avast! treatment

Hi again! ;D
I have a question.
On the forum avast.ru (Привет, россияне! :smiley: - in translate it means: “Hello, Russians! :D”) we are discussing topic about malware’s treatment by avast! (and by some other antiviruses): http://www.avast.ru/forum/viewtopic.php?t=1905&sid=680315f22532515394e85d433c91ae32
We know about VRDB-method and we know how does it work. But we want to know does avast! have another methods with help of which it can treat malwares or it’s the only way?
Can avast! treat files (not PC - we know it can) without VRDB? What methods does avast! use?
Also, I think there are differs in treatment between avast! HE and avast! Pro versions, am I right?

Any help is greatly appriciated!

Avast Home and Avast Pro use the same engine

You can see here, what things that differs from home vs. pro:

http://www.avast.com/eng/av4_version_comp.html

In the Pro-version you have a script-blocker, and you can define your own antivirus tasks and work with the task results (actions on infected files)

´
I’ll expeculate… if there is avast Cleaner that could be run without VRDB.
And, we know that avast Cleaner features (cleaning) are present into the virus database.
So, there are other methods besides VRDB to clean (treat) malware: the ones present into the vps file.
Hope someone from Alwil could confirm my mind…

Bluesman, Tech, thanks.
To avoid some misunderstanding could take place, let me explain.
I thing that,
malware is any destructive code,
cleaning - removing whole file or moving it to quarantine,
treating - some operations which:
1) remove any destructive code from a file,
2) wipe off destructive code in a file,
3) restore the original state of a file.
May be I wrong and don’t understand something.

We know that avast! can do cleaning and can restore original code of a file (by means of VRDB, but only if it’s executable file and VRDB was created).
So, does avast! have other methods (besides restoring code from VRDB) to treat infected file?
Can avast! remove or wipe off destructive code (or do something else)?

Sometimes it has great meaning, because of information value’s.

As Tech said there is the avast! Anti-virus Cleaner is used to clean specific/limited virus/worm infections, listed on that page. This doesn’t require the VRDB and I believe if one of those virus/worms is detected by the main avast program it runs the cleaner to deal with the virus/worm infection. This should clean/remove any code and restore the file to its original state.

Ups…
Tech, DavidR, you are right, thanks!
It’s my mistake, I’m so confused :-X. We were carried away with discussion about VRDB and forgot about avast! Anti-virus Cleaner!
It must be mentioned and discussed!
Thank you! :smiley:

Yes, it seems so: avast does have other methods, beside VRDB, to clean files and infections 8)

Tech, thanks.
I didn’t think that avast! Virus Cleaner is integrated (built directly) into the avast! Antivirus, I foolishly thought that VRDB is the only way to treat malwares. It shows how important to read the help files thoroughly.
Many thanks for your answers.

One another question: which files are stored in VRDB (I mean only system’s or some others too)? Could you answer?
Thanks.

P.S.: it would be great if users could choose files which can be stored in VRDB. IMHO.

Executable files INFO (not the all files themselves) that allow further recovering: .exe, .com, self executables.

VRDB is NOT a backup feature. Just like the name says: Virus Recovery DataBase.
So, if avast can’t repair using the information stored on VRDB, why store it?
Besides, only a small part of each executable file is stored, not the complete files, so, I see no reason to choose.
If you need this feature, you need a backup tool :wink:

Tech, thanks. As for me, your answer are very helpfull. :smiley:
Your’ve said: “So, if avast can’t repair using the information stored on VRDB, why store it?”
I see, It’s right. :wink:
VRDB stores a tree of small parts of each executable file, but actually user can’t choose what parts he really need to store in VRDB (he has choice only what part to restore).
Thanks.

P.S.: I’m sorry, sometimes it’s difficult for me to put into words what I think\mean.

You’re not the only one… all of us have this disease ;D

Tech, nice joke :wink:

Let me say some words about the ending of our discussion (about malware’s treatment with avast!).

avast! (both versions - Home Edition and Professional Edition) can cure computer and files from viruses. Moreover for these aims avast! uses two technologies:

  1. avast! Virus Cleaner - an utility built-in into avast!, which cures the infected files, but only from limited amount virus (probably, the most wide-spread), which list increases.
  2. VRDB - a branded development ALWIL, which helps to restore original state of the file after contamination, but provided that:
  • the infected file is executable,
  • earlier VRDB was created,
  • in VRDB were kept small parts of the code of the infected file,
  • a virus has damaged only recorded in VRDB area of the code or it’s parts (thanks to sidrom :D).
    If for file was created several VRDB’s, avast! will offer on choice given from three last bases.
    Thereby if virus can’t be cured with the help of avast! Virus Cleaner and it’s code isn’t kept in VRDB, that remains three variants:
  • rename (for trojan’s),
  • move in vault,
  • delete (with the help of avast! Virus Cleaner, which will clean the system from trace of activity of this virus).

What do you think about it? It’s very interesting for me to know your opinion. ::slight_smile:

No. The cleanable virus are the ones which infect executable files. Not necessarely the most spread ones.
In fact, there were few updates of the Cleaner tool nowadays…

No. I don’t think so. The last, clean version will be restored. But, indeed, executables are ‘fixed’ files, does not change frequently.

In this case, only the infected file will be deleted, not other malware actions (links added, changes on registry). So, the last part of your assumption is, in my opinion, wrong.

Tech, thanks. :wink:

Good remark! :smiley:

I don’t think you are right. :-[ In avast! help file I’ve read:

avast! creates an integrity database, i.e. it stores information about the actual state of the files, doing it three versions back for each file
If any file is infected by a virus, it is possible to repair it, i.e. turn it to its original state. If there are multiple versions of the file in the database, you can choose which version you want to restore.