xAV.TEAM:[6.0.1091][SOLVED]-Repetitive scanning of trust program(in autosandbox)

Hi All.
Hi Avast Team.

Autosandbox asks me what to do to crtlvol.exe (acer hardware volume control).
I say: run normally and remember my answer.

Problem: Whenever I run the crtlvol.exe FileSystemShield scans the file for each call I make I (FN + key Up or Down [volume setting]). This slows down the system until the completion of all keyboard input produced by the volume keys.
(Transient cache is on).
Want to send the file?
Let me know, thanks.

[color=red] Now with the 6.0.1086 is worse than before.
But at least you have heard me, Avast Software???
See png image.

[b]
Oooook! With 6.0.1091 the problem is solved.
Thanks all You.
Thanks PK.
Thanks Avast! Software.

Add the prog to the exlusion list in Filesystem Shield expert settings.

Hi All.
Hi Zyndstoff.
With the inclusion in the exclusions file list is no longer scanned by the File System Shield.
However this is wrong. In fact, avast must scan this file as I have previously decided, namely:

  1. no autosandbox (default: run: always normally);
  2. transient cache = on, then scan the file and then re-scan after updating signatures.
    Thanks.

Then I do not know what you are asking for. Either exclude it, or live with the normal behaviour. When a program is run, it is scanned.

I don’t see the point.

However: add the prog to the exclusion list and have it excluded on “execute” and “read” operations only.
This way it will be scanned only when writing the file, making sure that no malicious file will be written (e.g. driver update).

Hi GaAs
There have been a number of cases like this - files continually scanned by the File System Shield. I’ll PM you with a contact to initially send the file name to.

Hi Zyndstoff.
I know exactly what you say.
But the point is: if avast is designed to make a single scan of that file (as I have said many times) and is designed to do another only if the signatures are updated, why I have to lose time in useless settings?
What I reported is an unequivocal sign that something in the code of avast is to be reviewed.
Thanks.

Yes, I understand that. I am sure, your message reaches Avast devs.
In the meantime, until the bug is straightened out, I tried to offer some kind of workaround.
Sorry if that wasn’t wished for.

Thanks Vladimyr.
Sorry if I ask you: What do you mean by “PM”?. I’m not very good at speaking English. With the abbreviations … even worse.
Sorry again. ;D

PM = Personal Message
http://en.wikipedia.org/wiki/Personal_message

No, you’re wrong. Your solution I have appreciated very much.
I meant only that the Avast team in my opinion must correct this problem.
Sorry if I made them understand each other.
Unfortunately, to write in a different language and have no direct contact with the other party sometimes it is difficult to express what they really think.
Thanks again, my Friend.

Thank you very much to you Asyn.
:wink:

You’re welcome…!

Oh, okay. Misunderstandings… 8)

Now with the 6.0.1086 is worse than before.
But at least you have heard me, Avast Software???

[s]I think you’re familiar with Process Monitor tool.

Please run this tool, start capturing events. Increase/Decrease volume with FN key (= so crtlvol.exe gets involved). Stop gathering data in Process Monitor, save the log (select “All events”), compress & upload log file to our ftp. Thanks.[/s]

not needed anymore

Ooooooooook!
Thanks a lot PK.
:wink:

Oooook! With 6.0.1091 the problem is solved.
Thanks all You.
Thanks PK.
Thanks Avast! Software. ;D

See? I told you: the devs are watching. ;D

Have fun.