It seems my Avast Home Edition (VPS: 0647-0, 11/09/2006) is skipping almost everything, see below. Even from this small extract you can see that many (or all?) different file-types are skipped. The report-file quickly becomes very big.
I checked the access rights to these directories and there’s “Full Control” for both the current user and the System . I turned off my Windows defender etc. I even tried turning off Avast on-access protection before running the scan. I just reinstalled Avast yesterday. My Avast Settings → Exclusions is empty. What’s stopping Avast from scanning all these files?
Could it be possible that Avast has been taken over by some Anti-AV trojan or something? Currently I can’t really trust Avast to bring me protection, can I?
Thanks
-Galaxy
P.S. The reason I re-installed Avast was because when I tried to update the database, I got the message “Can not connect to the server”, even though every other application was connecting to internet. Might this be a clue?
APPENDIX: Start of my scan report:
The start of the report:
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atiicdxx.ini [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\OEMInstall.bmp [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\18115_2K.REG [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\18115_XP.REG [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\CPanel.dat [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\CP_2K.REG [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\CP_XP.REG [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\data1.cab [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\data1.hdr [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\data2.cab [E] File was skipped because of scanner settings. (42016)
Did you check to make sure that the folder C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\ wasn’t in the exlusion list ?
did the scanner scan anything ?
Sure it did. This report comes from a quick or standard scan with archive scanning disabled. So, avast! scans only the files it considers potentionally dangerous (i.e. mostly executables). The files you can see here (BMP, INI, REG…) are not of this kind, so they were skipped. I suggest to disable logging of “skipped” files into the report, the list is not very useful indeed.
Also, I’m not sure if you said you are running Microsoft XP?
In addition to doing a Thorough Scan (rather than quick or standard), you could also run from an Administrator account, then you should not get the “skipped file” message.
I modified “Settings → Report file” to notify also about OK files, and now I see that some files indeed are scanned. I was also able to select “Scan archive files” and “Thorough Scan” from the popup-area before scan. Good.
But not great. If you look at the list of files skipped, you’ll see it includes C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atiicdxx.ini and C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\OEMInstall.bmp. Does Avast consider these to be “archive files” as well? But even if it does, I think they should now be scanned with my new settings. These files are NOT (Windows XP) encrypted. (Can Avast handle those?)
A side-note: In the “settings” I’ve set up the log-file size to 4096 KB, but after deleting it and doing a full scan, the log-flie size was 131 MB!
Thanks again
-Galaxy
THE REPORT WITH “NOTIFY ABOUT OK FILES”, “THOROUGH SCAN” and “SCAN ARCHIVE FILES” INCLUDED:
0 [+] is OK
Disk C: Boot Record [+] is OK
C:\amon.exe.lnk [+] is OK
C:\ashAvast.exe.lnk [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\AtiCim.bin [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\AtiCimUn.exe [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\aticds10.dll [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\AtiCIM.dll [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atiicdxx.dll [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atiicdxx.ini [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atiicdxx.msi [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atiicdxx.sys [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atiicdxx.vxd [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atricdxx.dft [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\atricdxx.enu [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\EnumDev.exe [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\BIN\OEMInstall.bmp [E] File was skipped because of scanner settings. (42016)
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CheckVer.exe [+] is OK
C:\ATI\SUPPORT\wxp-w2k-catalyst-8-062-040929a-018115C\CPanel\18115_2K.REG [E] File was skipped because of scanner settings. (42016)
…
I don’t think the report file you posted comes from a “thorough scan”. Could it be the case that you have the report files configured to be appened (i.e. you don’t have the “overwrite report file” option checked) and this piece simply comes from one of the previous scans?
Please note that “log” is not the same as “report”. Limiting the log size imposes size limit on avast! event log - which has very little to do with the report file.
It seem is had to logout/login, and now the skipped files are no longer skipped.
Could it be that you must stop the Avast process before a change in the scan-level takes effect? Yes, indeed it seems to be the case here. I tried changing back to quick scan without archives checking, but to no effect. I cant see any ‘skipped’ files in the report now.
A few sugggestions:
The log-file should tell us the type of the last scan
The main GUI should tell the type of the last scan after it was performed or stopped.
For some reason I can’t change the scan level from the Start Scan -menu. The level as well as the “Scan Archived files” -button show their settings, but can not be changed.