I've noticed that AMON constantly is counting files @ about 1.5/sec with no applications running other than AV, etc protection.; Was at 190K+ awhile ago and now at 254K+ . PSAPI.dll is the File Name in the Window then & now. I'm (Me OS) 2.1.2 Up-to-date & set-up like Blackspear Minus the MAPI intface. Spybot/AdAware SE/Spyware Blaster seem OK ( AdAware showed MS Alexa and I just Quarantined (6) Tracking Cookies with a 3/10 severity rating)- HELP implies a File Count increase only if something happens in an application. Any ideas?

That is normal behaviour

Amon is constantly scanning everything running on the computer

You will always have lots of "programs or applications" running when you are using windows even if you haven't started them yourself they are different parts of windows

{QUOTE-> That is normal behaviour

Amon is constantly scanning everything running on the computer

You will always have lots of "programs or applications" running when you are using windows even if you haven't started them yourself they are different parts of windows <-QUOTE}

It's not normal behavior - I have experienced the same problem. I think it was related to frequent standby/hibernation switching (notebook). My counter was incrementing about 50 files per second. The funny thing was that system was fully usable and it was visible only with this "speedy" counter. After rebooting computer everything is OK (1-2 files per second max).

I would suggest this is normal behavior for AMON, you will see varying count speeds...

Cheers ;D

{QUOTE-> I would suggest this is normal behavior for AMON, you will see varying count speeds... <-QUOTE}

FWIW, my AMON count currently stands at a little under 11 million in 8½ days

{QUOTE-> FWIW, my AMON count currently stands at a little under 11 million in 8½ days <-QUOTE}
Mine is at 43,000 in 1 1/2 hours. Your computer has been left on for 8 1/2 days I gather...

Cheers ;D

BTW, how do you get you 1/2 to look the way it does?

{QUOTE-> Mine is at 43,000 in 1 1/2 hours. Your computer has been left on for 8 1/2 days I gather...

Cheers ;D

BTW, how do you get you 1/2 to look the way it does? <-QUOTE}

I use Character Map for the ½ :)

No, excessive AMON counts are not what I would consider to be "normal" behavior. My Win XP laptop has been on for 9 hours and my AMON count is only at 34,939, however I use the default on AMON and only scan all files and in-depth during on-demand passes.

Normally, "psapi.dll" refers to the Process Status API (http://msdn.microsoft.com/library/en-us/perfmon/base/process_status_helper.asp) that helps enumerate details about running processes and device drivers. The unusual thing to me is that I understood you to say that you are running Windows ME. WinME does not normally include psapi.dll, it is really only part of Win2000, WinXP, and Windows Server 2003 (and can be redistributed for use on WinNT 4.0). On Win9x and WinME similar information is gathered using the ToolHelp32 library of APIs. (See here (http://msdn.microsoft.com/msdnmag/issues/02/06/debug/figures.asp#fig5) for methods of enumerating processes.) I would recommend downloading and using Sysinternal's Filemon (http://www.sysinternals.com/ntw2k/source/filemon.shtml) to see process is trying to continually open and use the psapi.dll.

No, excessive AMON counts are not what I would consider to be "normal" behavior.

I guess the thing would be to define 'normal behavior', and to differentiate between Amon behavior and PC behavior. I think some have been saying the counting is normal behavior for Nod. Whether what is being counted on the PC is normal, or desirable, is another question. If you have a particular program constantly polling in windows, or something like a constantly changing ini file running up the Amon count excessively, it can be excluded... if you trust in no 'nasty' infiltration in that area.

Take care... Quinn

{QUOTE-> If you have a particular program constantly polling in windows, or something like a constantly changing ini file running up the Amon count excessively, it can be excluded... if you trust in no 'nasty' infiltration in that area. <-QUOTE}Exactly. AMON is not going out of its way to count, or scan files on its own and no one can say what is normal for someone else's computer because they don't know what programs are running on those other PCs. If some program, or Windows itself is accessing some file or files in the background, then unless you exclude them, AMON will scan them and thus the count goes up. That is AMON's job, to scan files being accessed, even if those accesses are occurring because of some background service or other program activity. It does not have to be some foreground program you are running deliberately.

Now certainly, if you have excessive scanning going on and you don't know what other program is doing all that accessing, then that is worth investigating to determine what program is doing it.

By the way, the ALT key is a good way to enter special characters, too. Hold down ALT and press the numbers 0189 then let ALT up and this will appear: ½. And then there is ALT 0178 being the: ² character. ;D

{QUOTE-> ...no one can say what is normal for someone else's computer because they don't know what programs are running on those other PCs.... <-QUOTE}
Agreed ;D I was just trying to get to some sort of average, thus 8½ days = 204 hours, divide this into 11 million, equates to around 53,000 files per hour, and this is all dependant upon what programs were being used and what AMON is set to scan... now I'm outta breath from writing that one... ;)


{QUOTE-> …By the way, the ALT key is a good way to enter special characters, too. Hold down ALT and press the numbers 0189 then let ALT up and this will appear: ½. And then there is ALT 0178 being the: ² character. ;D <-QUOTE}
Boy I sure would like to know the logic behind getting 189 to look like ½ I’d scratch my head if it didn’t make it hurt so much… ;)

Cheers LWM ;D

;D 8) ;D 8) ;D

Just be thankful we have letters and numbers on our keyboards instead of remembering all 256 character (ANSI/ASCII) combinations.. if you use charmap, you can use the ALT/code as long as its not Unicode numbers..
(Cyrillic.. uffda) Or worse still, binary/bit data type entry..

