Ummm. I did have 11.2.2261, but decided to upgrade with my new security paradigm, and the approaching merger. So I downloaded and installed 12.3.2280 over the old one, in Admin as always.

All went well, no visible objections from Avast or Windows–see sig for tawdry details. I enabled only File Shield, as that’s my only need for AV, but kept Reputation Services and Cyber Capture.

Reboot, log into my user account, still no dramas, relax! Put VoodooShield back into SmartMode, shut down and go to bed.

(Lunchtime) today. Light up the box and… Whoa!!! Monstrous disk activity on the login screen. I always expect a little, as I’m sure Windows does a quick scandisk and defrag on C:\ while waiting for logon, but that only lasts about 60 seconds and goes quiet. This time, I shut down at 25 minutes, waited about 2 minutes and restarted. At 10 minutes in I killed the router. At 28 minutes I couldn’t wait any longer, logged in as user and lit up Task Manager, then Resource Monitor. Here’s three pics:

https://www.dropbox.com/s/idnf2379ah2e1mt/LogOnCPU.png?dl=1

https://www.dropbox.com/s/i1l8ltc1ytlbmt4/LogOnDisk.png?dl=1

https://www.dropbox.com/s/b29vcucihlkxxt2/LogOnMemory.png?dl=1

So is there something I need to know? Apart from the fact I’m only guessing what WIndows does on the logon screen since I can’t find anybody willing to confess, there should be no userspace program running at this time.

Look, I don’t mind if Avast wants to spend lots of my bandwidth copying my system to the Cloud–I have lots of disreputable software. But it would be nice, not to mention polite and mannerly to tell me what it’s doing. Especially if it’s doing it under the logon screen.

EDIT: make images visible

First problem I notice is that you are running avast and Voodooshield at the same time.
One of them has to go.
https://blog.kaspersky.com/multiple-antivirus-programs-bad-idea/2670/

And why do you want us to download the images ?
There is no need for it.
Simply attach them to your post.

Sorry about the images Eddy, it’s been a long time since I did something like this. I’ve fixed it already.

I don’t see anything strange.

Only thing I see from avast is the updater (likely) finishing the installation.

Shouldn’t the installation have been finished last night? Anyway, I told the updater to ask me first in the preferences before it did anything silly. It’s allowed to update the signatures etc, but everything else waits for my permission.

No, as some things only can finish after a reboot.

OK, I’ll accept I should have removed the old version to do a clean install. My excuse is I’ve just done a number of updates which were really smooth like chocolate experiences of updating into the existing folder over the existing version and the installer takes care of everything. Not even a reboot needed. K-Lite Codec Pack and Oracle Java are especially liquid like a fresh lager in this respect

So I scraped out every remnant of 2261 and then rebooted and reinstalled and rebooted. So far, good.

Voodoo Shield is not an anti-virus and is compatible with all anti-virus solutions.

Just a tip, CyberCapture won’t work without Web Shield!

Hi RejZoR - OK, I’ll disable it. Maybe I should have read the Help file before I installed I take it that perhaps Reputation Services is also superfluous?

Thanks @digmor crusher - I used to run CryptoPrevent, but VS does more with less fuss. It’s now my premier defence, with Avast as backup and counter-intelligence: it’s still possible for a hostile or hijacked page to drop a file, hopefully to be picked up by Avast at the loading dock.

No matter what others say, the current AV paradigm ain’t goin’ nowhere any time soon: “The files ma’am, just the files!”

No no no, if you don’t have Web Shield installed, CyberCapture doesn’t function. You also lose quite a lot of proactive protection capability from the Web Shield (malicious URL blocking), that’s why I think it would be smart to install it.

Aaaahh, erm, I think we should agree to disagree There’s no reason on earth I should expect my conservative browsing to never produce an unwelcome surprise, it happened the other day on Major Geeks, when one of their advertising panels decided it needed the primary page to tell me something smelly.

And another site has questionable practices, but they’re good enough to let me press F7 before I go there, and all their annoyances don’t happen, but the site otherwise functions just fine. I hope they don’t read this, they’ll know I’m talking about them and rejig the site

Having said all that, it’s a bit like walking home on a dark night. There’s an interesting discussion on Wilders at https://www.wilderssecurity.com/threads/interesting-antiransomware-freeware.391031/#post-2642247, dealing with the probability of being pinged. Actually, it’s not so much walking home on a dark night, but a sober risk assessment: the probability multiplied by the value of the devastation. How you interpret the assessment depends entirely on your personal outlook, so some take a dark view of the clouds, and some take a sunny view…

VS and Avast are not my only tools, just the ones in my sig, as is SuRun. Just for instance, my email client is one of the very few that allows me a TLS solution for connection to my email server. There is another one, I’ll think of it one day. It also allows automatic script removal from incoming emails, as well as total HTML removal with extraction of text. And–of course–the facility to write all outgoing as text-only.

For me, online security is no different from taking my car to work or the shops or a simple country run. Avast will (at least the next few months) be my preferred counter-intelligence solution, but only for files and root-kits. VoodooShield cannot yet handle root-kits.

Talking about root-kits, I see in the Troubleshooting Settings “Enable rootkit scan on system startup”. Does this run in the post-boot initial logon screen? The bit where AFAIK no userspace applications can run and it’s waiting for me to press Ctrl-Alt-Del? I ask because that’s where I would look for root-kits, before any user actually gets to have them screw his day.