If it is NOT broken, DON'T "FIX" it!

:frowning:
Please do not make updates to your program without thinking about the usability and how it will affect their computers.

For example.

  1. My own mother is calling complaining about how her computer is real slow after Avast asked to reboot because of an update.
    I have gotten several other calls from clients that i have installed Avast onto complaining of slow downs as well.
    The ashServ.exe root kit scan is taking about 50% cpu on the systems I have seen it on a few min after boot.

People turn on their system so they can use it, not wait for it. :-[ ::slight_smile: :o ;D

I customize Avast, AntiSpyware and many other things so their system will boot fast and do maintenance when they are not using their computers. I spent a lot of time configuring Avast or the other Antivirus we use to be hassle free and fast etc. Youā€™re killing that.

  1. I would not mind the above one so much because I used to be able to modify avast.ini before you did the self protect stuff.
    I have repeatedly asked for a way, (that I would keep private), to turn it off.
    I can not shut it off now by switching it to not start in the registry.
    I can not shut it off by deleting the registry key.
    I can not shut if off by adding it to PendingFileRenameOperations.
    I can not fix these new features to keep my family and clients happy unless I turn it off.
    It has cost be over a $1000 in waisted bandwidth too.
    You see, my program, I made it to change the Avast.ini if I needed to and do scans, etc, was in the Avast directory.
    Avast thought it was a virus and deleted it.
    I informed you that it was not a virus and sent the file to you. (with in 24 hours, you excluded itā€¦ You guys are FAST 8) ;))
    My update system keeps trying to download it and it is wasting tons of bandwidth on my server and slowing their internet down.

If anyone knows of a way to turn it off, (a command, script, or other way, not manually so I do not have to call a bunch of clients), please PM me so they will not ā€œpatchā€ itā€¦ ::slight_smile:

Avast is great, but pleaseā€¦

It is all too easy to extrapolate a few examples and assume they represent the whole community.

Should I extrapolate my certain knowledge that the rootkit scan on my system lasts 3 seconds and that none of the folks I support are complaining to a ā€œthere is no problem to fixā€?

You can turn off the rootkit scan via Program Settings > Troubleshooting (this creates an avast4.ini setting).

You can also review the last rootkit scan log in the avast logs folder (aswAr.log) which contains the start and end times of the last scan and what was scanned. It may help the whole community if there is something that can be identified in the scans on the systems you are reporting that is (perhaps unnecessarily) prolonging the scans on these systems compared with others.

Final thoughts - if you can programatically turn off and modify the self protection features then so can any hacker. I hope the avast developers will not devote any time to supporting the ability to reduce the enhanced security of avast in this way.

I am not entirely unaware of the kind of problem you face. Certain features I have written for myself to assist me with testing problems reported in this forum and some I used with the folks I support no longer work with the enhanced security of avast. Yes, I whined about it - but I have accepted that these changes are for the greater good of the majority of avast users.

alanrf
I think I understand dewild1ā€™s problem but it appears to be largely of his own making.
He markets a product which includes a customised version of avast! (I assume he is an authorized reseller) with a number of guaranteed benefits, including that Your PC will boot up TWICE as fast as it does now. and recent changes to avast! have ā€œput a spanner in the worksā€. Iā€™d be frustrated too!

I think the first line ā€œPlease do not make updates to your program without thinking about the usability and how it will affect their computers.ā€ is very informative. He has very particular requirements which are at odds with what most people expect a self-defense module to do.

Vladimyr,

I edited my comments while you were posting.

I have some sympathy with the problem encountered by the poster since I too support others. However, I did not modify the package but provided expected settings to my users. Nevertheless, as you may have seen in other places it would be dishonest of me not to admit that I whined about the effects of the new security features on my ability to get things done.

I think I have made clear that my frustrations (as perhaps those of dewild1 too) must give way to greater good of the whole avast community. I only have to remember what I and those I support pay for this product and be glad I found it (and this forum).

I think it WAS broken and Alwil team did a good think fixing it.
Self-defense module and antirootkit scanning were more than welcome.
We can help troubleshooting if something get wrongā€¦

Vladimyr, Yes, boot up twice as fast! :o We do say in the ā€œfine printā€ that we can only make XP boot up twice as fast and it can not be a fresh install of windows, it needs to at least be a few months old. If you promise to keep it secret, PM meā€¦ Its already not a secret on the net, but I do not want to promote it.

But hey, that is nothingā€¦ :stuck_out_tongue: We offer :o Guaranteed :o Protection! :o ;D

Most donā€™t believe so we are not huge yet, http://www.guaranteedpcfix.com/news to see proof. I am surprised you did not scoff at that!

