Well I finished my 80G backup and rebooted, and I cant repeat the problem.
Can anyone confirm whether CAVS fingerprints scanned objects as I previously suggested. Both pja and I are newcomers to the CAVS 2 product, and there seems to be a learning “paradigm” in the firewall and elsewhere.
I understand that CAVS 2 is “on life support” pending the release of CAVS 3. Ewen (“panic”) maintains that CAVS 3 is a totally different architecture to CAVS 2, that maybe so, but that would not prevent the reuse of code - I’m sure MS would claim that Office 2007 is a totally different architecture, but there’s an awful lot of code from Office 2003 in the new version.
One of the features of CAVS 2 I like (I’ll change that to love) is HIPS. I feel a lot safer having HIPS and Defense Plus popping up and asking me if I really know what I’m doing, although I suspect that some folks would find it annoying - just as I find Vista’s UAC annoying.
I hope that HIPS or a functional equivalent will find it’s way into CAVS3, it would be sad to see it go.
Back to the original issue - it seems to have gone. I have a fairly “big” system with 700,000+ NTFS objects containing about 6.5M discrete (scan-able)objects, either as native streams or compressed streams in zips, tars and isos.
It seems to me that CAVS and the Firewall are changing their behaviour over time. Initially I was not aware that CAVS scanned outgoing mail, now it a systray message slides up telling me it’s doing so, it did not tell me of updates, now it does. Similarly the firewall has started to tell me of things it learns about software when I run it, mainly the COM services being used. I can assure you that I have not knowingly changed any settings.
I decided to leave CAVS 2 running as my primary av shield, but I’ll continue to do nightly scans with Alvira & Kapersky.
BTW - Its ShellToys not TweakToys - the latter could be an alternative name for X-Setup Pro, which I call Souper Tweaker, its another very useful gadget - like ShellToys it’s also payware.
I doubt that I can add much more to this thread - thanks for all you input and comments