Annoying new Avast response to suspect .exe

I was doing the monthly backups of My Documents to an external HDD and suddenly during the copying of one folder an Avast red warning message about a particular .exe file appeared and said it had been sent to the virus chest. The interuption in the copying also seemed to stall the external HDD and as a result it went missing from the desktop.

I restarted the laptop which took an age to shutdown, never a good sign, and when Windows was reloading it crashed almost immediately. A full shutdown and reboot corrected the problem.

The point is that this ‘malicious’ file has been on my laptop for over two years and, more significantly, has been backed up and copied to both that HDD and various flash drives without incident. There was actually a copy of that same file in another folder on the same HDD from an earlier backup.

I know this file is fine so I added it to the global exclusions list.

I back up everything to two different devices and, you guessed it, when I started copying it to the second device too Avast interfered again. So I added that to the exclusion list.

Here’s the cherry on the cake: I decided I didn’t need this hassle and as that particular program wasn’t required any more I sent it to the recyle bin. What did Avast do? Yup, up came the warning message and for the third time today the .exe file was sent to the virus chest.

This is maddening firstly because of the inexplicable new Avast behaviour to start treating the file as suspicious and not being able, apparently, to tag this particular .exe as OK so that when it is backed up it is not treated as some new threat.

BTW the error message includes an "Add to exclusion list " option. I tried using that to start with but if it did anything there was no indication and apparent change in Avast’s treatment of the file.

An option like that requires a confirmation message ie. proof that the action has been enabled. Unfortunately Avast’s virus chest also has a similarly unhelpful GUI - when you click to Restore a file there’s absolutely no confirmation that has been done. Only if you click it again does it tell you the file already exists.

This is poor GUI design.

An option like that requires a confirmation message ie. proof that the action has been enabled. Unfortunately Avast's virus chest also has a similarly unhelpful GUI - when you click to Restore a file there's absolutely no confirmation that has been done. Only if you click it again does it tell you the file already exists.
If it wasn't safe, then you would have gotten a warning as to it being an infection of what ever kind. In this case, No news is good news and your file was restored. :) It all depends on how you look at it.

I think you’ve mixed up your was and wasn’t safe comment.

It was a safe program of that I’m 100% certain. I wouldn’t have minded if Avast had questioned it and allowed me to confirm that and mark it as safe (as Malwarebytes does). But, no, it wades in and sends it to the virus chest for no good reason.

The ‘suspicious’ .exe if scanned in the virus chest immediately after it has been moved there shows up as safe every time. You use the restore option and try to copy it somewhere else and wham, Avast flings it
back into the virus chest with the new transfer location shown as where the problem was. It is inexplicably stupid behaviour that even when the original file you’re backing up is on the exclusion list this happens.

When the Avast warning dialogue box comes up why not give the user a choice whether to send it to the virus chest or not? Don’t just do it, ask. At the same point be able add it to a list of files (and have that confirmed) which the user has decided are safe on their own responsibility. As it is you have to go through the hassle of adding it to the exclusion list AFTER the event.

What Avast’s behaviour now means that if you happen to chose another USB port or drive letter for the device you’re backing up to that file will again be treated as suspicious. Isn’t it ridiculous that merely transfering something to the recycle bin resulted in it being sent to the virus chest again?

Hi I like the old way you could set avast to ask before it did anything to a file.

If it was not safe why did Avast allow it to be placed in his documents. It should have flagged then if it as suspicious then

Exactly, good question.

Another question is why, when you’ve scanned it in the virus chest and it has been deemed OK, and you’ve decided to restore it the file isn’t automatically or, better, you have a menu option to mark it as safe rather than have to go and manually add it to exclusion list.

Another thing I didn’t mention is that I also have the later (Beta) preferred version of exactly the same program in a sub-folder of the same parent folder where this ‘suspicious’ .exe was located. Avast, so far, has had no problems with copying or using it.