Author Topic: 7.0.1407 - File System Shield activity & FSS exclusions  (Read 28882 times)

0 Members and 1 Guest are viewing this topic.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 71164
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #15 on: February 25, 2012, 09:55:47 AM »
What OS are you using, as both of us are using XP Pro ?

Just had a look, no problems here.
Win 8.1 [x64] - Avast PremSec 21.6.6435.IBC [UI.655] - EEK - Firefox ESR 78.12 [NS/uBO/PB] - TB 78.12
Avast-Tools: Secure Browser 92.0 - Cleanup 21.2 - SecureLine 5.12 - Driver Updater 21.2 - CCleaner 5.83
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Tetsuo

  • Poster
  • *
  • Posts: 594
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #16 on: February 25, 2012, 02:36:47 PM »
Sorry if you have already clarified this but during the "FSS constant scan" what's the behavior of the tray icon? is it spinning?
I'm asking because I have to check my father's laptop (XP Pro SP3).

Offline DJBone

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6345
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #17 on: February 25, 2012, 02:52:32 PM »
What OS are you using, as both of us are using XP Pro ?
I have the same problem on my WinXP Home SP3 Laptop. FSS scans the  same file (the UI of my WLAN driver) again and again...

DJBone
Win10 x64, APS (always latest version)
Avast Mobile Security (always latest version)

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85371
  • No support PMs thanks
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #18 on: February 25, 2012, 03:33:04 PM »
Sorry if you have already clarified this but during the "FSS constant scan" what's the behavior of the tray icon? is it spinning?
I'm asking because I have to check my father's laptop (XP Pro SP3).

I didn't see any appreciably CPU activity or constant rotation of the avast tray icon (you might just see a single rotation for each blip). It is just a constant drip, drip, drip, as the scanned count constantly creeps up. Now as 13694/0 14037/0 whilst just posting this. My system has only been up for about 90 minutes.
« Last Edit: February 25, 2012, 03:34:50 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.5.2470 (build 21.5.6354.675) UI 1.0.646/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline iroc9555

  • CCS, Vzla.
  • Avast Überevangelist
  • Starting Graphoman
  • *****
  • Posts: 7458
  • No soporte por PM.
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #19 on: February 25, 2012, 03:53:44 PM »
After excluding a dozen processes or so from FSS and including them to Behavior shield:

C:\Archivos de programa\Creative\VoiceCenter\AndreaVC.exe
C:\Archivos de programa\Digital Line Detect\DLG.EXE
C:\Archivos de programa\HP\Digital Imaging\bin\hpqste08.exe
C:\Archivos de programa\Logitech\Logitech WebCam Software\LWS.exe
C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
C:\Archivos de programa\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Archivos de programa\TrippLite\PowerAlert\console\pastatus.exe
C:\Archivos de programa\TrippLite\PowerAlert\engine\pal.exe
C:\Archivos de programa\UPHClean\uphclean.exe

C:\Archivos de programa\Archivos comunes\Creative Labs Shared\Service\CREATIVELICENSING.EXE
C:\Archivos de programa\Archivos comunes\LogiShrd\LQCVFX\COCIMANAGER.EXE
C:\Archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPRCSRV.EXE

C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001.dir.0000
C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001
C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001.dir.0000\~df394b.tmp
C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001.dir.0000\~efe2.tmp

C:\WINDOWS\STSYSTRA.EXE

C:\WINDOWS\system32\CTMBHA.dll
C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
C:\WINDOWS\SYSTEM32\DLA\DLACTRLW.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE

 I got stuck with

C:\Documents and Settings\Hernan \Local configuration\Temp\clclean.0001.dir.0000

Did not want to go away. However; This morning fooling around with the Clound Services and streaming updates, I disabled it rebooted and enabled it again and rebooted. Did not get connection stablished or the folder for the steaming updates in Avast! def file that I was expecting to accomplish with it, but I got FSS to work the right way ;D. Avast! icon is not spinning like crazy any more and last file scanned changes accordingly. Now I have to take back all the exclutions in FSS and see what happens.

