Hi,

just share with you something I've noticed.
ESS is running GREAT on my machine. Really haven't any problems except few issues when I had to reinstall ESS to Beta 2 (but more or less everybody here had those issues ;D )

What i saw is:
SOMETIMES ekrn.exe is using 100% of resources when I open Task Manager. THIS DOESN'T HAPPEN ALL THE TIME. I think this happens every second time I turn on comp, but although it is using 100% resources - I really don't have any "freezings" or "stopping" nor my applications run slower than usual.

I am fighting with thought that it actually doesn't uses that much resources, but TM sees that it does ???

Does this have any sense ???

EDIT:

I just did some investigation on this... and I'm NOT EXPERT, but after I killed ekrn.exe TCP connection to mail2.nextdaypc.com the CPU usage went back to 0% ???

Is this ESS in any way connected to that mail2.nextdaypc.com ??? If not why is my ekrn.exe communicating with this ???

I'm guessing its not NOD32 that's connecting to mail2.nextdaypc.com. Here's what's probably happening: another program is connecting to that address and ESS' firewall or web access protection is analyzing the connection or the data being exchanged. Terminating ekrn and noticing that the connection to the mentioned address makes sense since w/o "interference" (more like w/o protection) from ESS, the actual program connected to the address terminates as it probably has finished doing what it is doing.

Here's something you could do to investigate "who" is really connected to mail2.nextdaypc.com. You must do this when you are encountering what you have mentioned, before you terminate ekrn.exe:
- Start -> Run.
- Type "cmd" and click OK. Console will appear.
- Type "netstat -ao" and press Enter.
It will list all the connections (listening, connecting, connected, etc), ports, addresses, protocols, and PIDs (process id) (If you want IP addresses and don't want to resolve the name, type "netstat -ano"). Look for the address in the Foreign address and note the PID. Using the task manager, and make sure the PID field is showing, check the name of the program. Again, You must do this when you are encountering what you have mentioned, before you terminate ekrn.exe.

Good luck and happy hunting :)

regards.

thanks freesurfer.

I was using TCP View for that purpose :)

There stated that ekrn.exe is connected to that site. WHY? I just re-booted comp, with no opened browsers. I just turn on computer and connected to the net and I was looking what was happening - the ekrn.exe was comunicating with that address. I scaned for maleware or trojans - none was found. (I used one more Anti virus except NOD - just to be sure).

So those two questions are really bothering me: what is happening and why?

Something else must have connected to that site, hence you see ekrn.exe connected.

-{ Quote: "Something else must have connected to that site, hence you see ekrn.exe connected." }-

Yea, I figured that out, but I'm in a big trouble now - WHAT ???

I'm carefully monitoring all traffic now - I'll let you know why is this happening. The biggest worry is why it was using 100% resources while conected to THAT PARTICULAR address. I see now in TCP View several ekrn connections to addresses opened in FFOX, but resource usage is below 2%.

I'm waiting that address to pop-up one more time to see what is it about - I'll let you know.

thanks for help!