How can I find out what ekrn is doing?

Discussion in 'ESET NOD32 Antivirus' started by AndyBonn, Oct 27, 2008.

Thread Status:
Not open for further replies.
  1. AndyBonn

    AndyBonn Registered Member

    Joined:
    Oct 28, 2006
    Posts:
    15
    Hi,

    A while back I noticed that AMON was causing my PC to slow down and finally come to a halt. I posted the problem here and was told that there was a new version, NOD3, which would solve my problem.

    I installed the new version and was overjoyed as everything that made me decide on NOD initially was true again.

    But now it is happening all over again. It is 09:00. I start noticing a lag and then a delay and I open up the TaskManager to find ekrn.exe using between 50 and 70% CPU. Memory usage is right at the top there. I open NOD and see it is performing a scan. No idea exactly when it started the scan, but progress is at 96%, so it should soon be finished. That was 8 hours ago. The system becomes slower and slower. Now, 22:30, I could not even switch windows any more to see where it was, so switched the machine off. The last time I looked it was inspecting the service pack files.

    I read all 100% CPU threads here, but my problem is not a spike, it is a worsening situation over many hours.

    How can I, a normal user, find out what is going on?

    Can a scan really take over 14 hours?

    Thanks for any help as I'd hate to loose NOD.

    //AndyB
     
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    You mentioned AMON, so I am assuming you are using NOD32 v2.70. Is that correct?

    Regards,

    Aryeh Goretsky
     
  3. AndyBonn

    AndyBonn Registered Member

    Joined:
    Oct 28, 2006
    Posts:
    15
    No. AMON was in the first part of the first sentence. In the second part I said I was told about NOD3.

    In my second sentence I wrote that I installed the new version.

    I am on 3.0.672.0
     
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    There is a newer build out, v3.0.684.0, which you can try installing, however, I do not believe any of the changes in it will make a difference for this issue.

    What might help is if you tried installing ESET NOD32 Antivirus v4.0 public beta 1, which is available from http://beta.eset.com/. In addition to optimizations for processor utilizations, it also contains better mechanisms to determine which files are being accessed and so forth. Despite being labeled "beta" it is stable with no major issues.

    Regards,

    Aryeh Goretsky
     
  5. AndyBonn

    AndyBonn Registered Member

    Joined:
    Oct 28, 2006
    Posts:
    15
    Thanks for the pointer.

    I will go and try it once I get back home. Strangely, this has not occurred again, so it seems, different factors have to come together for this to happen.

    Cheers

    //AndyB
     
  6. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Download filemon http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx and set up a process filter so you only see disk activity coming from ekrn.exe. Look for what it is getting hung up on scanning (these are typically from database applications or log files where file locking conflicts occur) and set up scanning exceptions for what is giving you grief.
     
Thread Status:
Not open for further replies.