Congratulations!

Discussion in 'ESET NOD32 Antivirus v4 Beta Forum' started by DarkButterfly, Dec 6, 2008.

Thread Status:
Not open for further replies.
  1. DarkButterfly

    DarkButterfly Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    82
    Congratulations! (I take it back!)

    These are just my 2 cents, but, so far I am enjoying every second of nod32!!! No more 100% CPU usage with this version! I also like the UI.

    Just one question, as I still haven't had the time for it - Is it now possible to import block lists of website bigger than 64kb?

    Thanks

    All the best! Keep up the great work done so far!
     
    Last edited: Dec 9, 2008
  2. DarkButterfly

    DarkButterfly Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    82
    Re: Congratulations! [But this is not an A! Rather a B and it used to be a C!]

    Well, some news.

    By the time I wrote my previous post, I had NOD32 set with pretty much nothing more than the default settings. I saw no 100% CPU usage. That was great!

    Today, I set with maximum protection settings, except the "Advanced heuristics on file execution". No 100% CPU usage. That's great!

    I then set NOD32 with the previous setting selected. There is no 100% CPU usage, but, there is an initial huge CPU usage that gets decreased ~ 1,5 - 2 mins later. There's also a slight slow down when opening, for example, the start menu program folders for the first time, after booting the system. That's not so bad at all.

    This happens in one of my systems.

    But, in one other system, well, with default settings NOD32 runs just fine, but if I set it with maximum protection (less "Advanced heuristics on file execution"), then on next reboot the system crawls. If I set the previous feature on, will crawl even more.

    I do have a tool that monitors processes and if they make a tremendous use of CPU, them it lowers it. That's the only way I found to control, more or less, such issue.

    So, I'll just give a B to Eset, by now. But, I do hope to give it a A!!!
     
  3. DarkButterfly

    DarkButterfly Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    82
    I take it back!! It seems I talked to soon... The CPU spike started all over again.

    It happens only if I set NOD32 for maximum settings. Still, it clearly happens.

    I thought the problem was solved and was quite happy about it, but, well, it was of short time. I got to learn not to speak before time.
     
  4. gisuck

    gisuck Registered Member

    Joined:
    Nov 4, 2008
    Posts:
    56
    Hi DarkButterfly,

    Just some tips on the 100% CPU. I had that problem at one time. I was able to track down the problem by using Microsoft's "Process Monitor." Found out that ESET was continually scanning a Java install.

    I guess it was a corrupt file, because reinstalling Java on my system fixed the problem and I never saw the bug again.
     
  5. DarkButterfly

    DarkButterfly Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    82
    I wanted to do that, but the 100% CPU usage won't let me do a damn thing. How am I suppose to know what processes/files I can exclude from NOD32, if I can't even work with Process Monitor?

    The only way to know what process(es)/file(s) is/are causing erkn.exe to use 100% CPU is to be able to monitor it while it happens, right?

    Thanks for your feedback!

    P.S: By the way, a week ago or something like, I saw an article about Process Monitor explaining that we should look at the unsuccessful "something" (don't recall).

    If for some miracle, I manage to use Process Monitor, is that what I need to look for, related to ekrn.exe?
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Like I said in the old 100% CPU usage thread, turn off advanced heuristics everywhere apart from the on-demand scan. Then in v4 you can use the statistics pane to see where it crashes/goes to 100% cpu usage by performing a system scan.
     
  7. gisuck

    gisuck Registered Member

    Joined:
    Nov 4, 2008
    Posts:
    56

    Sure, the way I did it is this.

    If you disable all realtime protection, evetually the process will calm down. I know it takes a moment or two for this to happen; to disable realtime protection even, but it can be done.

    Once realtime protection is disabled, fire up Process Monitor. and put it into full screen window so you can see everything. You'll want to make sure your computer is at least calm, generating low noise so you can at least see abnormal behaviour. You might even want to clear the current buffer as soon as things calms down.

    Enable realtime protection and see if you get it to 100% itself. I don't know if it will do the same for you, but you might notice that Nod will generate a whack load of temp files in C:\Windows\Temp\NOD(a bunch of numbers here).tmp in the Process Monitor log. I think this happens when NOD is unpacking a file to scan files within the packaged file.

    Disable real time protection yet again. Once again, it may take a minute or two for things to calm down, but eventually your computer will return to normal. Disable capturing of logs on Process Monitor, then backtrack in the logs.

    You may notice a pattern where ESET is scanning a file before going into a loop by creating files in C:\Windows\Temp\NOD...etc. For me, it was constantly scanning a file called rt.jar which was a Java library file. When we trialed ESET in our office, it was some different file that was in MSOCache (MS Office.) Reinstalling the offending product always seemed to have resolved our issues.
     
Thread Status:
Not open for further replies.