NOD32 V4 on Domain Controllers

Discussion in 'ESET NOD32 Antivirus' started by goldrushtech, Apr 14, 2010.

Thread Status:
Not open for further replies.
  1. goldrushtech

    goldrushtech Registered Member

    Joined:
    Jun 26, 2005
    Posts:
    59
    Location:
    Greensborough, VIC, Australia
    Any news either way on whether 4.2 has fixed the issues with NOD32 on DCs?
     
  2. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    I've put it on 2x SBS boxes..well, the Exchange variant...which basically has the NOD32 built into it.

    I do follow the exclusion guides heavily....as well as set file types to scan from "all" to the default set.
     
  3. briwlls

    briwlls Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    25
    Can you point me to those guidelines/best practices?
     
  4. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    4.2 broke our old Windows 2000 SBS machine this week. I'd been running 3.x on there for ages, and a fortnight ago I used ERAS to push out 4.2.35 to all our clients to upgrade them from 4.0.x. In a slip of the mouse I mistakenly included the server. Big mistake.

    Every single day since then the guys on site have had to reboot the server as no-ones been able to connect (client computers hanging at applying computer settings). So I uninstalled ESET on Monday, and the server has been fine since.

    No idea if this is specific to 2000, but 4.2 broke it for us. So the server's now running naked, I'll put 3.x back on it when I get an opportunity. NOD32 contained all the correct exclusions etc.

    We've not upgraded ANY server to 4.2.35, most are on 3.x or 4.0.x, but all our desktops/laptops are on 4.2.35 with no issues.



    Jim
     
  5. PsymonR

    PsymonR Registered Member

    Joined:
    Apr 15, 2010
    Posts:
    1
    Just uninstalled 4.2.40 from our Server 2008 R2 x64 DC as it caused a couple of Bluescreens (7f). Moved back to 4.0.474 which has been stable on our DC for 8months or so now.
     
  6. jftuga

    jftuga Registered Member

    Joined:
    Mar 9, 2007
    Posts:
    64
    Location:
    Athens, GA
    Please review:
    Virus scanning recommendations for computers that are running currently supported versions of Windows
    http://support.microsoft.com/kb/822158


    Pay attention to these 2 sections:
    1) For Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, and Windows 2000 domain controllers
    2) For Windows Server 2008, Windows Server 2003, and Windows 2000 domain controllers

    -John
     
  7. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Plenty of AV exclusion guides around...I follow a list pretty much similar to this one..which is for SBS03.
    http://alpesinfo.com/fr/node/23
    It's easy to see which ones are related to Exchange, which ones are related to just server/DC roles, and the few that are SBS exclusive..and apply those to whatever server you're installing on.

    c:\inetpub\mailroot\badmail
    C:\Program Files\Exchsrvr\***server name here***.log
    C:\Program Files\Exchsrvr\conndata
    C:\Program Files\Exchsrvr\Mailroot
    C:\Program Files\Exchsrvr\mtadata
    C:\Program Files\Exchsrvr\srsdata
    C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Failed Mail
    C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\Incoming Mail
    C:\WINDOWS\IIS Temporary Compressed Files
    C:\WINDOWS\NTDS
    C:\WINDOWS\ntfrs\jet
    C:\WINDOWS\SoftwareDistribution\DataStore
    C:\WINDOWS\system32\dhcp
    C:\WINDOWS\system32\inetsrv
    C:\Windows\System32\ntmsdata
    C:\WINDOWS\system32\wins
    C:\WINDOWS\SYSVOL\staging areas
    C:\WINDOWS\SYSVOL\sysvol
    C:\windows\temp\Frontpagetempdir
    ***drive letter and path***\ExchangeData

    I also set the real time protection to NOT scan all file extensions on a server..unchecking that, it will default to scanning only certain file extentions.

    And on SBS/Exchange...in the XMON component I disable background scanning of the infostore.

    If you're running SQL (or other databases)..naturally add those to the exclusion list. And..naturally...other line of business software which may be sensitive to AV scanning.
     
Thread Status:
Not open for further replies.