@ Tetsou

Sorry if you have already clarified this but during the "FSS constant scan" what's the behavior of the tray icon? is it spinning?
I'm asking because I have to check my father's laptop (XP Pro SP3).

Yes, The icon is constantly spinning if the comp is at idle. You can also check your CPU for spikes. Mine was all the time jumpping to 40% o 60% when normally it did not pass 15%. Also take a look at your FSS. See my screenshots. One is FSS working like crazy the other is FSS working like it is supposed to. Guess which is which ?

@ DavidR

I had some cpu spikes as explain above
« Last Edit: February 25, 2012, 03:56:41 PM by iroc9555 »
Hernan.
Dim 9200. C2D E6600; 2.40GHz. 4GB DDR2RAM. XP Pro_86. Spk3. IE8 & FF41. Avast FREE 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. SpywareBlasterOpenDNS. uBlock. WOT. Sandboxie

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 45676
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #20 on: February 25, 2012, 03:57:53 PM »
Almost looks like a Ccleaner temp file (Undo file) that's being scanned.
I don't have the problem but don't have Ccleaner installed either.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, AvastOmni 21.6, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85371
  • No support PMs thanks
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #21 on: February 25, 2012, 04:01:47 PM »
Quote from: iroc9555
@ DavidR

I had some cpu spikes as explain above

Yes, but my instance isn't anywhere near as severe as yours was, so my CPU wasn't an issue and the tray icon as mentioned would generally rotate once.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.5.2470 (build 21.5.6354.675) UI 1.0.646/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Tetsuo

  • Poster
  • *
  • Posts: 594
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #22 on: February 25, 2012, 04:12:36 PM »
mmmh... thanks for the info, guys.

Offline iroc9555

  • CCS, Vzla.
  • Avast Überevangelist
  • Starting Graphoman
  • *****
  • Posts: 7458
  • No soporte por PM.
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #23 on: February 25, 2012, 04:43:55 PM »
@ Bob

Almost looks like a Ccleaner temp file (Undo file) that's being scanned.
I don't have the problem but don't have Ccleaner installed either.

Thank you for your idea, but no, it is not a CCleaner file. It is a file for SoundBlaster Audigy integrated audio.

Well I started to delete files from FSS exclusion list and it did not work. Avast is back like crazy scanning all those files again and again.  >:(
« Last Edit: February 25, 2012, 04:47:55 PM by iroc9555 »
Hernan.
Dim 9200. C2D E6600; 2.40GHz. 4GB DDR2RAM. XP Pro_86. Spk3. IE8 & FF41. Avast FREE 2015. CIS 5.12(FW/D+). MBAM Premium. MCShield. WinPatrol +. SpywareBlasterOpenDNS. uBlock. WOT. Sandboxie

Offline Gopher John

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2098
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #24 on: February 25, 2012, 05:02:52 PM »
Sorry if you have already clarified this but during the "FSS constant scan" what's the behavior of the tray icon? is it spinning?
I'm asking because I have to check my father's laptop (XP Pro SP3).

I didn't see any appreciably CPU activity or constant rotation of the avast tray icon (you might just see a single rotation for each blip). It is just a constant drip, drip, drip, as the scanned count constantly creeps up. Now as 13694/0 14037/0 whilst just posting this. My system has only been up for about 90 minutes.

My system has been up a little over 2.5 hours and the FSS shows 2130/0.  I have *\firefox\profiles\*sessionstore*.js as an exclusion on write ( due to a recommendation from someone ).  You might see if that will help.  At the time I entered that exclusion in the distant past, it did help a particular situation but it might not even be necessary now.  The sad thing is that I don't remember the details, now.

I don't have WinPatrol installed.  Is it possible that it is touching some file and triggering the FSS on it?  I'm not familiar with that program, just that it is highly recommended by many.
AMD A6-5350M APU with Radeon HD Graphics, 8.0GB RAM, Win7 Pro SP1 64bit, IE11
i7-3610QM 2.3GHZ, 8.0GB Ram,  Nvidia GeForce GT 630M 2GB, Win7 Pro SP1 64bit, IE 11
Common to both: Avast Premium Security 19.7.2388, WinPatrol Plus, SpywareBlaster 5.5, Opera 12.18, Firefox 68.0.2, MBam Free, CCleaner

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85371
  • No support PMs thanks
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #25 on: February 25, 2012, 05:16:28 PM »
The other thing is that many of the files that are being scanned, shouldn't be being scanned in any case under the default FSS settings.