I may have come off wrong last night, I have a bad cold and got bitched at for the $1000 of waisted money by my wifeā€¦ (it rolls down hill you know ;D ::))

We have set up Avast with a script that reads then deletes a key in my MS Access database on my web server, as we use it, but we donā€™t install Avast much. Its to expensive. The other antivirus we use is only $7 (our price).
I think, (if I remember correctly), Avast is about twice as much for the volume we do. So we have not signed up yet.
When I made my script - ASP page that talks with the Access database, I was hoping to get better pricesā€¦ (HINT HINT)

I have installed it on my computer, a few techs and family and a few clients we work close with. I did this so we can test it out and make sure everything works smooth.

You see, I love how Avast is one fricken click and it is installed and we are currently only going to use it if we ever get real busy.
The other ones we use are semi scriptedā€¦ So they take more time, but hey $$$$$ talks, and for everything we do and the promises we deliver, every penny counts.
If a client gets re-infected, we truly have to earn our money. (and yes, this does happen, I am not promising eternal computer life you know)

While we are on the subject, the avast Create silent install has a wee bugā€¦ It sometimes does not export exclusions correctly. If you have many of them, like I do.
This is ANOTHER reason I need to shut off self protect via a script or program that is run remotely.

When I originally set up the script that talks to my server, reads the record, then deletes the record, and then it edits the Admin.ini with that variable using RegEx replacing the line ā€œSerial=ā€ and if my ms Access database is out of licenses, (like is is now :'(), my script pops up with an input box for my techs to paste a license inā€¦
After that, the silent install does the rest, I did not catch the exclusion bug, the folders that I needed excluded, were not excluded because of this bug and that is where this whole mess started from.
I need to replace the Avast4.db and Avast4.ini with ones that are not corrupt.
Unfortunately, I did not record who we installed Avast on, and who we did not, and in many cases, they bought it themselves after I told them it was the best one out there and the fastest one with the special way we customize it. Kind of like a protection upgrade. (I still say that is true, but like I said, $$$$ talks)
So my update will check to see if Avast is on the clients PC, then replace the two files and then I want to turn SP back on because it is a good feature.
And if I did not open my BIG FAT MOUTH here http://forum.avast.com/index.php?topic=35291.msg296770#msg296770 I could haveā€¦

Also, as for rootscanā€¦
Sure, great idea, poor sensitivity.
The number one reason why people buy computers, is to USE them. ;D

The reason people come back to me year after year, is because I set up their PC to be user friendly and hassle free, self updating, self maintaining, self protecting.

May I suggest that you do what I do with my scans, updating, etc.

  1. Wait for a few minutes after booting up. (you already are doing that one)
  2. Monitor idle time.
    a. Do not start the scan until about 5 minutes of no mouse or keyboard activity has occurred.
    b. Stop the scan if any activity does occur on the mouse or keyboard.
    c. go back to ā€œa.ā€
  3. Set depth of scans. If it is between 6 am and 11pm do a light scanā€¦ 12am-5am, heavy - deep scan for the people that leave it on all night.

Any more details on that? (so that we could reproduce the problem)

Well, you can modify avast4.ini with notepad.exe - if you confirm the subsequent consent dialog.
Now, it doesnā€™t really have to be notepad - it just has to be called notepad.exeā€¦ so, if you rename your tool to this name, you should be able to modify the files (provided you confirm the warning - or two, actually, and serialize the operations somehow).

Not really - the omission has already been fixed in our internal builds when you wrote about it on the forum.

Antiviruses have to be updated if you like it or not. Itā€™s not kind of type of program where youā€™d make it once and pretty much forget about it. It has to be updated to cover all the malware. It worked for their internal tests and it worked for all the beta testers here. So they released it to public. Itā€™s how every program release cycle looks like. Predicting how it will affect milions of combinations of all sorts is impossible and simply cannot be expected. Even the best software companies (and i count ALWIL there!) have and will always experience such problems regardless.

Itā€™s funny though that usually no one gives ANY compliement to companies when programs work as expected or even better (that especially applies to free ones) while they make a lot of noise when something doesnā€™t work.
I usually contact the vendor, give him as much info as possible regarding the issue and so far iā€™ve solved it in no time for every program there is, be it payable, freeware or even open source. But just ranting about stuff that has nothing to do with it wonā€™t help anyone. Not that you canā€™t write that too, but if you do, donā€™t forget about important stuff. I know i have ranted this way too, even here, but you can use this only to show how serious the issue was.
For starters you could at least mention what OS and avast! edition youā€™re using, but you forgot even thatā€¦ Steps to reproduce the issue, what happened before those symptoms, error messages if any, provide log files, check Windows Event Viewer and so on are also important. ALWIL programmers donā€™t have telepathic capabilities so writing as much as possible about issue helps more than you think.

My post last night, again, was poorly written. I apologize.

I have two identical laptops 2.4 duo, 64 gig SD hard disk, 2 gig ram, Vista biz, it took about 1 min on each.