Of course, MS made it easy for us.. we just need to translate the
HEX code to decimal and tack on a zero. :)

Like 2C in Courier = 2*16+12=32+12=44 (ALT+044)
Well, anyway, that's my .02¢ worth. :)

I used to know the IRQ for keyboard.. think its 1..
Ah.. the electronics days are all coming back to me.. *sigh* :)

{QUOTE-> Just be thankful we have letters and numbers on our keyboards instead of remembering all 256 character (ANSI/ASCII) combinations.. if you use charmap, you can use the ALT/code as long as its not Unicode numbers..
(Cyrillic.. uffda) Or worse still, binary/bit data type entry..

Of course, MS made it easy for us.. we just need to translate the
HEX code to decimal and tack on a zero. :)

Like 2C in Courier = 2*16+12=32+12=44 (ALT+044)
Well, anyway, that's my .02¢ worth. :)

I used to know the IRQ for keyboard.. think its 1..
Ah.. the electronics days are all coming back to me.. *sigh* :) <-QUOTE}
LOL, like I said, "I’d scratch my head if it didn’t make it hurt so much…" ;) ;D

I Loooooove Windows, it makes is sooooooo much easier... for the average user to screw up, it's not just left to the experts... ;)

Cheers ;D

{QUOTE-> I guess the thing would be to define 'normal behavior', and to differentiate between Amon behavior and PC behavior. I think some have been saying the counting is normal behavior for Nod. Whether what is being counted on the PC is normal, or desirable, is another question. <-QUOTE}Agreed. I apologize for not being more precise in my response. NOD32 is doing precisely what it was designed to do, namely scan files that are being accessed with create, open, or execute rights (and meet whatever extension filtering criteria, if any, you have configured in settings). What I meant to say, though, is that » I «, personally, don't think that such constant file accessing is normal behavior for the underlying PC. Certainly, what is or is not normal depends upon what processes you have running; but such constant filesystem activity is somewhat suspicious to me and even if it is benign I'm not sure that I would want the overhead such a background process may be causing. It is worthy of further investigation, IMHO, is all I was really trying to convey.

{QUOTE-> Agreed. I apologize for not being more precise in my response. NOD32 is doing precisely what it was designed to do, namely scan files that are being accessed with create, open, or execute rights (and meet whatever extension filtering criteria, if any, you have configured in settings). What I meant to say, though, is that » I «, personally, don't think that such constant file accessing is normal behavior for the underlying PC. Certainly, what is or is not normal depends upon what processes you have running; but such constant filesystem activity is somewhat suspicious to me and even if it is benign I'm not sure that I would want the overhead such a background process may be causing. It is worthy of further investigation, IMHO, is all I was really trying to convey. <-QUOTE}
Nicely said Alec, and a good point...

Cheers ;D

Thanks for the feedback. "paspi.dll" showed in Windows System, Temp, and Program Files\Diskeeper Lite(upper case "D" in .Dll vs others .dll/ it's defrag tool). I looked at Process Explorer screen and while not seeing anything obvious, am not proficient enough to really know what I'm seeing if "I'm the problem" sign is not painted on it. Will network around locally and advise if anything found worth your knowing.

{QUOTE-> Thanks for the feedback. "paspi.dll" showed in Windows System, Temp, and Program Files\Diskeeper Lite(upper case "D" in .Dll vs others .dll/ it's defrag tool). I looked at Process Explorer screen and while not seeing anything obvious, am not proficient enough to really know what I'm seeing if "I'm the problem" sign is not painted on it. Will network around locally and advise if anything found worth your knowing. <-QUOTE}
Thanks for that COSMO26...

Cheers ;D

Hi Folks.

I have checked my system and my psapi.dll is scanned all time because I´m using Tauscan.If I disable it, NOD32 is back to normal.

Best Regards,

DonKid.

Got around to researching AMON constant counting of PSAPI.dll files and ESET Sppt said a similar issue ended with removal of a program. My First "turn off" attempt was Spybot S&D TeaTimer. AMON STOPPED counting. 1.5 files per second doesn't seem to affect performance so I'll reactivate TeaTimer & truck on. Thanks to ESET Support.

{QUOTE-> Got around to researching AMON constant counting of PSAPI.dll files and ESET Sppt said a similar issue ended with removal of a program. My First "turn off" attempt was Spybot S&D TeaTimer. AMON STOPPED counting. 1.5 files per second doesn't seem to affect performance so I'll reactivate TeaTimer & truck on. Thanks to ESET Support. <-QUOTE}
Thanks for the update Cosmo26.

Cheers ;D

Hello, fwiw, it is also worth excluding your firewall from the amon scan - this should cut down on the number of files scanned...

Toby