ESET NOD32 Business Editon 4.2.76 on Windows Terminial Server 2008 RD2

Discussion in 'ESET NOD32 Antivirus' started by ell87cam, May 18, 2012.

Thread Status:
Not open for further replies.
  1. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    I've installed ESET NOD32 Business Editon 4.2.76 on four Windows Terminial Server 2008 RD2 that are being used by a total 100 users. (25 per TS).

    The users are complaining that the TS are slower since i'v installed NOD32. Indeed, the ESET kernel is using a lot of CPU resource.

    Is there special configuration available for Terminal Server ?? Or any tips??

    Btw this the specifications of the TS servers:

    Intel Xeon E5620 2,5 GHz
    6GB RAM
    Windows Server 2008 R2 Standard Editon
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Does disabling real-time protection or http checking in the advanced setup make a difference?
     
  3. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    Didn't try that yet. But i'm trying to keep the security as high as possible, so disableling the real-time proctection don't look safe to me.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    It is necessary to narrow it down to a particular module, hence I was asking. Perhaps you could try it when users are not logged to TS to minimize the risk they would run something malicious.
     
  5. dannyboy

    dannyboy Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    113
    Location:
    UK
    One thing I do in TS environments is delete the registry startup key for egui.exe (under HKEY Current User), otherwise you have a separate egui process running for every user who logs on.
     
  6. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    Deleting the registry startup key sounds good, so i'm gonnan try that.

    1. I'm running a 4 server with 25 uers each, there no way that i'm gonna shutdown the real-time protection.

    2. Why buy a virus a virusscanner if i'm realtime protection is'nt necessary??
     
  7. rekun

    rekun Registered Member

    Joined:
    Jun 11, 2007
    Posts:
    89
    The solution was not to permanently disable the security. It is only a way to figure out what part of the AV is slowing things down. Try to disable it for a few minutes, and see if it fixes the problem, and then report back here.

    Also deleting that registry key might help. Or you can just add /terminal(look in the manual)
     
  8. ell87cam

    ell87cam Registered Member

    Joined:
    May 18, 2012
    Posts:
    4
    Location:
    Germany
    Ok true there!

    If real-time protection is the source op problem, what would be the next step??
     
  9. ramirez1

    ramirez1 Registered Member

    Joined:
    Sep 15, 2010
    Posts:
    30
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    If disabling real-time protection helps, generate a Procmon log and supply it to Customer care for perusal. You can also upload it somewhere and PM me the download link.
     
Thread Status:
Not open for further replies.