Scan repeated over and over

Discussion in 'ESET NOD32 Antivirus' started by edwin3333, Mar 25, 2009.

Thread Status:
Not open for further replies.
  1. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    Every time my PC boots/reboots, Nod32 does a complete in depth scan of my PC. I have 120GB of actual files, so it takes hours to complete.

    About 1/3rd my machines on my LAN do this complete scan every single time they are booted up.

    How do I stop this? I have removed all "startup" scans, scans after update. The only thing left is the weekly scan that runs on Sunday and only runs once every 200 hours. If I delete this, the repeated scans quit. But I want a weekly full scan (including advanced heuristics, and archive scanning which is disabled in the realtime.)
     
  2. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    I uninstalled NOD32 3.0, rebooted. Files are gone. I installed Nod32 4. The repeated scan problem persists.

    The Sunday 6pm scan finished, per the logs, around 9pm last night.

    I booted my PC this morning, and this scan is running AGAIN. Even though it is scheduled to only run on SUNDAY, and not to run if it has completed in the last 200 hours. Which it has. It completed last night.

    o_O Any ideas to try? I have an open case with eSet, but none of my open cases seem to get attention/fixed. I get more help from the forums & Marcos :) than support . My boss wants me to solve this problem as it's causing some serious slowdown issues in the mornings, the busiest time of the day.
     
  3. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    One thing I see is that in the registry under scanners/01010100/profiles there is @In-depth scan which has a Statistics subkey with values such as ScanTime.

    I don't use @In-depth scan for anything unless someone manually runs it. I use a custom profile for my weekly scans. But my weekly profile has no statistics. If I go to the LogPath of the @In-depth scan, it has a log file created at the time that the custom profile scan started this morning.

    So I wonder if there is a bug where stats for weekly scans are always stored in @In-depth scan, causing this custom scan to run repeatedly?
     
  4. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    Yup, that's the bug.

    I modified my weekly scan to use @In-depth and the repeated scans quit.

    The case is 264976 if anyone in tech support wants to fix this issue. The scan statistics need to be saved in the actual scan profile used, not the apparently hard coded @in-depth profile.
     
  5. Pecker_Head

    Pecker_Head Registered Member

    Joined:
    Mar 23, 2009
    Posts:
    18
    Location:
    Peckersville, USA
    Hello Edwin3333,

    Interesting problem to say the least. It is problems such as this that make me wonder if I purchased the *wrong* antivirus solution. Has ESET gotten back to you with any resolution? I've learned that workarounds create more problems down the road when the vendor actually gets around to fixing the issue. I document all system updates, upgrades and changes through a change log file. However, I know a limited few sysadmins who don't feel this is necessary. Then when the vendor releases a 'fix' you end up playing hell to find out why it *still* doesn't work. Wow, so many issues with v4. I am so afraid to use it now.

    -P_Head
     
  6. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    I have version 4 on four machines now. All products have issues. So far I don't see anything more wrong with 4 than I did with 3. I'm getting these event log errors that others are, but those appear to be informational.

    They have responded to me for more information, but that is all so far.

    I've been doing network AV for 15 years now. I've never found a product I absolutely love. Nod32 2.7 was the closest to that, but it's too outdated & the machines I have that left on are getting infected due to the new infection techiniques.

    You have to find the product which works best in your environment with your products. In my case, that means multiple vendors.
     
Thread Status:
Not open for further replies.