Avast ignores "trusted application" settings

And still scans files in the exclusion list.

The icon animates when opening a trusted process plus animates when the trusted process opens a file in the file system exclusion list.

Seeing as File System Shield & Behavior Shield do not work as expected, how do I disable those modules without avast pitching and showing the triangle in the taskbar?

If you are referring to the Behavior Shield’s “Trusted processes”, that setting only affects the specific Behavior Shield’s monitoring - it is certainly not meant to avoid FileSystem Shield’s scanning when the process in question performs filesystem operations.
Regarding the FileSystem Shield exclusion list - it works correctly. I suggest to open the avast! UI, switch to the FileSystem Shield page and watch the “Last scanned” item; it’s hard to guess what is actually being scanned just from the fact that the icon rotates.

All right, I can understand that.

Opening: C:\Program Files\MPC HomeCinema\mpc-hc.exe

With File System Shield running, takes 2 minutes to open.
Not running, shows up instantly.

Settings is “DO scan documents when opening” & “DON’T scan files when writing”

So the issue comes from mpc opening the following files when launching:

Name	Description	Company Name	Version	Path
mpc-hc.exe	Media Player Classic - Homecinema	mpc-hc@Sourceforge	1.3.1249.0	C:\Program Files\MPC HomeCinema\mpc-hc.exe
ADVAPI32.dll	Advanced Windows 32 Base API	Microsoft Corporation	5.0.2195.7038	C:\WINNT\system32\ADVAPI32.dll
COMCTL32.DLL	Common Controls Library	Microsoft Corporation	5.81.4968.2500	C:\WINNT\system32\COMCTL32.DLL
COMDLG32.dll	Common Dialogs DLL	Microsoft Corporation	5.0.3700.6693	C:\WINNT\system32\COMDLG32.dll
CRYPT32.dll	Crypto API32	Microsoft Corporation	5.131.2195.6926	C:\WINNT\system32\CRYPT32.dll
ctype.nls				C:\winnt\system32\ctype.nls
DCIMAN32.dll	DCI Manager	Microsoft Corporation	5.0.2180.1	C:\WINNT\system32\DCIMAN32.dll
DDRAW.dll	Microsoft DirectDraw	Microsoft Corporation	5.3.1.904	C:\WINNT\system32\DDRAW.dll
devenum.dll	Device enumeration.	Microsoft Corporation	6.5.1.902	C:\WINNT\system32\devenum.dll
DSOUND.dll	DirectSound	Microsoft Corporation	5.3.1.904	C:\WINNT\system32\DSOUND.dll
GDI32.dll	GDI Client DLL	Microsoft Corporation	5.0.2195.7205	C:\WINNT\system32\GDI32.dll
KERNEL32.DLL	Windows NT BASE API Client DLL	Microsoft Corporation	5.0.2195.7135	C:\WINNT\system32\KERNEL32.DLL
locale.nls				C:\winnt\system32\locale.nls
LZ32.DLL	LZ Expand/Compress API DLL	Microsoft Corporation	5.0.2195.6611	C:\WINNT\system32\LZ32.DLL
MPR.DLL	Multiple Provider Router DLL	Microsoft Corporation	5.0.2195.7134	C:\WINNT\system32\MPR.DLL
MSASN1.dll	ASN.1 Runtime APIs	Microsoft Corporation	5.0.2195.7334	C:\WINNT\system32\MSASN1.dll
msdmo.dll	DMO Runtime	Microsoft Corporation	6.5.1.900	C:\WINNT\system32\msdmo.dll
msvcrt.dll	Microsoft (R) C Runtime Library	Microsoft Corporation	6.1.9844.0	C:\WINNT\system32\msvcrt.dll
ntdll.dll	NT Layer DLL	Microsoft Corporation	5.0.2195.7006	C:\WINNT\system32\ntdll.dll
ole32.dll	Microsoft OLE for Windows	Microsoft Corporation	5.0.2195.7059	C:\WINNT\system32\ole32.dll
OLEAUT32.dll		Microsoft Corporation	2.40.4532.0	C:\WINNT\system32\OLEAUT32.dll
oledlg.dll	Microsoft Windows(TM) OLE 2.0 User Interface Support	Microsoft Corporation	5.0.2195.7114	C:\WINNT\system32\oledlg.dll
PSAPI.DLL	Process Status Helper	Microsoft Corporation	5.0.2134.1	C:\WINNT\system32\PSAPI.DLL
RPCRT4.dll	Remote Procedure Call Runtime	Microsoft Corporation	5.0.2195.7281	C:\WINNT\system32\RPCRT4.dll
SETUPAPI.dll	Windows Setup API	Microsoft Corporation	5.0.2195.6622	C:\WINNT\system32\SETUPAPI.dll
SHELL32.DLL	Windows Shell Common Dll	Microsoft Corporation	5.0.3900.7155	C:\WINNT\system32\SHELL32.DLL
SHLWAPI.DLL	Shell Light-weight Utility Library	Microsoft Corporation	6.0.2800.2006	C:\WINNT\system32\SHLWAPI.DLL
sortkey.nls				C:\winnt\system32\sortkey.nls
sorttbls.nls				C:\winnt\system32\sorttbls.nls
unicode.nls				C:\winnt\system32\unicode.nls
USER32.dll	Windows 2000 USER API Client DLL	Microsoft Corporation	5.0.2195.7133	C:\WINNT\system32\USER32.dll
USERENV.DLL	Userenv	Microsoft Corporation	5.0.2195.7002	C:\WINNT\system32\USERENV.DLL
VERSION.dll	Version Checking and File Installation Libraries	Microsoft Corporation	5.0.2195.6623	C:\WINNT\system32\VERSION.dll
WININET.dll	Internet Extensions for Win32	Microsoft Corporation	6.0.2800.1649	C:\WINNT\system32\WININET.dll
WINMM.dll	MCI API DLL	Microsoft Corporation	5.0.2161.1	C:\WINNT\system32\WINMM.dll
WINSPOOL.DRV	Windows Spooler Driver	Microsoft Corporation	5.0.2195.6659	C:\WINNT\system32\WINSPOOL.DRV
WS2_32.dll	Windows Socket 2.0 32-Bit DLL	Microsoft Corporation	5.0.2195.6601	C:\WINNT\system32\WS2_32.dll
WS2HELP.DLL	Windows Socket 2.0 Helper for Windows NT	Microsoft Corporation	5.0.2134.1	C:\WINNT\system32\WS2HELP.DLL

