First of all I would like to say that I’m a brand new user of Avast (two days old), and this is my first visit to the forum. I’m glad to be here.
I would appreciate your help with the following two things:
Last night’s scan, revealed some files that Avast characterized as viruses/suspect files, and as a result during the scan it placed them inside the Virus Chest. Fine up to here. I wanted to restore some of them back to their original position, so I right-clicked them from inside the Chest, and chose the “Restore” option.
The files were restored (I checked), but I still see them inside the Virus Chest. Is this normal for Avast, i.e., after you restore files from the Chest, to still see them inside the Chest?
2.One of these files, when restored, it was picked up by SAS (with real time protection) as suspect. So SAS, places it in Quarantine. Fine. I go to SAS Quarantine options, try to restore it (fine, so it does), but then Avast Real time Shield comes and places it again in the Virus Chest. So, I’m in a kind of a loop here.
Despite the fact that in the Avast Options, (both for On-demand & Real time) I have excluded the specific file, Avast does not let me restore the file, i.e., when placed out of the quarantine from SAS, it picks it up again. Is there a way to make Avast leave this file alone?
I would really appreciate your help with these two issues please. Thank you very much in advance guys.
You could also use the option “Submit to virus lab…” in the Virus Chest by right-clicking the suspect file to let the avast! team check if it’s a false positive.
For #2, yes I have excluded the right file. Maybe to exclude a file, from real-time shield (and/or on demand scanning), I have to first disable the Avast! protection.
I just did, and the file this time was NOT picked up from Avast when restoring back from SAS. So, it sits now in the original folder.
@True Indian: It’s what I did in the first place. But with no results. Once I disabled Avast, and followed the same procedure, and then enable it back on, I had the required results.
Now Avast leaves the file alone, in its original position (since I asked it to exclude it).
So it looks the trick is to able/disable Avast. At least for this file. For other files, the procedure works without disabling first Avast. That’s a bit odd, isn’t it?
The exclusion took place at both General Settings and the Real-Time Shield/File System Shield/Expert Settings. The whole folder was excluded. How could I have excluded only the file since I couldn’t see it.
I want to exclude this file. Is as simple as that mate. No need to wonder about it.
Thanks a lot,
Frank.
PS. Sorry for the bump. ady4um hadn’t posted yet when I was typing my previous answer.
Thanks for the reply. How can I see which Shield is detecting the issue? For example at the File System Shield currently the notification stands at:
Files Scanned/ Infected: 1595/0.
If I remember correctly, before successful exclusion took place, the score was 1595/1. I therefore assumed that it was the File System Shield detecting the issue, since on top of that, the Behavioral Shield was at “0 infected”. All other shields, were not relevant.
I therefore added the file, to the File System Shield Exclusion Zone. So adding the detected suspect file to an exclusion, alters the respective Shield notification as well?
Well, you are not willing to post any additional info about the suspect so how can I tell you specifics?
Avast has logs. In the chest you can re-scan the file and read at least part of the message.
If indeed the File System Shield is the (only) one detecting this suspect, and I would be interested in excluding it, I would add the exclusion there, as you said you did.
But the file may be trying to communicate, or trying to “activate” something else. So maybe the Network Shield is in place too.
You should post the specific information in the “Viruses and Worms” subforum.
BTW, if you were willing to post more info, like the exact code you added to the exclusions, then maybe we would be able to give you a specific answer.
It is “rare” (at least to me) to request free help from pear users but refuse to add simple info (like the VT reports). Well, probably that’s just me.
I performed a scan last night and I also had Avast place files it categorized as corrupt into the chest. This morning my PC will only perform a repeat boot from the blue screen. How do I restore my files?
avast! doesn’t place corrupted files into Chest (actually, it doesn’t offer/allow any action on them if they are just corrupted) - unless there’s a real detection in the files.
Frank Bullitt: what exactly did you set as the exclusion? It should match the file path reported in the detection popup.
Btw, are you saying that the detection happened right when you performed the “Restore” command, or rather after you tried to start the application? If it’s the first case, what was reported as the requesting process?
