Windows Server 2003/2008

Discussion in 'ESET NOD32 Antivirus' started by fanuelsen, Jun 19, 2009.

Thread Status:
Not open for further replies.
  1. fanuelsen

    fanuelsen Registered Member

    Joined:
    Jan 28, 2009
    Posts:
    14
    Sometimes we do experience random hangs on our servers. These include Citrix / Printer / Fileservers. Can anyone help me in the right direction what to exclude? We escpesially have problems with Windows 2003 R2 , Windows 2003 not R2 dosent seem to have any problems at all.
     
  2. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Get a copy of filemon and have it filter for the activity coming over ekrn.exe. If something is being heavily scanned and causing file locking issues you should be able to see it jump up on the access list a lot which will point you in the right direction of what to exclude.
     
  3. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    What version of NOD is installed? I still only use 2.7 on servers.
    What exclusions do you have?
    On all servers I have NOD on, under real time protection, Extensions...I uncheck "Scan all files"..letting it scan just files that are susceptible for threats.
    Also there are certain directories on servers that NEED to be excluded from the real time protection of any brand antivirus...the following link shows common directories to exclude on SBS...from there you can separate what is Windows Server related, and what is Exchange related.
    http://www.sbsfaq.com/Lists/FAQs/DispForm.aspx?ID=137
    Also any servers that share out an application...naturally you should follow that application vendors recommended setup in its documentation and exclude that from real time protection. As well as databases such as SQL or Progress, etc (refer to its documentation)
     
  4. WayneP

    WayneP Support Specialist

    Joined:
    Apr 9, 2009
    Posts:
    339
  5. fanuelsen

    fanuelsen Registered Member

    Joined:
    Jan 28, 2009
    Posts:
    14
    Thanks for answering :)

    This is the standar server exclusions i use is the following:

    C:\Program Files\System Center Operations Manager 2007\*.*
    C:\Program Files\ScriptLogic Manager\*.*
    C:\Program Files\ESET\*.*
    %SystemRoot%System32Inetsrv\*.*
    D:\Program\IST_DB\*.*

    I mainly use V4.0 but also V3.0.
     
Thread Status:
Not open for further replies.