I'll preface this with the statement that I'm certain there are multiple causes for all the high ekrn.exe CPU issues people have encountered. But I also believe that what I've discovered may be at least part of the cause for some of the issues. My problem was high ekrn.exe CPU when logging into any userid on any of my computers. Utilization was high throughout the login process. To troubleshoot the problem, I used SysInternals 'procmon' to monitor what ekrn.exe was doing during the login. I found that it was repeatedly reading a 6+ MB file in its entirety. The file turned out to be the log file for ProcessGuard (yes, I know it's obsolete, but it plays a role in the multi-layer security approach I use). ProcessGuard appended information to the log file every time it allowed a program to run or blocked a program from running. Every time it appended info to the log, ekrn.exe read the entire 6+ MB file. There are a LOT of apps that start during login, so ekrn.exe was VERY busy reading this large file over and over in its entirety. I excluded TXT extensions from real time scanning and logins went much faster! I've also observed the same ekrn.exe behavior (read a file in its entirety) for .ini and .log files - so I've excluded these extensions as well. The bottom line is that 'procmon' can be a valuable tool to see what is going on when ekrn.exe is burning a lot of CPU. The specific cause(s) for your problems will likely be different, depending on the software you've installed, but 'procmon' may give you insight into what is going on and provide clues about how to mitigate it. I'd also be curious to see what, if any, comments the ESET developers would have with respect to the necessity of reading .txt, .log, .ini, etc files as a part of real time threat scanning - especially when there are situations where this can cause significant CPU consumption and performance impact when they are large and/or read repeatedly.