Ashserv using up CPU

system · 2007-09-10T17:35:23.000Z

I’ve happily used Avast for years now, but recently it is sucking up all my CPU. (Anywhere from 75% to 99%)
I know what is causing it, I just don’t know how to fix it. The avast! icon is spinning in they systray which I know means that it is scanning something. It is the Standard Shield scanning my Trend Micro Anti-Spyware (I checked in the details). It locks up my computer sometimes whenever I try to do anything. How do I make it stop doing that? My pc has slowed to a crawl. I’m not doing anything in particular when it happens (which is almost all the time). Most of the time, I am just trying to check my email or forum. This only started a couple of months ago but has gotten much worse and more frequent these last two weeks.

http://i76.photobucket.com/albums/j20/Beylia/other%20stuff/cpuusage.png

Any help is greatly appreciated. Thank you.

DavidR · 2007-09-10T18:24:50.000Z

Well would you care to tell us what is causing it ?

It isn’t just saying that ashServ.exe is using the CPU, what we need to determine is what is the activity it is scanning.

Is this Trend anti-spyware part of a suite ?
Have (or did) you another AV installed in this system, if so what was it and how did you get rid of it ?

Edit:
Vlk, always says that the guidelines for solving of the problem “ashServ.exe using too much CPU” has always been the same:

Check if the avast tray icon is spinning (while CPU usage is high)
If it is, click it (wait for the dialog box to open), and check which file is being scanned (the Last Scanned field); the Scanned Count value should be increasing (spinning icon means a scan is in progress)
Find out which of the providers is scanning the file (click “Details” button and check out the Last Scanned value for each of the providers). The most common providers that may cause this are Standard Shield, P2P Shield and IM Shield.

system · 2007-09-10T19:03:25.000Z

DavidR post:2:

Well would you care to tell us what is causing it ?

C:/Program Files/Trend Micro/Tmasy/ssapi.log
That is what it has been scanning. As I said earlier, it’s Trend Micro Anti-Spyware 3.5

It isn't just saying that ashServ.exe is using the CPU, what we need to determine is what is the activity it is scanning.

I know that.

Is this Trend anti-spyware part of a suite ? Have (or did) you another AV installed in this system, if so what was it and how did you get rid of it ?

Trend Micro Anti-Spyware is a stand alone program as far as I know. When I first bought this pc 2 years ago, they had a Norton trial installed on it. I uninstalled it when it was finished its trial and used CCleaner afterwards which removed the registry keys, etc.

Edit: Vlk, always says that the guidelines for solving of the problem "ashServ.exe using too much CPU" has always been the same: 1. Check if the avast tray icon is spinning (while CPU usage is high) 2. If it is, click it (wait for the dialog box to open), and check which file is being scanned (the Last Scanned field); the Scanned Count value should be increasing (spinning icon means a scan is in progress) 3. Find out which of the providers is scanning the file (click "Details" button and check out the Last Scanned value for each of the providers). The most common providers that may cause this are Standard Shield, P2P Shield and IM Shield.

This is how I found out what it was scanning in the first place.

Lisandro · 2007-09-10T19:30:06.000Z

Beylia post:3:

C:/Program Files/Trend Micro/Tmasy/ssapi.log

What happens if you add this file to the Exclusion lists?

For the Standard Shield provider (on-access scanning):
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button…

For the other providers (on-demand scanning such as the screen-saver or the Simple User Interface):
Right click the ‘a’ blue icon, click Program Settings.
Go to Exclusions tab and click on Add button…

system · 2007-09-10T19:51:04.000Z

Thanks Tech. I’m going to try that and let you know. I wasn’t sure if it was okay to put that file in the exclusion list. I’ve never had to do that before and didn’t know if it would affect Trend Micro at all.

Update: So far so good. Thanks for all of your help. It is much appreciated. I’ve never seen Avast do that before.

Silly question: That shouldn’t do anything to Trend Micro right? It should only stop Avast from scanning that file?

Vlk · 2007-09-10T20:09:20.000Z

Well by default, LOG files are in the Standard Shield’s exclusion set (*.log). Have you tweaked the default settings in any way?

Thanks
Vlk

system · 2007-09-10T20:10:05.000Z

Nope haven’t tweaked it all. Still the same as when I first installed it.

Vlk · 2007-09-10T20:12:01.000Z

Can you check the list of exclusions that it really contains the *.log entry?
(follow Tech’s instructions to get to the exclusion list).

Thanks
Vlk

system · 2007-09-10T20:14:39.000Z

I checked and I didn’t see anything in the list that ended with *log besides the Trend Micro one that I put in.

It only started getting really bad a couple of weeks ago after a update. Could that have something to do with it?

Lisandro · 2007-09-10T20:21:07.000Z

Beylia post:5:

I’ve never had to do that before

There is always a first time…

Beylia post:5:

and didn’t know if it would affect Trend Micro at all.

It shouldn’t…

Beylia post:5:

That shouldn’t do anything to Trend Micro right? It should only stop Avast from scanning that file?

Yes.

Vlk post:8:

Can you check the list of exclusions that it really contains the *.log entry?

I don’t have it by default either…

DavidR · 2007-09-10T21:37:38.000Z

Well the *.log entry is in my standard shield exclusions and I certainly didn’t add it.

Lisandro · 2007-09-10T21:56:52.000Z

DavidR post:11:

Well the *.log entry is in my standard shield exclusions and I certainly didn’t add it.

Well, I’m checking on Vista and they’re not there.
Can you post your full list David?

DavidR · 2007-09-10T22:04:37.000Z

This isn’t easily done because you can’t expand the window to display all of them (there are a lot) and you can’t copy the list.

Lisandro · 2007-09-10T22:13:49.000Z

DavidR post:13:

This isn’t easily done because you can’t expand the window to display all of them (there are a lot) and you can’t copy the list.

f2 will allow to rename, you can copy from there… ok, a little extra-work ;D

DavidR · 2007-09-10T22:22:10.000Z

?:\PAGEFILE.SYS - I can’t recall if I put that there or not, but it takes care of my two pagefiles.
*.TXT
*.LOG
*.INI
C:\WINDOWS\TEMP*.TMP
_AVAST4_\UNP.TMP
C:\WINDOWS\WINSXS*.MANIFEST
C:\WINDOWS\WINSXS*.CAT
C:\WINDOWS\WINSXS*.POLICY
*\EDB.CHK
C:*\XJ8OV5FX.DEFCSC*.TMP

C:\WINDOWS\CSC\?0??????

to avoid the ??? smiley

Lisandro · 2007-09-10T22:31:22.000Z

DavidR post:15:

?:\PAGEFILE.SYS
*.TXT
*.LOG

Mine has only these ones on Standard Shield of Vista… something that I’ve missed before. Sorry, Vlk.

DavidR post:15:

*.INI
C:\WINDOWS\TEMP*.TMP
_AVAST4_\UNP.TMP

I’ve added just these ones.

DavidR · 2007-09-10T23:38:49.000Z

I assume these locations aren’t on Vista then.
C:\WINDOWS\WINSXS*.POLICY
*\EDB.CHK - I have three copies of this file in different folders.
C:*\XJ8OV5FX.DEFCSC*.TMP
C:\WINDOWS\CSC\

Lisandro · 2007-09-11T00:50:58.000Z

DavidR post:17:

C:\WINDOWS\WINSXS*.POLICY
*\EDB.CHK

These I have on XP.

DavidR post:17:

C:*\XJ8OV5FX.DEFCSC*.TMP
C:\WINDOWS\CSC\

Never saw these ones…

Announcements