What settings on Avast 8 to make sure no auto-delete of system/important files?

Discussion in 'other anti-virus software' started by nine9s, Mar 14, 2013.

Thread Status:
Not open for further replies.
  1. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    There is a report today that AVG has detected some Windows files as virus and in some cases deleted them.

    Because of that scare of that different AV, I want to make sure that my settings would keep Avast 8 from ever auto-deleting any important files if a false positive like that occurred.

    Here are my settings for "Action"

    File System: Virus: Move-Ask-No PUP: Move-Ask-No SUS: Move-Ask-No
    Mail: Virus:Move-Ask-Delete PUP: move-ask-no SUS: Move-Ask-no
    P2P: Virus:Move-Ask-Delete PUP: move-ask-no SUS: Move-Ask-no
    IM: Virus:Move-Ask-Delete PUP: move-ask-no SUS: Move-Ask-no
    Behavior: Ask

    I assume the Mail, P2P and IM shields would not have barring on Windows or System files, so I left 3rd action to delete on virus.

    Will those setting keep Avast from every auto-deleting a Windows or other important system file (quarantine but not delete)? Or should I use different settings to guarantee no auto-delete? Are there any settings, besides Action, to change?
     
  2. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    AVG has a bit flawed system as they keep on detecting system files. avast! on the other hand had similar incident a while ago, but they have implemented a system wide whitelisting and doublechecking system. Unless something bizarre happens, avast! will never detect a system file as malware by mistake and delete it directly. Even boot-time scan warns you if you're about to clean a file located in system folders.

    So i wouldn't really worry with avast!...
     
  3. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Thanks. Any vulnerability from those settings - am I okay security-wise with those settings versus having delete as a 3rd?
     
  4. vlk

    vlk AV Expert

    Joined:
    Dec 26, 2002
    Posts:
    618
    We have just recently ( for v8 ) improved the mechanisms that should prevent Avast from deleting/quarantining a system file like this.

    Thanks
    Vlk
     
    Last edited: Mar 15, 2013
  5. qakbot

    qakbot Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    380
    Really. How do they know its a 'system file'.
     
  6. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Whitelisted. All system files are fingerprinted. If AV detects it with signature but its verification says it's fingerprinted as system file, it will treat it differently.

    If the file has indeed been modified (some patcher malware do this), then it checks based on path. Anything within Windows folder is treated differently than files outside Windows folder. Same applies to Boot-time Scan as well, though user can process even system files but you get warned each and every time. Well, at least it was this way in v7. Maybe they changed behavior in v8, i haven't checked yet...
     
Loading...
Thread Status:
Not open for further replies.