Windows Server 2003/2008

Sometimes we do experience random hangs on our servers. These include Citrix / Printer / Fileservers. Can anyone help me in the right direction what to exclude? We escpesially have problems with Windows 2003 R2 , Windows 2003 not R2 dosent seem to have any problems at all.

 

Get a copy of filemon and have it filter for the activity coming over ekrn.exe. If something is being heavily scanned and causing file locking issues you should be able to see it jump up on the access list a lot which will point you in the right direction of what to exclude.

 

What version of NOD is installed? I still only use 2.7 on servers.
What exclusions do you have?
On all servers I have NOD on, under real time protection, Extensions...I uncheck "Scan all files"..letting it scan just files that are susceptible for threats.
Also there are certain directories on servers that NEED to be excluded from the real time protection of any brand antivirus...the following link shows common directories to exclude on SBS...from there you can separate what is Windows Server related, and what is Exchange related.
http://www.sbsfaq.com/Lists/FAQs/DispForm.aspx?ID=137
Also any servers that share out an application...naturally you should follow that application vendors recommended setup in its documentation and exclude that from real time protection. As well as databases such as SQL or Progress, etc (refer to its documentation)

 

Hello fanuelsen,

You should check out the Knowledgebase article for the reccomended server settings.

http://kb.eset.com/esetkb/index?page=content&id=SOLN2144

 

Thanks for answering

This is the standar server exclusions i use is the following:

C:\Program Files\System Center Operations Manager 2007\*.*
C:\Program Files\ScriptLogic Manager\*.*
C:\Program Files\ESET\*.*
%SystemRoot%System32Inetsrv\*.*
D:\Program\IST_DB\*.*

I mainly use V4.0 but also V3.0.