I do NOT have any automatic scans set. Avast is not set to take any automatic or scheduled actions other than updating the virus definitions. So why the hell does it SNOOP through all the files on my C: drive at least once a day???
Over the course of 2-3 minutes, Process Monitor caught Avast making over a million accesses to my C: drive. A small sampling of the files that it accessed;
If there are no automatic or scheduled scans set, why is it looking at these files? Is it snooping through my drive for information it can sell to advertisers?
You do realize it’s an antivirus that scans things on-access? It doesn’t have to be you executing or accessing the files. It can be Windows search, prefetch, Steam client doing updates, numerous things. avast! just intercepts access events and scans said files. There is nothing evil behind it and every antivirus will behave the same minus certain differences because they don’t scan same scope of files and in exact same way.
I work in the (security) industry, and this is exactly what Avast! is doing, on-access scans. There is nothing abnormal about this activity. You’d be hard-pressed to find any reputable anti-virus that doesn’t implement OAS. This activity is prevant in the Enterprise space as well. Applications like McAfee (ePO) will have OAS for emails, file access, downloads etc.
The Coronavirus isn’t the only new virus out there.
New security breaches happen constantly. The only way to stay protected,
is for your AV to scan and have access to every part of your system.
Bob, are you talking about the newest Coronavirus? Because 2019-nCoV is NOT SARS. The SARS infection happened back in '03, the newest one is yet to be officially named to my knowledge.
You missed the point of Rej’s clarification. Any time you open a file (images, exes, doc(x), ppt(x), etc) Avast! will scan it do make sure it’s not doing anything malicious. Evidently, you don’t know why Avast! would chose to scan documents… so let me point you in the right direction. Emotet, quite possibly the most prevalent piece of malware is spread using an exploitation in word documents. It’s highly effective, extremely dangerous, and unfortunately for most users, they’d never think “Oh, that PNG or DOCX file could contain malware!”.
The United Nations (yes, the UN) was recently hit with a cyber attack using none other then Emotet. Last confirmed report I had indicated 40+ core servers compromised in the attack.
That is why Avast! is scanning documents/exe/images/dlls that are opened. This is perfectly normal behaviour for any antivirus. In fact, I’d say if it WASN’T doing it, I’d be suspicious.
I just gave those as an example. Also Windows Search DOES things on its own. It’s called Search Indexing. Processes are also often nested where you need to expand them to see what’s really running. It can be bunch of things that trigger scanning. It can be Search Indexing, thumbnail generation or preview generation, updates, god knows what, it’s hard to tell as there is always a lot going on inside OS. It could even be OS triggered event that invokes scanning. I can just say for certain it’s nothing bad. All antiviruses do this. It’s literally their job to keep an eye on files. Old days of daily scrubbing of drives with manually started scans are long gone, real-time scanning does that job done in, well, real-time as changes happen.