Sorry for the delay but I've been traveling.
Try to run ashQuick.exe "*STRT-MEM-SHORT" - does it work/finish?
When I try to "run" ashQuick.exe "*STRT-MEM-SHORT" from a limited user profile, it opens two pop up windows but indicates 0 files scanned. It does NOT show any progress in running the memory test as it normally does when it is run as an administrator. So it does NOT seem to run.
One more thing you could try: in Task Manager, Performance page, open the View menu and check "Show kernel times". This will add a new red line to the chart, indicating the CPU time spent in the kernel mode. If you then simulate the problem, does the red line also go to 100%? (proving that the "fun" is taking place in kernel mode, instead of the ashServ.exe process itself).
I previously provided a screenshot showing that the kernel times are high, but not at 100%.
Unfortunately, the dump is of no use as the processing is taking place in kernel mode (which is not included in the dump).
The only way to properly analyze the problem is to create a full dump of the system when the problem is simulated. The procedure is described here: http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=71
Well, it's done, but not without creating its own issues (as I had suspected it would). I followed the procedure exactly as described, though your procedures ought to clearly mention, as is customary, to back up the registry before making ANY such modifications.
I saved the original registry key, then created the new DWord value, blue screened the machine and created the memory dump. I then rebooted, replaced the key with the original one and rebooted. And the Logon screen appeared but the trackpoint was frozen. I tried safe mode with command prompt but that too left me without any functionality. So I had no way to get back to the registry.
In the end, I booted from a clone of the drive from a week ago, and copied all the user files as well as the memory dump on the "stuck drive" to the clone. Then I re-cloned back to the original drive.
NOT exactly what I'd call fun, nor the kind of additional troubles I'd like to create when trying to analyze why a program isn't working properly. I will now upload the dump file with the name
blue2memory.dmp, but I sure hope that after all this trouble, it was worth it and shows something of value.