ntfrs\*.*
    C:\windows\security\database\*.*
    C:\Windows\Security\database\ebd.chk
    C:\Windows\Security\database\edbres00001.jrs
    C:\Windows\Security\database\edbres00002.jrs
    C:\Windows\security\database\secedit.sdb
    C:\Windows\SoftwareDistribution\*.*
    C:\windows\System32\GroupPolicy\*.*
    C:\windows\system32\GroupPolicy\registry.pol
    C:\Windows\system32\Netware\*.*
    C:\windows\system32\novell\*.*
    C:\windows\sysvol\domain\policies\*.*
    C:\windows\sysvol\domain\scripts\*.*
    C:\windows\sysvol\staging areas\*.*
    C:\windows\sysvol\sysvol\*.*
    C:\program files\Cisco Systems\*.*


    I know doing a *.* at the end exludes all, and I've added duplicate entries but I wanted to be 100% so I drilled down to the file even after having a whole folder exluded that it's in..
     
  7. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    will redo the exclusions and try them again in the morning, i redirect our users "my documents" folders (via dfs) to shares on servers, any pointers on this? at the moment i have NOD32 not scanning these folders on the server (full scan done every day)

    Do you have the same exclusions on your domain controllers?

    thanks

    stevef
     
    Last edited: Apr 6, 2009
  8. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    Make sure you exclude the redirected folders by UNC path, not drive letter.
     
  9. bradtech

    bradtech Guest


    Yes I just have a global exclusion list that I apply to both the Client, and Servers.. Best practice, and neatness would probably be to have a separate xml for each but I just have one master list.
     
  10. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    Yeah i have a workstation and server config so i can send config changes to workstations only, we block USB ports now using NOD32 but dont need that on the servers, will let you know how it pans out, thanks for the help so far

    stevef
     
  11. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    Well it just gets better and better......i created a clean config with just the exclusions in it from bradtech (i had most in my config) and rebooted a couple of pc's, fast boot restored up to log on nice and fast (thanks bradtech) so i started to add some unc file paths in the form \\server\share and rebooted and got slow startup times !!! took out the unc paths all back to normal........hmmmmmmm and i wana buy this software ;) so it looks like (for my network) that nod32 dont like unc paths, i checked the permissions on the shares and all is ok btw.
    Geting some eset services hanging on boot on a couple of computers takes about 2 mins and the services start, will look in to that tomorrow

    stevef
     
  12. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Steve... I'd be very interested in how you are doing this with NOD32?

    I haven't updated to v4 yet (still on v2.7) - is this something new to v4?

    Thanks!
     
  13. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    Hi tanstaafl, were doing ok (kinda) thanks to the help from this group (bradtech has been great, thanks mate) we have had some issues that we seem to be geting sorted, we had slow network access, i used the sugested exclusions from bradtech and left out any unc paths to servers and now seem to have normal network access hmmm!!

    the only problem now is that nod32 seems to hang for a short while on some computers at startup, i just downloaded the latest version and tested it on some xp clients with sucess today :) computers seem to start up ok with no hangs at startup time :)

    stevef
     
  14. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Hi Steve,

    Glad things are looking better with this version...

    But, I was specifically asking - and would still like to know, how you were able to block USB access with NOD32? :)

    Thanks!

    Charles
     
  15. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Thats odd, because I have seen more than once a specific recommendation to USE UNC paths over drive letters...

    I hope an ESET rep will comment on this question...

    One thing I made note of while reading all of the threads of those with big problems: if/when you do a clean install, you should reboot TWICE BEFORE doing the new install - ie, reboot once after doing the removal, and then after it is fully booted up, reboot AGAIN - something about fully clearing out the PNP drivers from memory (maybe they are cached somewhere)... you might try that on the problem machines...
     
  16. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    USB ports: if you go to advanced setup in antivirus and software you see an option to block removable media as far as i can tell this effectivly blocks all the usb ports on the computer (it works for me at the moment) if we enable this (tick the box) no one seems to have access to usb devices (pens etc) you can add exceptions such as D drive etc.

    stevef
     
  17. Waterfox

    Waterfox Registered Member

    Joined:
    Mar 3, 2008
    Posts:
    118
    Location:
    Sweden

    Yes, this feature is available in v4 of NOD32 and ESS.
     

    Attached Files:

  18. stevef1

    stevef1 Registered Member

    Joined:
    Mar 24, 2009
    Posts:
    11
    yup thats the one, using the remote install console i'm going to block usb ports every 20 to 30 days or so and force laptop users to bring laptop and usb pens to have them cleaned, more work for ict support but worth it until the users get the idea of checking usb pens etc.

    stevef
     
  19. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Thanks Waterfox... I'll definitely check it out...

    It would be really nice if only USB STORAGE devices could be blocked, but other devices (like keyboards, mice and printers) could be allowed.

    I'd also like the ability to allow certain workstations the ability to have read-only access to USB drives...

    I'll be interested to see what is allowed with the 'Exceptions'... maybe I'll have time to d/l and install v4 tomorrow...
     
  20. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Ping...

    ESET? Marcos? Someone?

    UNC paths or not in exclusions?

    And why would their use cause the slow-down problems stevef1 was having?

    Inquiring minds want to know...
     
Thread Status:
Not open for further replies.