Is there a way to lower cpu usage of ekrn.exe?

Discussion in 'ESET NOD32 Antivirus' started by sweater, Jun 28, 2011.

Thread Status:
Not open for further replies.
  1. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    Sometimes ekrn.exe usage goes up that cpu usage goes up. My pc was still P4 xp sp3 with only 760MB RAM .

    Are there any new tricks to lower cpu usage on this thing?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Do you observe higher cpu usage in the idle state or when you're running an on-demand scan? What CPU do you use?
     
  3. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    You could try to force windows core to RAM but that is only effective if you have at least 1GB of RAM and you are on Vista and Windows 7.

    None of those ideas will work with your setup sadly.

    Try to exclude as many exe's and files that don't need scanning in ESET like your AV's and other security tools in case they are slowing it down.

    Is adding a memory chip is possible? I suspect ESET is overtaxing your pc 4.

    My ekrn.exe (32bit) at Beta 5 takes 84,544K working set memory and 160,456K peak memory even with my windows core forced to memory.

    BUT it's reads and writes are 3,000,000 and 2,000,000 over 6 hours.
     
  4. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Setting file size and nesting limits on the archive scanning module would give you the most noticeable reduction in CPU consumption without drastically reducing security. I would say start there.
     
  5. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    What do u really mean by that? Pls..give me some details. :doubt:
     
  6. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Archive scanning in general is CPU intensive because it has to run the decompression before it can scan contents. Archives themselves generally are not malicious, but they can contain files that are. But those will be scanned anyway as they are extracted/executed, so scanning the archive can give you a little more advanced notice that something bad is there but generally it is a redundant scan. If you're working with a limited resource system, I would try setting the archive scan settings for the real-time scanner to stop at 3 nesting levels and archives greater than 50MB and then tune from there.
     
  7. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    ESET products dont support process exclusions, only file exclusions

    any slowdown caused by other security tools cannot be avoided
     
  8. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    No it is possible.

    When you go into eset advanced setting click on exclusions and then just enter the path to the program you want to exclude example:

    C:\Program File\SUPERAntiSpyware\*.*

    as well user needs have SUPERAntiSpyware exclude Eset in the same way.

    In my case eset exludes 5 paths related to security products.
     
  9. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    Escalader, I have done this, tnx.

    Did you exclude the whole program folder....like SuperAntispyware folder?
     
    Last edited: Jul 2, 2011
  10. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    I didn't know this then...:rolleyes: , tnx for the info Smacky.

    By the way, how many numbers of nesting levels of the archives can NOD32 can go by default? Coz I was then thinking that at nesting level 3 this could be very "thin" and don't go that deep. Is this the "in-between" level?

    Actually, I was also worried bout warning that NOD32 given in their site bout this thing:

    http://kb.eset.com/esetkb/index?page=content&id=SOLN228

    Can I just change the settings in the real-time file system protection scanner? And don't change the on-demand scanner settings so that it'll scan everything in default during on-demand scans?
     
    Last edited: Jul 2, 2011
  11. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Yes, I find some of these products have multiple exe's so in those cases I exclude the folder. IF I know the exe for dead sure I just exclude that one.
     
Thread Status:
Not open for further replies.