I recently installed the latest version of avast Home Free. However Boot up scans have taken an inordinate
length of time to wit:- 5:00:29 mins to complete the same. I had the same problem when the former version was
installed and I wrote a post dated July 11, 2012 to which I received a reply and which solved the problem. I have been
searching for the said reply but to no avail. It just cannot be found.
I shall be grateful if I can be advised of a solution to that problem.
What are you doing a Boot-time, done before windows starts (I assume this is what you mean as there is no routine scan on a normal boot) scan for ?
This isn’t routing and should only be needed if a detection in normal mode can’t be handled. The boot-time is one of the most thorough of all of the scans as it also scans archive files and scans for PUPs, which aren’t scanned for during normal scans. You can modify the boot-time scan so it doesn’t scan for archives or PUPs.
The problem is that a program was dowloaded via UTorrent and the same was contaminated. Avast fount 70 instances of the virus. Point is that [PUPS} were the items contaminated. I therefore wished to scan again but the runtime took that enormus length of time. Name of one of the Pups:-
A0105712dll C:\System Volume Information\Restore [A3F82447-7D2F-4F62-A56F-A106943297cj\RP367-Win32: Fun Web-j [PUP]
As I said there were 70 instances of this tpe of [PUP] the numbers are different. There is also an install brain.exe. These items are in the virus chest at this time. There are more to be found. Hence my wanting to scan again. If I don’t scan for [PUPS] I would not catch them. One of them is the brain itself.
I was advised that pups should not be deleated but in fact should be sent to the virus chest they would become decontaminated with the passage of time. I am not sure of that. I cannot delete them anyway because they are dlls with respect to an important program I use on a daily basis in my work routine.
In view of the foregoing, is there some other way to decrease the runtime? Seems I may have no choice but to bear with it until all the viruses are captured and the system is clean.
I assume that after the detection of the download from uTorrent, avast recommended a boot-time scan ?
In all honesty reducing the run time isn’t an issue when this isn’t a regular scan and I have already said how it can be reduced.
You can modify the boot-time scan so it doesn't scan for archives or PUPs.
Where you schedule a boot-time scan, you can also change its Settings.
####
PUP = Potentially Unwanted Program - See http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1066761,00.html. Not included in this definition are tools which can be used for good or evil, some have been legitimately installed for a specifically good purpose, but could have been unknowing installed for a malicious purpose.
Not all antivirus programs scan for PUPs and avast has it turned off by default (an exception being the boot-time scan). So if you get this you have been tweaking the avast settings without knowing what the impact might be.
@@@@
All of these are in the C:\System Volume Information folder, part of system restore, the restore points are only there because they have previously been deleted, modified, etc. Personally I would be considering clearing system restore, not only will this clear all of those files, it will also free up some hard disk space.
Create Clean Restore Point - Clear old Restore Points.
Now you are clear of infection create a clean System Restore point:
Click Start, All Programs, Accessories, System tools, System Restore.
In the pop-up that appears fill in the radio button to Create a Restore Point
Click NEXT
Enter a useful name that you will remember if you need to find this again (Clean Restore Point)
Click CREATE
You now have a clean restore point, you should clear the old ones:
Click Start, All Programs, Accessories, System tools, Disk Clean Up
Click OK on the C: drive
Click the More Options tab
In the System Restore section click the Clean Up button
Many thanks for you timely reply. I visited the links you suggested and was edificated to a great extent.
I am to further inform you that did as instructed with respect to the system restore points. However I do have
one further question, as follows.
With respect to the infected PUP files now situate in the Avast Virus Chest; Can I now return them to
the system or leave them there for a reasonable time? I cannot delete these files because my program will not
work properly.
The question arises because the Avast AV does not seem to be able to repair the files, I believe since it is the
free version.
I am grateful for any advice you can impart with me thereon.
You can safely remove them from the avast chest - there is little point in sending them back in isolation from the other restore points that you cleared and avast is likely to alert again if you tried another scan with PUPs enabled.
Only true viruses can be repaired as they have a small infection element injected into a legit file, removal when possible would leave the legit file. The problem with these detections the file is considered malicious not a legit file that has been infected.
Thank you for your reply. The contents thereof are duly noted. I am indeed relieved that I can delete the files from the
virus chest. I was thinking that I should keep them for a while and restore them since they were Dynamic Link Liburary
files. Malwarebytes found the same things before I deleted the restore points and now the system runs so much faster.
(IE as well).
If there is any thing further you may want to let me know please do. I would like to know. Meanwhile thanks again for your
prompt and kind attention. I note that you seem to be in great demand in the forums. That tells me that you have seriously
devoted yourself to helping and educating others.
Normally it is good practice to keep detections in the chest for a few weeks and then scan them within the chest, if they are still detected then delete from the chest.
However, in the case of the files from the system volume information (system restore) location there is little point trying to put files back in the system volume information (system restore) location even if they come up clean. Given that A) the point they were in there is because they may have previously bee deleted or B) modified and C) possibly most important, I don’t know if System Restore might try and block there restoration.