ESET NOD32 Business Editon 4.2.76 on Windows Terminial Server 2008 RD2

Discussion in 'ESET NOD32 Antivirus' started by ell87cam, May 18, 2012.

Thread Status:
Not open for further replies.
  1. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    I've installed ESET NOD32 Business Editon 4.2.76 on four Windows Terminial Server 2008 RD2 that are being used by a total 100 users. (25 per TS).

    The users are complaining that the TS are slower since i'v installed NOD32. Indeed, the ESET kernel is using a lot of CPU resource.

    Is there special configuration available for Terminal Server ?? Or any tips??

    Btw this the specifications of the TS servers:

    Intel Xeon E5620 2,5 GHz
    6GB RAM
    Windows Server 2008 R2 Standard Editon
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,423
    Does disabling real-time protection or http checking in the advanced setup make a difference?
     
  3. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    Didn't try that yet. But i'm trying to keep the security as high as possible, so disableling the real-time proctection don't look safe to me.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,423
    It is necessary to narrow it down to a particular module, hence I was asking. Perhaps you could try it when users are not logged to TS to minimize the risk they would run something malicious.
     
  5. dannyboy

    dannyboy Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    113
    Location:
    UK
    One thing I do in TS environments is delete the registry startup key for egui.exe (under HKEY Current User), otherwise you have a separate egui process running for every user who logs on.
     
  6. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    Deleting the registry startup key sounds good, so i'm gonnan try that.

    1. I'm running a 4 server with 25 uers each, there no way that i'm gonna shutdown the real-time protection.

    2. Why buy a virus a virusscanner if i'm realtime protection is'nt necessary??
     
  7. rekun

    rekun Registered Member

    Joined:
    Jun 11, 2007
    Posts:
    89
    The solution was not to permanently disable the security. It is only a way to figure out what part of the AV is slowing things down. Try to disable it for a few minutes, and see if it fixes the problem, and then report back here.

    Also deleting that registry key might help. Or you can just add /terminal(look in the manual)
     
  8. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    Ok true there!

    If real-time protection is the source op problem, what would be the next step??
     
  9. ramirez1

    ramirez1 Registered Member

    Joined:
    Sep 15, 2010
    Posts:
    30
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,423
    If disabling real-time protection helps, generate a Procmon log and supply it to Customer care for perusal. You can also upload it somewhere and PM me the download link.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.