Issue: When our customers would close their application PDS 9 it would hang, then EKRN.exe (their anti-virus product) would spike the CPU to 100%.
Solution: Using ProcMon.exe we were able to identify a conversation between ekrn.exe and c:\windows\pds9.ini. We simply created an exclusion for c:\windows\pds9.ini and that fixed it.
Notes: ESET was really pretty smart about it. We added an exclusion for c:\* (single star not *.*). That fixed it. We removed it then filtered down for "C:\Documents and settings\*", "C:\Program Files\*" then finally "C:\windows\*". Then we fired up Procmon.exe, set a filter of ( Path | contains | "c:\windows" ) then closed PDS9.exe. We instantly saw the conversation between ekrn and pds9.ini and knew what was wrong.
No comments:
Post a Comment