"ekrn.exe" Slowing up System on Importing/Exporting Files from Application

Discussion in 'ESET NOD32 Antivirus' started by PaulAdams, Jul 22, 2008.

Thread Status:
Not open for further replies.
  1. PaulAdams

    PaulAdams Registered Member

    Joined:
    Jul 22, 2008
    Posts:
    5
    Allot of my daily computer useage is importing and exporting graphic files from/to different applications. Until yesterday this worked as expected. For whatever reason now when I do this 'ekrn.exe' decides to goto 100% CPU for upto 10 seconds which locks the entire system. It's incredibly frustrating and never occured before.

    I updated to 3.0.669.0 in hope of it stopping but it doesn't. Whats going on?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Could you please check the content of the system temp folder? If there are thousands of files, it might slown down the scanning. Also, could you confirm that you haven't enabled advanced heuristics or runtime packers on file access in the real-time protection in the mean time?
     
  3. PaulAdams

    PaulAdams Registered Member

    Joined:
    Jul 22, 2008
    Posts:
    5
    The system temp folder seems normal to me.. 'Runtime Packers' and 'Advanced heuristics' *are* enabled under Real-Time File System Protection settings. However I didn't enable these manually so I presume they're supposed to be on?

    As I say, I haven't changed anything in the last few days.. this issue seems to have come from nowhere.
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    In a default install those settings have not been normally checked.

    Did you by chance adjust the default settings per this portion of the EAV 3.0 Tutorial or did you import the XML settings contained at the bottom of this post ?
     
  5. PaulAdams

    PaulAdams Registered Member

    Joined:
    Jul 22, 2008
    Posts:
    5
    No, I haven't. I've been using NOD for a couple of years now and recently renewed for the new version. In that time I've never changed or imported any settings other than telling it what to drive/s to Scan.

    If I tell the Setup to revert to default it still checks those boxes. That doesn't seem like something that should be unchecked by default. So it's perfectly safe to uncheck these boxes? If so I'll try that and see if there's a difference, however I'm now curious as to *why* they are enabled when I've not changed anything since the original install.
     
  6. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Just making sure I understand :doubt:

    Are you saying that after you "revert to default" the boxes remain checked ?

    If those boxes are checked, which is non default and you un-check those boxes but they remain unchecked after looking at them again, that sounds like that signed on user does not have administrative privileges to assure that the settings stick :doubt:

    That is a personal choice but I personally have found no need to alter certain Eset default settings, these being discussed in particular.
     
  7. PaulAdams

    PaulAdams Registered Member

    Joined:
    Jul 22, 2008
    Posts:
    5
    If I manually *uncheck* the boxes. Then 'Revert All Settings to Default' it re-checks them. Are you saying it shouldn't do this? I'm not confused.
     
  8. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    I'm not confused either. What I'm saying is that with the .699 build I downloaded from Eset and all the builds downloaded from Eset that have come out since 3.0 inception, that 'Runtime Packers' and 'Advanced heuristics' are un-checked by default.

    DefaultNod32.JPG
     
  9. PaulAdams

    PaulAdams Registered Member

    Joined:
    Jul 22, 2008
    Posts:
    5
    I meant to say I'm *now* confused. Not 'not confused'. :)

    Anyway, yeah.. they're *off* in the 'setup' submenu or Real-Time File System Protection. I was looking at the box just below that.. 'Additional Threatsense parameters' which has Runtime packers and Advanced heuristics and they are *checked* there. My mistake.

    However, the fact that they are off begs the question as to what else is causing this issue.
     
Thread Status:
Not open for further replies.