Server Freeze with Nod32 v4 and Windows Server 2008 SP2

Discussion in 'ESET NOD32 Antivirus' started by thomasbeagle, Jul 7, 2009.

Thread Status:
Not open for further replies.
  1. thomasbeagle

    thomasbeagle Registered Member

    Joined:
    Jul 7, 2009
    Posts:
    3
    Hi there,

    We have three Windows 2008 servers all with SP2 and all current patches. They all have Eset Nod32 Antivirus installed (version 4.0.424.0) and are fully up to date.

    If the realtime protection is enabled, all three servers will consistently freeze up in 2-4 days. Symptoms include: cannot log in to console, cannot log in via RDP, cannot connect via system tools, can still ping the server.

    Event Logs do not show much as they normally stop working at some point before the freeze.

    If the realtime protection is disabled, the systems remain up for at least two weeks.

    Directories that Microsoft recommend to be excluded are all excluded from realtime protection (DFS dirs, sysvol, etc, etc, pretty well everything except for the shared data directory). The systems are working as file servers with DFS.

    Anyone got a solution?

    At the moment I would recommend against installing Nod 32 v4 on Windows Server.
     
  2. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    There are posts similar to yours all over the web, and here on Wilders. Version 4.0 of NOD32 simply is not suitable for servers, especially for domain controllers. The only solution that I know of is to revert to version 3.0 (or even 2.7), or drop NOD32 and go for an alternative product.
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    did you contact the tech support regarding the issue?
     
  4. thomasbeagle

    thomasbeagle Registered Member

    Joined:
    Jul 7, 2009
    Posts:
    3
    I have contacted Tech Support. They sent me a link to version 4.0.437 at ~Private link removed.~

    I'm going to try it on one of the servers. If that doesn't work, we'll be asking for a refund and switching to a different product.
     
    Last edited by a moderator: Jul 8, 2009
  5. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    Wonder why the link was removed from the above post, 4.0.437 is a public release?
     
  6. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    I recommend not to use v4 on a server, it simply isn't stable enough. Use v2.7 on a server.
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    In case of any server-related problems, I'd suggest installing EAV 3.0.684 which has never caused any such problems on servers (at least we haven't been reported any).
     
  8. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    668
    Agreed, we're using 3.0.684 as the "server product" and 4.0.437 as the "desktop product".

    3.0.684 works really well on servers.



    Jm
     
  9. thomasbeagle

    thomasbeagle Registered Member

    Joined:
    Jul 7, 2009
    Posts:
    3
    We upgraded to the newest version and still got some system hangs.

    We're dumping NOD32 and will be asking for a refund from the supplier. Going to see if AVG is any better.
     
  10. CrunchieBite

    CrunchieBite Guest

    Nice catch-22 situation there. If you run v4, you might get unstable servers but, if you go back to v3, you might get affected by old bugs which apparently were fixed in version 4.

    Example in point, I had a server that was running v3.0.684 and then I started to get intermittent "Undocumented serious error (0x101a)" which always required a reboot of the server or a manual killing of the Ekrn.exe task.

    Response from Eset Moderator in this thread https://www.wilderssecurity.com/showthread.php?t=235639 was that v4 should fix it so, after a while, I went and upgraded to v4 but, now I risk being affected by server hangs for which the suggestion is to go back to v3.0.684. Anyone noticing the potential loop here?

    Fortunately, my server appears (so far) to be stable with v4!

    ~CB
     
  11. mkuntic

    mkuntic Registered Member

    Joined:
    Mar 6, 2008
    Posts:
    54
    Why run it on a server at all? If it's a Terminal Server the reason is obvious, but in any other case?
     
Thread Status:
Not open for further replies.