Hi,
What could be the correct setting for this type of action.
Let us say I have got a file infected.abc before installing AVAST on my system. After I install AVAST, Now if I double click this file AVAST should ONLY deny access.
But now if some process tries to create the file infected.abc somewhere else in my system , AVAST should promptly delete it as per the user choice.
Now I have set the File system shield actions as REPAIR and then NO ACTION.
If I unzip a few sample virus files , I get the AVAST alerts ,and also find the files are indeed unzipped. Now if I double click those files , I get the WINDOWS alert that it is virus infected.THe process can be saved by AVAST already deleting the file at the time of creation.
If I choose the action as repair and delete in AVAST , I find some files which may have been already created (before installing AVAST) are deleted if I click them wheras I want AVAST to only prevent access.
One drawback of that is that, if avast cannot repair a file that has already been infected, it will do nothing. For example, a variant of file infector Sality causes corruption of files it infects. If, by any case, avast detects it, it won’t be repaired because of the corrupt data. Thus, avast will instead, leave the infected file alone and will not handle it.
I suggest, you may add an option to put it to chest if ever repairing does not work. With this, you can still restore files that are moved to chest (not deleted wink) Hope it helps.
I think that Vlk or Igor mentioned the action Following Ask should be No Action, something to do with the if fails then, in theory Ask shouldn’t fail as it will sit there waiting for input.
For me Ask is generally my first action as I want total control on any action rather than any automated action, then I had Move to chest, this is where the contention comes in as I got the impression by their comment that it wouldn’t work.
Since Repair only works on true virus infections and only ones for which there is an avast repair routine, I don’t see this being a very common action.
So perhaps it is best to leave it on the default settings for non-control freaks like me ;D
Makes sense. But I’d rather use a non-sense setting, just in case of the GUI can’t be shown and the file went to the third action. Ask should stop the chain of course
It’s a very short option… but, anyway, it’s there and it will take seconds to avast to jump to the second action
It seems we both like to be in control, Dave…
Anyway, I think everyone has his own approach to these settings, but exactly that’s the wonderful thing about avast - its great flexibility…!!
asyn
Sorry! That was an inadvertent mistake. I do use AVIRA in one of my PCs. But as I said earlier I consider AVAST to be of great potential to be amongst the top.
It is my understanding that “deny access” is the same as “blocking,” which would be the same as Avast putting the malware in the Virus Chest where it is a protected area from your HDD. From the Virus Chest, you could do both Option #1 and #2 as you stated in your prior post.
By Avast moving a file to the Chest, the Chest is a “safe area” where it cannot harm your machine. Say for example the detection was a false positive (FP) or a system file that you might need. However by putting it in the Chest, Avast constantly updates its definitions and you can then rescan your machine. You can rescan the item in the Chest and may find out that this item was a FP and can then restore it from the Chest. This would be especially important if this was a system file or another important file. That is why we recommend to users to keep items in the Chest for a minimum of 2 weeks and up to a month; during this time you can rescan weekly to see if the file is still infected or not.
Once you delete a file…it’s gone forever. So by putting it in the Chest, at least you have the file in a safe area that you can restore it from, but it is locked away from the rest of your machine where it can do no harm.
Avast does deny/block access if you are surfing, mail, etc. For example it will block you from entering sites. It depends what actions you are doing at the time.
Thanks for the reply. But in case I am damnest sure that a particular file has been time tested , I could add it as an exception in the first place. I would not have to go thru the procedure of restoring it from chest and then add an exception. Would not know if I am right but elsewhere I found this type of choice in a couple of AVs.
You could do this if you are absolutely sure about the file, but I would not recommend it. I personally do not like playing with fire. I therefore put more trust in Avast, report the file as a possible FP, rescan it while leaving it in the Chest and do not add it as an exception for the possibility of infecting my machine until I know all is clear.
Afterall, putting a file under “denied access” is no different from quarantining it in Virus Chest. So, I guess, the said condition of Repair > Ask > Chest is just fine.