Take some of those listed by iroc9555:
C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001.dir.0000
C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001
C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001.dir.0000\~df394b.tmp
C:\Documents and Settings\Hernan Perez\Configuración local\Temp\clclean.0001.dir.0000\~efe2.tmp

These aren't executables or dlls, so why the FSS shield would be even scanning them outside of the issue being covered here, is beyond me.

I have seen several such files being scanned that aren't .exe or .dll, etc.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.5.2470 (build 21.5.6354.675) UI 1.0.646/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85371
  • No support PMs thanks
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #26 on: February 25, 2012, 05:19:59 PM »
<snip quotes>
My system has been up a little over 2.5 hours and the FSS shows 2130/0.  I have *\firefox\profiles\*sessionstore*.js as an exclusion on write ( due to a recommendation from someone ).  You might see if that will help.  At the time I entered that exclusion in the distant past, it did help a particular situation but it might not even be necessary now.  The sad thing is that I don't remember the details, now.

I don't have WinPatrol installed.  Is it possible that it is touching some file and triggering the FSS on it?  I'm not familiar with that program, just that it is highly recommended by many.

I have had the *\firefox\profiles\*sessionstore*.js exclusions for absolutely ages, in fact I believe it is now a default exclusion.

WinPatrol link avast is meant to be on-access so something would have to make a system change, etc. for it do reach out to check.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.5.2470 (build 21.5.6354.675) UI 1.0.646/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline reesd

  • Jr. Member
  • **
  • Posts: 60
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #27 on: February 25, 2012, 05:31:25 PM »
I am seeing the same thing on XP as I reported at http://forum.avast.com/index.php?topic=94168.msg749722.

I am seeing processlasso.exe every second, and  am seeing KiwiLogViewer.exe and notepad++.exe every few seconds.

d
MacBook Pro
XP SP3 (Bootcamp)
Avast 6 Free
FF4, FF3.6, IE9, Chrome, Safari

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85371
  • No support PMs thanks
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #28 on: February 25, 2012, 07:21:16 PM »
Update:

I appear to have many, more files in this repetitive scan cycle.

Switched OK files on in the FSS Report file settings, Stopped FSS to enable changed setting, Started FSS. Left on for 3 minutes, unchecked the OK files in the Report file, Stop and Start FSS. In that 3 and a bit minutes over 900 files were scanned.

