.ekrn is being a resource hog in 3.0.621.

I have had Nod32 for almost a year now a really love it but ever since I upgraded to version 3.0 a few weeks ago I really dislike how .ekrn goes to 99 percent all the time.

I only have a gig of ram but have very few things running in the background. My comp has no problem handlling other programs but .ekrn is always acting up.

I imagine it has to do with file monitor based on what I have seen.

Any ideas why its being like this? I had no such problems in version 2.70

 

Have you chenged the default settings, in particular advanced heuristics and runtime packers in the real-time file system protection setup? Is your EAV fully up to date?

 

same problem here also. it was working fine last week until last night i noticed that it was taking the cpu utilization was 100% when i went to process manager i found that ekrn.exe was giving the problem. i tried to end the process and it was fine. then after 5 mins problem keep coming back again. i notice that this is happening when my outlook is trying to send/recieve.

 

They just released an update that fixed a problem with Firefox for me that gave 100% CPU usage.

Is your virus database signature 2787?

 

Hmm mine stays at 29,356 k , downloading, uploading or sending and recieving but i dont use firefox.

 

Yes, i have modified the default settings but I always do.

Should i turn off run time packets or what other things?

I noticed some improvement by disabling the "scan when open" for file it still hangs up just not as bad as before.

I currently have signature 2788 and my NOD 32 is always updating as its set to auto update.

 

I'd try the defaults. At least for me they work the best, that's very well.

 

Good day,

Finally, a post about high CPU usage

Here's one possible scenario: a program is constantly updating a file and ekrn.exe is, as expected, constantly scanning it.

Try this: get Process Explorer (from sysinternals; it's like a Task Manager on steroids ). When you load it, look for ekrn.exe and single-click it. Click View (menu) -> Show Lower Pane. Click View -> Lower Pane View -> Handles. The main window will be split horizontally w/ the bottom showing the list of handles ekrn.exe currently owns/uses. If you do this when ekrn.exe is using a great deal of CPU even though you, or any of your program, are not doing anything, if my assumptions are correct, a file/several files will be hilighted (just don't forget to look for it as the list could be long).

What happened to me, was that several months ago, I had experienced this while I was in the process of testing several softwares. When I investigated why ekrn.exe was busy as hell, I found out that it kept scanning one file. That file turned-out to be a log file w/c happens to be in constant update. So what I did was exclude that file from scanning (since I know its just a log file, I double-checked, and that it was part of the program I was testing, w/c one? I can't recall) and ekrn.exe relaxed.

Please do as what I had just suggested and share what happens .

Regards.

 

I am (was) having same 100% cpu with 3.0.621 and Vista home premium and IE. FYI, I was using all defaults. It started occuring about a week ago, and after I figured it out that .ekrn, I uninstalled 3.0 and went back to 2.7, which is working fine with low cpu.

Using defaults shouldn't produce 100% cpu in my opinion.

What am I missing by staying with 2.7 for now?

 

V2 and ESS/EAV are same in terms of detection / scanning capabilities. The only explanation for this behavior that occurs me is that you enabled advanced heuristics and (or) runtime packers on create. V2 doesn't support this option.

 

Here is screenshot from 2.7 AMON which shows "advanced heuristics" which I have disabled. V2 doesn't support this option?

 

Marcos was referring to your "100% cpu with 3.0.621 and Vista home premium and IE" problem when he questioned if you had enabled advanced heuristics and (or) runtime packers on create selected.

Your picture shows Heuristics checked and no, 2.7 does not have "advanced heuristics" , just Heuristics.Incorrect statement

If you have not tried EAV 3.0, I highly recommend you do.

Bubba

 

In the bottom half of the screenshot is the "Additional Options on Create" which has the box "Advanced Heuristics" unchecked. (ver 2.7) Is that what you meant?

Yes, I tried EAV 3.0 for several weeks until I got the 100% cpu problem, then went back to 2.7.

 

Well, i figured out that it seems to have been the "scan on file open" unddr realtime protection because after disabling this the problem has subsided except when occasionally opening a very large folder I can tell lag from Nod 32 scanning it (E.G. A folder that has many video clips will cause it to lag for a bit).

This is logical as nod32 must have been scanning any little change where a file or folder was being opened.

In version 2.7, i had all the options enabled but never had this problem. I don't think it was the advanced heuristics which caused the problem unless its a problem specific to version 3.0. I don't even remember a "scan when opened" type of option under version 2.7.

Anyway, all is working great now. I'm sure I could eliminate the occasional lag by getting rid of run packers or advanced hueristics but I'd rather just leave well enough alone.

Thanks for all the help so far

 

Yeah...... Bubba you are wrong !

i am (censored) too about ekrn cpu usage, it is better (shorter in time...) after a window update but..... i experienced again an again this 99% cpu usage at startup, while dowloading....
https://www.wilderssecurity.com/showthread.php?t=195980&highlight=ekrn.exe

...... thinking about going back to v2.7..... grrrrrr V2 is so sweet, no lag..... always low foot print at windows startup. V3 is far away

 

Ok....can I have the rest of the day off for making a mistake
Actually there was a mis-understanding on my part of what john2222 was actually referring to

 

ok...

BTW, I uninstalled nod32 v3 yesterday, just wanna feel good again with v2.7 for a while