Hello,

Whenever Avast finds a potential virus it shows you a popup where you can choose to delete or restore the file.
Sometimes I know the file is not harmful and I want to restore it, but when I try to it just shows the same popup again, its like I can’t restore the file.
I have tried disabling avast and then restore the file with no luck.
The only way for me to restore the file is to move it to quarantine and then restore the file which is tedious to do every time.

Does anybody know what causes this problem and how to solve it?

Thanks.

Hi Marcooo4 and welcome to the forums.

I’d wager that your issues stem from running an antivirus program.

Otherwise, what is the point of installing and running?

Website to help you: (If you don’t know already) http://antivirus.about.com/b/2007/03/11/clean-quarantine-or-delete.htm
& https://www.virustotal.com/

Anyway, some settings within avast to look at (see attached:) The settings shown are default. They can be changed by using the drop-down window to select the appropriate action you want.

Click the gear icon in the main program window to check your settings.

Hi Mchain
Thanks for your response

The problem is that I have set my Avast to be very sensitive for viruses so it will detect everything, also files that I know are not harmful to my computer.
I have just checked my settings and it’s set to first ask and if that fails it should take no action but like I said it keeps re-prompting for what to do.

Well, settings I use are different:

• Ask
• Move to chest
• No action

First option, Ask, will allow me to choose the primary action depending on what avast reports the suspicious file type as.

As an example, if it reports as a virus, then Repair would be the option chosen. If a Trojan or worm, then quarantine would be the first option chosen. If neither Repair or Quarantine works then delete would be used, but only as a last resort.

Rather than subject a system to a possible irrecoverable vicious infection, I’d consider setting up a VM (virtual machine) to test and find malicious files. Consider using Virus Total to find and confirm any malicious file behavior within the VM.

Caution: Setting avast to extreme sensitivity will result in too many false positives and the high number of fp’s will lead, over time, to an eventual failure by the operator to block and prevent an actual infection from corrupting the system when the real thing happens. Which is why running a VM is recommended.

A properly set-up VM is your fail-safe.

One of the settings within avast is PUP (Possibly Unwanted Programs) which should be set to automatically quarantine so you can investigate whether the PUP is safe to run or not. If quarantined, and found safe, then restoring it from quarantine, after setting an exclusion, should be a snap.

Default settings are sufficient for the average user and daily scanning is overrated and depreciated, IMO, due to active real-time scanning by your a/v. Real-time scanning is sufficient to protect from harm in almost all cases.

[EDIT:] Related topic?: https://forum.avast.com/index.php?topic=184192.0

I think you don’t quite understand what I am saying.

I am talking about files of which I know are safe to use but are still being reported by avast (eg a crack).
I want to be able to restore/ignore those files instead of having to quarantine them and then adding them to exclusion and restoring them.

If they are crack then avast detection is correct

Oops. Somehow I didn’t know you were running cracked programs. Or are you testing them?

I dont use illegal software, but I was just referring to cracks as an example.

You see, I go to college for networking / system administration so sometimes I tend to run into false positives

Colleges don’t tell you to download cracks and such.

If you go to college for networking / system administration you should already have the basic knowledge needed to know how to use applications like avast (the settings etc.).

I do know how to use avast, I just dont know how to repair/restore a false positive without it being put in the quarentine.
I have considered other av’s but I just like avast better than others.

So, is there a way to simply restore the false positive or not?

So, is there a way to simply restore the false positive or not?

How to report >> https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Have you tested the file(s) at www.virustotal.com if tested before, always click rescan for a fresh result

alternative: www.metascan-online.com / www.jotti.org

To restore something it must have been placed in the virus chest. So your Action options must send it there, Generally my settings start of with Ask - this allows for user input - from here you can choose an action. What it won’t allow is for a file that is considered infected (correctly or not) to be run.

In choosing to sent it to the chest there are other actions which can be taken from there:

1. Send to the virus labs… for further analysis.
2. Restore - which is likely to be detected upon Restoration.
3. Restore and add to exclusions - this is possibly the most useful to you - but you have to be certain it is a false positive or your system is at risk.

There are other options, but the above are most useful.