Jump to content

eset loads a hard drive


Recommended Posts

Good afternoon, several of our employees went to work remotely, they connect via rdp to their work PC in the office, after that on some PCs the eset began to load the hard disk by 100%, I can't understand why it behaves this way, with local work in the office, everything returns to normal

1.png

eea_logs.zip

Link to comment
Share on other sites

  • Administrators

We'll need an advanced operating system log esetperf.etl from time when the issue occurs. You can enable advanced OS logging in the advanced setup -> tools -> diagnostics.

Keep it logging for 2-3 minutes, then disable logging and collect fresh logs with ESET Log Collector. Since the archive will be probably too big to upload it here, upload it to a safe location and drop me a personal message with a download link.

Your Endpoint is misconfigured. The following settings should be enabled or changed to defaults:

- detection of pot. unsafe applications (recommend is on, important from security POV)
- Advanced heuristics on newly created or modified files (on by default, important from security POV)
-Advanced heuristics on file execution  (on by default, important from security POV)
- Detection exclusions - too many of them, all are incorrect, remove them
- Network attack protection (IDS) (on by default, important from security POV)
- Regular automatic update - upd is checked every 4 hours, recommended is to use the default 60 min. interval
- Automatic startup file check (after logon) (on by default, important from security POV)
- Automatic startup file check (after update) (on by default, important from security POV)
- Excluded processes - too many processes are excluded, even processes run from the temp folder are excluded, remove all process exclusions

If you have issues if no exclusions are set, let us know please.

Link to comment
Share on other sites

hello Marcos! yesterday I sent you a link to the log file in a personal message, as you asked, did you get it?

Link to comment
Share on other sites

  • Administrators

Does adding D:\data\Documentation\Gxl\Gxxxrc to performance exclusions make a difference? Some letters were replaced with "x".

Link to comment
Share on other sites

  • Administrators

Please provide fresh ELC logs to make sure that the folder is correctly excluded. According to the log provided most of time was spent by reading files that should be excluded now:

image.png

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...