Sophos Antivirus - CPU usage peaking to 100%

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
For the past few months I've been having a problem with the on-access
scanning in Sophos Antivirus periodically using 100% of the CPU for
minutes at a time. My system has a 2GHz Pentium M processor with 1GB of
RAM, so this seems excessive.

I contacted Sophos technical support, but I am using the software on my
own PC at home as a perk of by employers license; this apparently
doesn't entitle me to technical support. I was given few bits of advice,
but they didn't help.

The machine is also running Windows Defender and I periodically run
Adaware SE Personal and Spybot S&D. I have also run Trend Micro's web
based scanner. All fail to find any malware.

My working hypothesis is that Sophos is taking a very long time scanning
a particular file, which is accessed occasionally. The problem is
finding out which one. I've got various tools from SysInternals, but the
problem is that when the 100% CPU usage occurs the machine is too
unresponsive to run them. If anyone from Sophos is listening it would be
very helpful if your software logged any files that take an excessive
time to scan.

The machine is currently running Sophos Anti-virus v6.5.6. The on access
settings are set to the default options.

Any suggestions?


Re: Sophos Antivirus - CPU usage peaking to 100%

Quoted text here. Click to load it


Re: Sophos Antivirus - CPU usage peaking to 100%

Andrew McLean wrote:
Quoted text here. Click to load it

my, my, how far they have fallen...

sorry i don't have a solution for you, it just struck me what a sharp
contrast this is with their support in the past... it used to be they'd
even give support for their competitors products (i remember graham
bragging about it) and now they won't even help out their customers'
employees who legitimately use the software at home? wow...

"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: Sophos Antivirus - CPU usage peaking to 100%

Quoted text here. Click to load it

Make sure Sophos is actually set up to run the defaults eg normal scan - not
extensive, make sure scan all files is NOT checked.  You could check out the
log and see if there is a reference to anything there.  You could try a scan
all files in on demand and see if there is an error flagged up, or a file
taking an age to be scanned.  Sophos will point to any passworded or other
files it cannot access, or has a problem with.


Re: Sophos Antivirus - CPU usage peaking to 100% says...
Quoted text here. Click to load it

All good advice.
Might be worth killing Sophos (via Task Manager or whatever) at the point it
goes 100%,
and then see what the last entry in the log is. But the log writes might be
cached, so it
might not show anything.
I'd try the SAV32CLI tool with -DN so that you can see whihc file it's looking
at at any
point. Of course the problem might not occur with SAV32CLI.
I'd definitely try a scan while Windows Defender is unloaded, to find out if
it's some
interaction between the two.
If you don't want the whelks don't muck 'em about
If you don't want them someone else may

Site Timeline