I found the following bug after upgrading to 4.8 Home version. I’m planning bootscan, reboot and scan is starting. Avarithing works file without any errors (virii can be found sometimes) but only a small part of all disk files is scanned. For example on system drive C: the following directories are scanned: Documents and Settings (may by not entire), some small catalogs. But not scanned System Volume Information catalog and Windows catalog too. Disk contain 30 000 files, but Avast reported about 1500 files scanned and scan duration is 5 minutes instead normal 30 minutes.
I check this on 3 PC (clean ones included). All of them show this behaviour.
Select ‘Bootscan’. Select parameters: Scan all local dirves, Scan archieves, Additional options - Query action. Avast 4.7 with these settings scanned all files and folders.
My remark. I can not found this behaviour on my PC and on VM where I tried Avast. So the question: what kind of additional info can be requested from users to resolve this issue?
What operating system was that?
I can imagine a different behavior can be seen on Vista - the thing is that when scanning in “raw mode” (= unless the option “Disable raw disk access in boot-time scanner” in avast! Troubleshooting option is checked), avast! doesn’t “enter” into soft/hard links.
So, it might seem that the folder C:\Documents and Settings is not scanned, because it’s actually just a link to C:\Users and will be scanned later. This should not matter if the whole disk is being scanned (typically).
avast! 4.7 (or 4.8 with “raw mode” disabled) would scan the disk in different order (i.e. it would scan C:\Documents and Settings, and skip C:\Users later) - but the number of scanned files (as reported by the boot-time scanner!) should be mostly the same in both cases.
If the scan tool 30 minutes previously, and now takes 5… that’s certainly strange.
So, I’d like to know:
what operating system is that
does it make any difference if the option “Disable raw mode in boot-time scanner” is checked in avast! settings?
a) WinXP Home Edition SP2 and WinXP Professional SP2 (on different PC);
b) Difference is really present. When raw mode is disabled avast! 4.8 scan all files during bootscan, the same as previously avast! 4.7 without disabled access.
I am experiencing the same problem as the questioner. I have recently updatted my older Avast 4.7 to 4.8. The older version’s boot-time scan didn’t showed any problem not a single time and used to scan every nook and corner of my drive. But the new one is bypassing folders even when I manually check all folders in dialog box.
I understand that on Vista avast scans the contents of that folder but not the soft/hard links (symbolic links?). If I check “Disable raw disk access in boot-time scanner” in avast! settings, that the contents of the folders AND the links will be scanned. Am I wrong?
Present in the log:
15:28 - scan with raw disabled
16:13 - scan with raw enabled
16:18 - scan of two problems folders (raw enabled)
Actually these problem folders contain the following quantity of files/folders:
C:\WINDOWS - files:10437 folders:487
C:\System Volume Information - files:5411 folders:283
Could I get the log (\Data\Log\aswBoot.log) for the C:\Windows scan?
Actually, maybe there won’t be enough information in the log… I could supply a custom executable build that logs more info.
Here is a build of aswBoot.exe that logs each file being scanned.
To “install” it, just overwrite the ZIP content over the one in Windows\System32 folder. avast! self-defense has to be disabled first (in avast! settings / Troubleshooting page).
avast! setup will notice the change of the file soon and overwrite it back with the original version - so, I’d suggest to overwrite it very shortly before the restart (after the boot-time scan has been scheduled).
For now, I’d be interested in the log (\data\log\aswBoot.log) for Windows folder scan - both with raw-access enabled and disabled, so that I could compare (from the same machine). Note that the log is overwritten each time the boot-time scanner starts, so it’s necessary to copy it somewhere else after the first scan.
New exe-file helped solve the problem. Just convert FAT32 → NTFS solves the problem under discussion.
There is another question: why did the reporting settings do not affect the boot-scan report? This is not very convenient.
igor, are there some instructions to make aswBoot.exe, contained in the latest aswBoot3.zip be used permanently? Simple copying it to system32 is not enough. May be some play with included aswBoot.exe.sum is required?