Troubleshooting Workstation Performance Issues for KAV Users
Some customers have reported system performance problems after deploying KAV. Our investigations have revealed a few of the common problems associated with performance-related issues:
Problem: Insufficient System Resources
Remediation: Verify you are using the minimum system config: http://support.kaspersky.com/kav2010?level=3
Problem: Running MalwareBytes real-time scanning engines
Remediation: Disable MWB real-time scanning
Note: On machines with less than 2GB of RAM, running multiple scan engines simultaneously (i.e. - MalwareBytes AND Kaspersky) can result in notable performance degradation. When choosing to run MWB and Kaspersky on machines with less than 2GB of RAM try disabling the real-time scan engine in MWB and allow Kaspersky to handle the real time protection (while MWB runs scheduled system scans after hours). There are always exceptions to the 2GB guideline (disk IO speed, number of active applications, swapfile size/use etc), but we've found the 2GB guideline to be a good rule of thumb.
Problem: Disable Windows Defender / MS Security Essentials
Remediation: Ensure Windows Defender and Security Essentials are disabled
Note: It can be very easy for users and administrators to accidentally turn on (or leave on) Microsoft's native antispyware (Windows Defender) and antivirus (Security Essentials) applications. This leads to multiple real-time scanning engines (see note about about MWB) and result in system performance degradation.
Problem: Running system scans and system updates during business hours
Remediation: Schedule system scans and system updates to run after working hours. Schedule scans/updates to run earlier in the evening to give the system time to complete the scan before the user arrives in the morning.
Note: If the user shuts their computer off after hours and the scan is unable to run at the regularly scheduled time, KAV will start the scan as soon as the user turns on their machine unless the "Skip if offline" option is selected in the KAV profile
Problem: Scanning frequently accessed files (.pst .mdb, databases, other security applications etc)
Remediation: Use the directory exclusion feature in the profile to ensure the antivirus engine does not continue to scan files that are frequently updated
Problem: Components from prior AV software still resident on machine
Remediation: Run prior AV software vendor's uninstall tool
Note: Some users would like to run the AV removal tools from an agent procedure, but Kaseya does not create, distribute nor support these scripts. However, sample scripts have been posted on the community forums and users are free to experiment on their own (for example, removing Symantec AV: http://community.kaseya.com/xsp/f/142/p/11993/59892.aspx)