Editer l'article Suivre ce blog Administration + Créer mon blog
14 octobre 2009 3 14 /10 /octobre /2009 23:50
As everybody would say, an antivirus is not supposed to take all the system ressources.
Taking that into account, I tested ESET Nod on my computers, because I knew it was said to prove quite reasonable memory and CPU usage.

Anyway, this was about real time protection, certainly just for a few hours long, right. But, what if I let my laptop running for days? That should not be a problem.

Nonetheless, I noticed that my computer was becoming really slower, with an almost permanent disk access. I decided to investigate a little bit about it, SysInternals tools are my friends.

Here is what I found out: the ESET modules were permanently accessing my HDD, ang generating SWAP activity.

The reason? It may be in the following screenshot:
As the ProcessExplorer's GUI says, the "ekrn.exe" binary (standing for ESET Kernel?) takes more than 750 MB of memory (virtual memory)!
This is quite strange, even abnormal. Just enough to stuck user's applications.

Since I use a limited user account (and I'll talk also about that later), the ProcessExplorer information window is not complete, as you can see:
This screenshot also tells how long the "ekrn.exe" module had run before I noticed its memory usage: it's about a month... (well, yeah, my laptop even works for me during the night... and the day... :) this can be also true for professional stations that are not shut down at night)

If that helps (the guys at ESET for example?), here is my config:
- Lenovo SL500
- Vista SP2, full patched
- Nod32 AV 3.0.684.0

Thus, to me and until I get a proof of the contrary, I think there is a memory leak in the "ekrn.exe" module of Nod32 Antivirus.

Partager cet article