Although ESET does not recommend doing so, it is possible to disable the graphical user interface of your ESET security product. In certain cases, such as terminal server networks with extreme memory limitations, you may wish to disable each instance of the egui.exe. It is essential that you first configure ESET Remote Administrator to control terminal computers running instances of ekrn.exe because after disabling, there will be no graphical interface on the terminal computer.
Click here for more information about ESET Remote Administrator.
Click here for information about how to install ESET Remote Administrator and set up a Mirror server.
Click here for instructions on pushing out .xml configurations to your network client computers.
Warning: Do not proceed unless you are an experienced user and familiar with ESET Remote Administrator.
Disabling the graphical user interface
Follow the steps below to disable egui.exe on an individual client:
Click Start → Run (Windows Vista users: Click Start, type Run and press ENTER).
Enter the following string into the command-line field and click OK:
REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v egui /f
Recommended settings
You may encounter a variety of issues once egui.exe is disabled. Below is a list of potential solution configurations that can be pushed out through ESET Remote Administrator to address these issues. In general, you should configure your ESET security product to minimize the number of user interactions required because the lack of a graphical user interface makes such interactions more difficult.
Antivirus and antispyware
Cleaning
We recommend you set the cleaning level in the ThreatSense engine parameter setup window to Strict cleaning in all modules. Click here for illustrated instructions.
SLL Protocol filtering
If administration of the SSL protocol is needed, we recommend turning on Block communication that uses the certificate. From the main program window, press the F5 key. From the Advanced Setup window, click Antivirus and antispyware → Protocol filtering → SSL → Certificates → End certificate validity.
Update
We recommend you select Never restart computer and Never update program components. From the main program window, press the F5 key to open the Advanced Setup window. From the Advanced Setup tree, click Update → Setup and then select these options under the Update mode tab.
Tools
If the ThreatSense.Net Early Warning System is enabled, we recommend selecting the Submit without asking option. From the main program window, press the F5 key to open the Advanced Setup window. From the Advanced Setup tree, click Tools → ThreatSense.Net → Advanced setup… and select the Submit without asking option in the Suspicious files tab.
Email clients and issues
The lack of a graphical user interface results in a few changes to the way your ESET security product works with email clients:
You must configure your ESET security product not to ask for user action in alert messages, since the alerts will not appear. From the Advanced Setup window, click Antivirus and antispyware → Email client protection → Setup… and move the slider to Strict cleaning.
Also, you must add addresses into antispam lists (trusted addresses, spam, list of inclusions) remotely, since those options will not be available on the client terminal.
Some items on the ESET Antispam Toolbar drop-down menu in your email client will be inactive, such as Antispam setup, Address books and Help.
NOTE: Under certain circumstances, a Microsoft Outlook integration error can occur or an existing integration can stop functioning. Microsoft Outlook may display the following message:
"The Add-in ESET Outlook Plugin (C:\PROGRA~1\ESETESETNO~1\EPLGOU~1.DLL) cannot be loaded and has been disabled by Outlook. If no update is available, please uninstall the Add-in."
If this occurs, delete the extend.dat file of the user account with the error. By default, this file can be found in C:\Documents and Settings\Username\Local Settings\Application Data\Microsoft\Outlook. Outlook will automatically recreate the .dat file at the next application startup and the issue should not occur again. Other clients, such as Microsoft Outlook Express, Microsoft Windows Mail and Microsoft Windows Live Mail can also have very rare integration issues, often caused by the presence of another security program in addition to your ESET security product.
Scheduler
Schedules triggered by the User logon event trigger will not work without the graphical user interface because your ESET security product monitors the launch of egui.exe at user logon. If any of your scheduled tasks require user logon to start, reconfigure them to trigger on a different event. From the main program window, toggle your ESET security product to Advanced mode click Tools → Scheduler. In the Scheduler/Planner area, click on existing rules that launch at user logon and click Edit…. From the Edit task window, select an event trigger other than User logon, such as Every time computer starts or The first time the computer starts each day.
Personal firewall
Warning: ESET strongly discourages installations of ESET Smart Security on servers (and ESET Customer Care North America does not support such installations) for a number of reasons. A primary concern is that the ESET Personal firewall can block connections to the server, even those by an administrator seeking to modify the server after the installation. Below are suggestions for Personal firewall configuration that may be necessary on a computer running ESET Smart Security with egui.exe disabled.
Filtering mode
ESET recommends you use one of the following filtering modes: Automatic mode, Automatic mode with exceptions or Policy-based mode. Click here for more information about the Personal firewall filtering modes.
Rules and zones
ESET recommends you set your desired Personal firewall behavior when changing the network adapter settings. From the main program window, press the F5 key. From the Advanced Setup window, click Personal firewall → Rules and zones → Trusted zone → Setup… → Advanced settings…. and select Do not show the dialog with protection mode settings of the computer in the network.
Application modification detection
You will need to add trusted applications that update occasionally to the List of applications excluded from checking, since the user will not be able to see alert notifications asking if such updates are permitted. To exclude an application, open the Advanced Setup window and click Personal firewall → Application modification detection. Then, click Add… to add the list of applications that are allowed to update without being checked.
NOTE: You can disable Application modification detection entirely by deselecting Enable detection of application modifications check box in the Detect modification of network-aware applications area, but this will decrease the security of your computer.