Justin 0 Posted September 28, 2018 Share Posted September 28, 2018 Hi, ESET 7 scan is utilizing 100 % disk usage on one of our user laptops.I have the procmon log with me and its size is 177 MB. Regards Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted September 28, 2018 Administrators Share Posted September 28, 2018 A Procmon log is not useful in this case. You didn't mention if there are some other programs running and what CPU is used. On one-core systems the CPU may reach 100% utilization during a scan. If the system is not under a heavy load, you should not experience 100% cpu utilization during a scan. Also try running a smart scan (ie. without scanning archives) if it makes a difference. Link to comment Share on other sites More sharing options...
Justin 0 Posted September 28, 2018 Author Share Posted September 28, 2018 Hi Marcos, I was referring to disk usage. Disk usage reduces once we stop the scan. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted September 28, 2018 Administrators Share Posted September 28, 2018 Try running a scan without scanning archives. When scanning archives, they are unpacked to the temporary folder and then scanned. After a file has been scanned, it's deleted from the temp folder. Link to comment Share on other sites More sharing options...
Justin 0 Posted September 28, 2018 Author Share Posted September 28, 2018 Ok let me check . I'm seeing lot of Read entries to following path in procmon.Should i be worried about this file. C:\ProgramData\ESET\ESET Endpoint Antivirus\Logs\hipslog.dat Link to comment Share on other sites More sharing options...
Justin 0 Posted October 3, 2018 Author Share Posted October 3, 2018 On 9/28/2018 at 5:24 PM, Marcos said: Try running a scan without scanning archives. When scanning archives, they are unpacked to the temporary folder and then scanned. After a file has been scanned, it's deleted from the temp folder. Are you referring to self extracting archives option? Link to comment Share on other sites More sharing options...
itman 1,746 Posted October 3, 2018 Share Posted October 3, 2018 On 9/28/2018 at 8:07 AM, Justin said: I'm seeing lot of Read entries to following path in procmon.Should i be worried about this file. C:\ProgramData\ESET\ESET Endpoint Antivirus\Logs\hipslog.dat Open your Eset HIPS log and see how many entries exist. If an excessive number exist, start deleting older entries. XXLMandalorian 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted October 3, 2018 Administrators Share Posted October 3, 2018 Make sure that you have logging of all blocked operations disabled in the advanced HIPS setup. If the HIPS log contains too many records, you can delete the appropriate dat file in safe mode. XXLMandalorian 1 Link to comment Share on other sites More sharing options...
Recommended Posts