On my moms, accessing it remotely after reboot, (extra 30-60 second delay before I get connected), it ran for about 3 minutes. It has XP, 512, maybe 2 GHz, hard drive was replaced last year.

The other clients that have complained, I have no clueā€¦ Untestedā€¦

Now I know I am just a small guy but over the last 20 years, I have gathered something the big corporations have notā€¦ I deal directly with, and listen to the end user, and I know that with all the junk they collect over time, every little bit counts and the fast startup is one of the most important things to themā€¦ (well, its what they bitch about most when its slow).
On, that noteā€¦ Yes, we are in an unappreciated field.

If it is working OK or semi OK, you never get thankedā€¦ But if it breaks, you just killed their cat, kids and stole all their moneyā€¦ OK, well, that is how they actā€¦

Please trust me, this works well and gets the job done eventually.

1. Wait for a few minutes after booting up. (you already are doing that one) 2. Monitor idle time. a. Do not start the scan until about 5 minutes of no mouse or keyboard activity has occurred. b. Stop the scan if any activity does occur on the mouse or keyboard. c. go back to "a." 3. Set depth of scans. If it is between 6 am and 11pm do a light scan.. 12am-5am, heavy - deep scan for the people that leave it on all night.
If you want to see some of my code that does it, and you promise not to laugh, I can PM or email you.

igor, please edit your post, that info could be used against Avast.

But thank you! Now I have a way to fix it! YEAAAAAAAAAAA!!! ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D ;D :smiley: :smiley: 8)

How? Thatā€™s why the confirmation dialogs are thereā€¦
The restriction to notepad.exe (which can be extended in avast4.ini itself) is there only to prevent false warnings when other programs open the .ini file for write access, even though they donā€™t need it. So, I donā€™t think thereā€™s any secret hereā€¦

:ā€˜( :ā€™( :ā€˜( :ā€™( UGGGGG ??? ???
You are right, I can not get past the ashCnsnt.exeā€¦
So am I just screwed or is there something I can do, besides calling everyone because I have no clue who has what?

The tasks.xls corruption looks like this,

<RW>?:\PAGEFILE.SYS,<RW>*.TXT,<RW>*.LOG,<C:\some dir\*,<C:\some dir\*,<RW>*.INI,<RW>C:\WINDOWS\TEMP\*.TMP,<RW>*\_AVAST4_\UNP*.TMP,<RW>C:\WINDOWS\WINSXS\*.MANIFEST,<RW>C:\WINDOWS\WINSXS\*.CAT,<RW>C:\WINDOWS\WINSXS\*.POLICY,<RW>C:\WINDOWS\CS C\*.TMP,<RW>W>*\EDB.CHK,*.fdp,C:\some dir\*,C:\some dir\*,some dir\*
[b]RW>W>* ><RW>?:[/b] are the problems, I think When I edit it manually and exclude all the strange stuff, it works fine in the testing I am doing now.

No scoffing intended! Your requirements are very particular, especially the need for no user intervention. As I said, Iā€™d be frustrated too.

To be clear, are you saying the rootkit scan is taking 3 minutes on your momā€™s XP PC? Does the log file give any clues?
This is not an issue for anyone Iā€™m supporting. I just checked ā€˜aswAr.logā€™ on this PC. The rootkit scan today took place about 7 minutes after startup and took 7 seconds. I donā€™t remember what I was doing at the time but I didnā€™t notice it.

igor, vlk
Is it possible to tweak ā€˜aswAr.logā€™ generation for diagnosis, to temporarily add a timestamp to each line?

I sympathize with you dewild1 , we the guys who help people to fix their computers experience seldom time they acknowledge our job. I like my profession and I like to help others but in my personal case this happens

1.- When a average user has a problem it get panicked, so I have to cooldown
2.- But when you have to explain to the user to avoid some risky situation and make him/her the importance of backup policy, the last thing they do is listen to you

In my case I had the Antirootkit disease, but simple I solved by disabling it, but since version 4.8.1195 I almost donā€™t need to disable it, excepting the case of installing an application

Thanks
MiguelAngelXP ;D

No, thereā€™s no deliberate backdoor, if thatā€™s what you are asking.

However, I donā€™t know if I understand correctly what you are trying to achieve. Are you running a program remotely on your clientsā€™ computers to change some settingsā€¦ or why is it a problem to click away the confirmation dialog?

Now Iā€™m not completely sure what corruption has been done to the original file, and what was changed by the forum software when pasted in. Could you please attach the tasks.xml file as an attachment?
Thanks.

Yes igor, thatā€™s exactly what he is doing.
Itā€™s all in his initial post. He adds a program to the avast4 folder that silently edits the avast4.ini file, which of course, avast! objects to.
http://www.guaranteedpc.com/
http://www.guaranteedpcfix.com/news

Hmm, avast! is certainly not built for that.
For remote administration, thereā€™s ADNM, together with managed version of the clients.