Avast and Orbit Downloader integration

Hello,

I´m currently using Avast 5 free (without real-time shields) and i want to integrate it with Orbit Downloader, in order to automatically scan downloaded files. Which file sould i choose?

  • ashQuick;

  • AvastUI; or

  • VisthAux

Thanks!

That’s the one…!!
asyn

thanks asyn!
but i had this problem: avast detects the virus, but doesn´t apply any action!
I´ve installed avast without any real-time shield, but i configured it to repair\move to quarantine\delete in all kinds off scan.
But it does nothing after the detection ???

You’re welcome…!
asyn

Info from Igor (avast dev):

Right now, the following command-line switches are (= will be) supported: /silent - don't display anything even if malware is found (the difference is only in the return code available to the program that launched ashQuick) /action:delete /action:chest /action:repair

Note that:

  • ashQuick always stops scanning when a first malware is found - that’s the one displayed in the final message. So, the fact that the final message shows some “less critical” malware ([PUP], [Susp]) doesn’t mean there isn’t any worse inside if the file is an archive.
  • the action (delete, chest) always works with the whole file, no matter if it’s an archive or not.
  • we’d really like to avoid turning this simple tool into another full-featured scanned, with the same options as the usual GUI-based scans

Great :slight_smile:
Should i insert “/action:delete” after the path to “ashQuick”, or in “parameter(s)” field?

If the scanned file is\contains a detectable virus, it will be automatically deleted (if possible),correct?

thanks!

  1. Which parameter field are you talking about…??
  2. Yes…!
    asyn

Deletion isn’t really a good first option (you have none left), ‘first do no harm’ don’t delete, send virus to the chest and investigate.

Well, usually I would agree, but we’re talking about a downloader here. :wink:
No need to put infected files in the chest, as nobody would use them (I hope…!) anyway…!!
asyn

Sorry! I was talking about Orbit Downloader options:

http://img94.imageshack.us/img94/6333/semttuloxtx.png

I see, thanks for the screenshot…!
But as I never used it, you have to try it yourself, if this field works… :wink:
asyn

No we aren’t talking about a downloader as such, but the action of hard coding the delete option on the end of the ashquick.exe scan command line in the downloader. Not everything that is detected on a downlaod is going to be malicious as these forums attest. The detections could include PUPs it could also be a possible false positive.

So I always recommend not to delete as a first course of action, but to send it to the chest and investigate.

I have suspicions about Orbit Downloader. I had played World of Warcraft for over 4 years with no problems and shortly after installing Orbit, my account got stolen and all my ingame items were sold off for virtual gold. I did eventually get everything back after a week and have since added an authenticator to the account but I still suspect Orbit of being a factor. I was using the full package of Comodo Internet Security at the time of the hack and got no alerts and I also never found any malware on the system by scanning with MBAM, SAS, Comodo’s AV and since then Avast! How they got me is still a mystery.

You never get any alerts about Orbit, which is in the Comodo’s “Trusted Application” list. But maybe you can see some suspicious connection from Orbit when you set comodo’s firewall setting “Custom Policy Mode” and delete related settings.

FlashGet, which has a suspicion for spyware / adware, is also trusted by Comodo. Since I notice this I cannot trust that list anymore and change firewall settings to “Custom Policy Mode” and make Comodo alert all requests.

  1. True, still I would drop anything suspicious anyway.
  2. It depends what one is downloading. Is it worth investigating or not…
    asyn

I dropped Orbit Downloader not for any suspicious activity (never found any), but for its becoming a pain in the a** after an update changed how it functioned.

I like to just right click on a link and select download with orbit (as it had done previously), but after an update that sent me to the Orbit home page rather than start downloading the file at the other end of the link.

As far as integration with avast and the ashQuick.exe scan that worked just fine.

I do use the Trusted list and have always stated in Comodo forums that it needs to be much larger. I wasn’t talking about alerts for Orbit. I meant alerts for however it was that my WoW account got hacked into. There was never any alert for any suspicious activity. At that time I was still using the HIPS of Comodo which I no longer do.

On Wikipedia they state how Orbit has a phone home component that loads at startup. They also offer a password storing program which further makes me suspicious. Maybe Orbit collects data on your system including passwords? I of course have no proof for this but it was strange how I went 4 years with no problem and then got hacked within a couple of days after installing Orbit. I don’t and won’t use it any more.

I’m still using Orbit 2.8.20 for similar reasons. You can get any of the old versions from http://www.filehippo.com/download_orbit_downloader/. Be sure to untick Check for update automatically in the general preferences.