High CPU usage

JohnyRicio · January 15

Hi,

I have and issue with Internet security. Very often it use 14% of CPU. And by this SW is freezed my Google chrome when I browsing the internet. I tried to of it and it starts to work. When I turn on back again, the issue is back.

Please help me to solve this issue. Logs are attached.

Logs.zip

Marcos · January 16

You have a CoinMiner installed in C:\Program Files (x86)\EasyMiner.

Does uninstalling it make a difference?

JohnyRicio · January 16

2 hours ago, Marcos said:

You have a CoinMiner installed in C:\Program Files (x86)\EasyMiner.

Does uninstalling it make a difference?

No, I don't have it. I had it, but I uninstall them few day ago. This issue happening longer and still occurring.

Marcos · January 16

Please carry on as follows:
- reproduce the issue
- enable advanced oper. system logging in the adv. setup -> tools -> diagnostics
- after approx. 1 minute disable logging
- collect logs with ESET Log Collector, upload the generated archive to a safe location and drop me a personal message with a a download link.

JohnyRicio · January 16

PM was send. Thank you.

Marcos · January 16

Looks like you didn't enable advanced operating system logging as instructed. The Diagnostics folder was empty, esetperf.etl log was missing.

Please remove from detection exclusions:

Win32/CoinMiner.DP potentially unwanted application @ C:\Program Files (x86)\EasyMiner\cudaminer\ccminer.exe
Win32/CoinMiner.DP potentially unwanted application @ *
Win32/CoinMiner.BV potentially unwanted application @ C:\Program Files (x86)\EasyMiner\cpuminer-x32\minerd.exe
Win32/CoinMiner.BV potentially unwanted application @ *

Enable detection of potentially unsafe applications, just in case.

You have a problem with LiveGrid. Access to LiveGrid servers is probably blocked by a firewall. Please make sure that the CloudCar test file is detected upon download: http://amtso.eicar.org/cloudcar.exe

JohnyRicio · January 16

2 hours ago, Marcos said:

Looks like you didn't enable advanced operating system logging as instructed. The Diagnostics folder was empty, esetperf.etl log was missing.

Please remove from detection exclusions:

Win32/CoinMiner.DP potentially unwanted application @ C:\Program Files (x86)\EasyMiner\cudaminer\ccminer.exe
Win32/CoinMiner.DP potentially unwanted application @ *
Win32/CoinMiner.BV potentially unwanted application @ C:\Program Files (x86)\EasyMiner\cpuminer-x32\minerd.exe
Win32/CoinMiner.BV potentially unwanted application @ *

Enable detection of potentially unsafe applications, just in case.

You have a problem with LiveGrid. Access to LiveGrid servers is probably blocked by a firewall. Please make sure that the CloudCar test file is detected upon download: hxxp://amtso.eicar.org/cloudcar.exe

In PM you will find new logs.

About cloucar.exe this was detected and removed by eset SW.

After remove easyMiner from excluding for check the issue stil occurring.

Marcos · January 16

For some reason esetperf.etl is still missing:

C:\ProgramData\ESET\ESET Security\Diagnostics\
0 files 0 bytes

Did you actually enable advanced OS logging, reproduced the issue and disabled logging prior to collecting logs?

JohnyRicio · January 16

25 minutes ago, Marcos said:

For some reason esetperf.etl is still missing:

C:\ProgramData\ESET\ESET Security\Diagnostics\
0 files 0 bytes

Did you actually enable advanced OS logging, reproduced the issue and disabled logging prior to collecting logs?

On the same link you will find new logs. Now there is you requered file.

Marcos · January 16

Still no joy. Make sure that you enable advanced oper. system logging prior to reproducing the issue and disable it prior to collecting logs. It will be enough just to provide C:\ProgramData\ESET\ESET Security\Diagnostics\EsetPerf.etl.

JohnyRicio · January 16

I don't understand why it is not there... Anyway I upload file alone under same link...

Marcos · January 16

The log was extremely large (23 GB), opening it paralyzed my machine for more than an hour. As I've asked, please do not leave advanced OS logging enabled for more than a minute and compress the log next time.

Try the following:
1, Use automatic firewall mode. Currently you use interactive mode and have more than 1500 rules created. Try the following:
- export the current configuration
- switch the firewall to automatic mode
- delete all custom rules

If that doesn't help, try uninstalling ESET and installing it from scratch without changing default settings.

2, PhpStorm was another CPU intensive process. Please make sure it's not running when trying to troubleshoot CPU utilization issues.

JohnyRicio · January 17

When I switch FW to automatic mode, issue is away, but I want to have a control under roles. Is there a way how to have enabled my rules?

PHPStorm is another issue and I don't need to solve it now.

Thank you.

Marcos · January 19

In following versions of the firewall module we plan to optimize processes connected with evaluation of executables used in rules which should mitigate CPU usage when many fw rules exist and interactive mode is used.

Sign In

High CPU usage

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Join the conversation

Recently Browsing 0 members

FAQ

Topics