Jump to content

100% Read Hard Disk utilization on eScan dat Log files

pps

By pps
in ESET Endpoint Products

 Share

Recommended Posts

pps

pps 4

Posted
Posted

Hello,

I used the resource monitor of windows task manager and find out that workstations have 100% read utilization on the dat files inside folder c:\ProgramData\ESET\ESET Endpoint Security\Logs\eScan.

image.png.bcbd07edb44626e6fedb294a8c119791.png

It seems that eset for some reason is keep reading the files as result workstations have 100% read utilization. The most files are from October of 2017 and I don't see the reason why eset uses them.

a)How I can stop eset from using these files, which setting it is from the ERA console?

b)What is the purpose of this dat files and why eset is still using them?

PS: Setting in Antivirus -> (Real-time file system protection / On-demand computer scan / Idle-state scanning /Startup scan /Document protection)  -> THREATSENSE PARAMETERS -> OTHER: Log all objects is disabled by the policy.

PS2: Setting in Web access protection -> Log all objects is disabled too.

PS3: As a temp workaround  workstation I renamed the eScan folder to eScan.old

 

Thanks,

Peter

 

image.thumb.png.06d4f3c1efcd592c8403e1192872e047.png

 

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Delete the file \Logs\eScan\ndl24570.dat or better all files in the escan folder if you don't need on-demand scan log details. Most likely you had logging of all scanned files enabled last year which caused large logs to be generated.

Link to comment
Share on other sites
pps

pps 4

Posted
  • Author
Posted (edited)

Hello Marcos,

 

Thanks for the prompt reply. The problem is not on the dat files in the eScan folder but eset that stills using them by reading them non stop.

The difficulty is that there is no way to tell for this issue before the user reports the slowdown in his workstation and also it is time consuming to inspect all the workstations one by one if the dat files exist in the Logs folder.

 

  1. There is some option from inside ERA console that clear automatically this log files?
  2. Is there any option to stop eset from using this files (on demand logging is disabled), if yes what will be the drawbacks?

PS: It seems that the eScan folder is used not by the antivirus but from the firewall ( I cannot rename it until I passed the firewall)

Thanks,

Peter

 

Edited by pps
more info
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...