Quote from: Extract of FileSystemShield.txt
25/02/2012 17:54:31   C:\PROGRAM FILES\ROCKETDOCK\ROCKETDOCK.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\LOGITECH\SETPOINT\SETPOINT.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\LOGITECH\SETPOINT\SETPOINT.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\COMMON FILES\LOGISHRD\KHAL2\KHALMNPR.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\COMMON FILES\LOGISHRD\KHAL2\KHALMNPR.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\JAVA\JRE7\BIN\JQS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\JAVA\JRE7\BIN\JQS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\POWERQUEST\DRIVE IMAGE 7.0\AGENT\PQV2ISVC.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\POWERQUEST\DRIVE IMAGE 7.0\AGENT\PQV2ISVC.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\CAPS LOCK CHANGER\CAPS_LOCK_CHANGER.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\CAPS LOCK CHANGER\CAPS_LOCK_CHANGER.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\BELKIN BULLDOG PLUS\MUPS.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGIT32.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGIT32.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\TSCHELP.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\TSCHELP.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGPRIV.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGPRIV.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGITEDITOR.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGITEDITOR.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\JGSOFT\EDITPADLITE\EDITPADLITE7.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\JGSOFT\EDITPADLITE\EDITPADLITE7.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\7-ZIP\7ZFM.EXE  is OK
25/02/2012 17:54:31   C:\PROGRAM FILES\7-ZIP\7ZFM.EXE  is OK
25/02/2012 17:54:33   C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQSmeCOM.dll  is OK
25/02/2012 17:54:33   C:\Program Files\PowerQuest\Drive Image 7.0\Agent\gwlangEN.dll  is OK
25/02/2012 17:54:34   C:\WINDOWS\system32\gearaspi.dll  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\ROCKETDOCK\ROCKETDOCK.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\LOGITECH\SETPOINT\SETPOINT.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\LOGITECH\SETPOINT\SETPOINT.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\COMMON FILES\LOGISHRD\KHAL2\KHALMNPR.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\COMMON FILES\LOGISHRD\KHAL2\KHALMNPR.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\YAHOO!\WIDGETS\YAHOOWIDGETS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\JAVA\JRE7\BIN\JQS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\JAVA\JRE7\BIN\JQS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\POWERQUEST\DRIVE IMAGE 7.0\AGENT\PQV2ISVC.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\POWERQUEST\DRIVE IMAGE 7.0\AGENT\PQV2ISVC.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\CAPS LOCK CHANGER\CAPS_LOCK_CHANGER.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\CAPS LOCK CHANGER\CAPS_LOCK_CHANGER.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\BELKIN BULLDOG PLUS\MUPS.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\MOZILLA THUNDERBIRD\THUNDERBIRD.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGIT32.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGIT32.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\TSCHELP.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\TSCHELP.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGPRIV.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGPRIV.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGITEDITOR.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\TECHSMITH\SNAGIT 10\SNAGITEDITOR.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\JGSOFT\EDITPADLITE\EDITPADLITE7.EXE  is OK
25/02/2012 17:54:41   C:\PROGRAM FILES\JGSOFT\EDITPADLITE\EDITPADLITE7.EXE  is OK
25/02/2012 17:54:42   C:\PROGRAM FILES\7-ZIP\7ZFM.EXE  is OK
25/02/2012 17:54:42   C:\PROGRAM FILES\7-ZIP\7ZFM.EXE  is OK

I'm far from happy as this was never how it was, and there really shouldn't be a need for a user to go to these lengths, analysis & exclusion of tens of files. When the Transient cache is meant to cater for this repetitive scanning of the same file, until the user reboots, a virus definitions update or the file actually changes.

So it is broken, I can think of no other words to better describe is not working as it should.

For me most of these files although loaded would be pretty dormant.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.5.2470 (build 21.5.6354.675) UI 1.0.646/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline spg SCOTT

  • Massive Poster
  • ****
  • Posts: 4124
  • There is no magic, only lost physics
    • spg SCOTT
Re: 7.0.1407 - File System Shield activity & FSS exclusions
« Reply #29 on: February 25, 2012, 07:34:15 PM »
David, I think I have managed to replicate this to some extent.

I think there is a settings within FSS settings that causes this. I turned them all pretty much all the way up on every page and I saw what you saw in the report file.

I will test further, to see if I can pin down which one it is.

A small portion of what I see...
Code: [Select]
25/02/2012 18:28:30 C:\Program Files\Rainmeter\Rainmeter.exe [+] is OK
25/02/2012 18:28:30 C:\Program Files\Rainmeter\Rainmeter.exe [+] is OK
25/02/2012 18:28:30 C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [+] is OK
25/02/2012 18:28:30 C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [+] is OK
25/02/2012 18:28:30 C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [+] is OK
25/02/2012 18:28:30 C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [+] is OK
25/02/2012 18:28:30 C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe [+] is OK
25/02/2012 18:28:30 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [+] is OK
25/02/2012 18:28:30 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [+] is OK
25/02/2012 18:28:33 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [+] is OK
25/02/2012 18:28:33 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [+] is OK
etc.
« Last Edit: February 25, 2012, 07:41:52 PM by spg SCOTT »
“There is a computer disease that anybody who works with computers knows about. It's a very serious disease and it interferes completely with the work. The trouble with computers is that you 'play' with them!”Richard Feynman