Changing the scan from DO on write and DON’T on read doesn’t change the time it takes to load.

Something’s not right when the protection is this buggy.

What do you mean…?? ???

2 minutes? That’s certainly not normal.
Of course the executable is loading the dependent DLLs - but even if they are scanned (most of them should not be thanks to the persistent cache - at least if the system catalogs on your machine are OK), scanning those few files should be done in a fraction of a second.

Again, if you watch the “last scanned” item on the FileSystem Shield page - what is being scanned? How many files are scanned (i.e. how much the number of scanned items grow) during those 2 minutes of starting?

Watching the last scanned, it appears to be scanning everything the program is opening, either due to DLL dependance or file opening.

Count increases by 45.

Expert Settings → Advanced:
Do not scan verified system DLLs
Use transient caching
Use persistent caching

45 files should be scanned in a second, not two minutes…
What if you go to Settings / Cloud Services and uncheck the option “Enable reputation services” - does it change the startup time?

Even though it might sound like a weird question - is your C: drive formatted as NTFS, or FAT?
Also, your OS is Windows 2000?

First thing I did, walked through all the settings and restored the settings Avast silently resets to default on installation. *

Cloud services unchecked, web reputation removed, etc.

W2K NTFS 3.2ghz dual processor with 4 gigs of ram and way more disc space than I can remember.

  • another gripe about updating to a new version, Avast deletes ALL my preferences and resets them.

P.S. I have a couple of degree’s in hardware / software engineering, so I am a programmer.

P.P.S. Avast still scans files with BOTH Open & Write unchecked. Go figure, the program isn’t even obeying it’s own user interface.

in avast v7, it is now possible to backup ur settings to be used in future installations. (settings → maintenance → back up settings)

previously u have to manually set them.

This gets worse, it’s interferring with my online game play and scanning the traffic to the game server.

And I have no idea at this point which module is the offending module and how to go about setting it to NEVER scan traffic to the game server nor scan anything that the game program does.

Again, ignores the trusted application settings and the file shield is scanning files being opened by the game program.

No means to determine which files are affected because it only displays the last file, so you have to watch it closely, and attack each file or extension as you see it zip by.

And do note, this is with the module running, but neither of the checkboxs:
[] Scan documents when opening
[
] Scan files when writing
Is checked.

Uninstalled File Shield and Behavior Shield, performance of computer is back to screaming awesome.

Again, ignores the trusted application settings and the file shield is scanning files being opened by the game program.

Adding an executable file to the trusted processes won’t stop the FSS scanning files that it opens (they aren’t trusted/excluded by the FSS); it is just the behavior shield that won’t monitor that processes activity (as Igor said in the first reply).

The Trusted Processes is a Behavior Shield setting so wouldn’t be valid or carry over to the FSS settings.

That is also my understanding.

Are “Trusted Applications” those applications that you do not want “sandboxed”? If that is the case I don’t see why making an application a trusted one should prevent avast! from scanning it when it is opened. In fact I would think just the opposite. If you tell avast! never to sandbox an application I would think that you would want the application files scanned when it is opened otherwise your computer becomes essentially defenseless against any harm that the application might try to inflict when it is opened.

No they aren’t as trusted applications only relates to the behavior shield. You can only ‘exclude files’ from being Auto-Sandboxed, not processes/programs and what it might subsequently open.