Author Topic: File System Shield Sensitivity  (Read 4085 times)

0 Members and 1 Guest are viewing this topic.

Offline SwordMann

  • Newbie
  • *
  • Posts: 4
  • Seek for experience
File System Shield Sensitivity
« on: August 28, 2015, 07:47:01 PM »
How to adjust sensitivity of the file system shield ?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83321
  • No support PMs thanks
Re: File System Shield Sensitivity
« Reply #1 on: August 28, 2015, 08:45:42 PM »
What is it that you want to do that requires modification of the sensitivity, lower it increase it, enable/disable other elements, etc.

What is it that you are trying to achieve ?
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline SwordMann

  • Newbie
  • *
  • Posts: 4
  • Seek for experience
Re: File System Shield Sensitivity
« Reply #2 on: August 28, 2015, 10:26:04 PM »
Thanks for your reply.
I've try to set the system shield to the maximise as you show on the picture attachment. But, it doesnt seem to fix my issue.
At the setting, I set it to scan when we openeing file, suddenly there are no any warning about the malware when I open a folder that have virus in it ( Dont worry, the virus is manageable ). My curious is, the virus is detected when I open it on my friend's laptop, the antivirus that detect it is same with me and free version. Mine was paid version. I think its impossible Avast Engineer can mislook small thing like this, if anyone could solve my problem. Please let me know, I want to keep my laptop clean from malware..  ;)

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83321
  • No support PMs thanks
Re: File System Shield Sensitivity
« Reply #3 on: August 28, 2015, 10:50:44 PM »
Setting something to the maximum may not resolve your issue if avast doesn't consider it malware or the settings are different.

It also depends on what the other detection was, file name, location and crucially what the malware was called ?
That could give an idea of exactly what area of the file system shield was detecting it and why.

The detections should be the same in the free and paid versions as they use the same virus database and scanning engine.

It isn't advisable to run malware, manageable or otherwise to test your AV, it could well have an impact.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline SwordMann

  • Newbie
  • *
  • Posts: 4
  • Seek for experience
Re: File System Shield Sensitivity
« Reply #4 on: August 28, 2015, 11:33:09 PM »
ConfuseIf Avast virus database doesnt define it as virus, how could it detected as FakeFolder:Trojan on my friend's antivirus ?
Why its not detected on my "premier" antivirus ? The directory is the same, it located on my thumb drive. As you know trojan always leave
leftover. I had to do a full and boot scan to get rid of it. Then, I test my shield with Eject Disk virus, Im sure 6 years old child are possibble to manage that little malware. And the result is still the same, its not detected on my shield but as before it deleted right away when I open
( the folder, not the virus ) in my friend's laptop that using Free version of Avast product.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83321
  • No support PMs thanks
Re: File System Shield Sensitivity
« Reply #5 on: August 29, 2015, 12:25:34 AM »
I though you said that your friend was using avast free ?
That FakeFolder:Trojan is not like any avast malware name that I can recall.

A folder left in a USB drive doesn't necessarily mean there is a piece of malware present. Avast doesn't scan the whole of a USB drive when you plug it in, it only scans activity.

Scanning using an on demand scan isn't the same as the file shield scanner (on-access).
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36686
Re: File System Shield Sensitivity
« Reply #6 on: August 29, 2015, 12:40:06 PM »
Quote
I though you said that your friend was using avast free ?
That FakeFolder:Trojan is not like any avast malware name that I can recall. 
Som searching and i found no detection where avast use that name, but several others
https://www.virustotal.com/en/file/a94f7ed36a1e9a0fa899006d59189f1024e2314122ea7af3d16d7cb0dfaea792/analysis/

Protect/clean your USB devices using this free tool  MCShield  www.mcshield.net/



Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83321
  • No support PMs thanks
Re: File System Shield Sensitivity
« Reply #7 on: August 29, 2015, 03:38:38 PM »
Quote
I though you said that your friend was using avast free ?
That FakeFolder:Trojan is not like any avast malware name that I can recall. 
Som searching and i found no detection where avast use that name, but several others
https://www.virustotal.com/en/file/a94f7ed36a1e9a0fa899006d59189f1024e2314122ea7af3d16d7cb0dfaea792/analysis/

Protect/clean your USB devices using this free tool  MCShield  www.mcshield.net/

Strange that in the VT scan avast finds it as Win32:Trojan-gen.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36686
Re: File System Shield Sensitivity
« Reply #8 on: August 29, 2015, 03:52:56 PM »
Quote
I though you said that your friend was using avast free ?
That FakeFolder:Trojan is not like any avast malware name that I can recall. 
Som searching and i found no detection where avast use that name, but several others
https://www.virustotal.com/en/file/a94f7ed36a1e9a0fa899006d59189f1024e2314122ea7af3d16d7cb0dfaea792/analysis/

Protect/clean your USB devices using this free tool  MCShield  www.mcshield.net/

Strange that in the VT scan avast finds it as Win32:Trojan-gen.
Here is another name from avast
https://www.virustotal.com/en/file/170c926ecc4d646e41bdffc8d6f1f4bff674eec0a320d4f6cb39dc6bdf9a8fa7/analysis/

And another name
https://www.virustotal.com/en/file/c22b7742e06fa7867219cdcd099cca0a5853d81eb613c19986cf22be03b564d6/analysis/

« Last Edit: August 29, 2015, 03:54:55 PM by Pondus »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83321
  • No support PMs thanks
Re: File System Shield Sensitivity
« Reply #9 on: August 29, 2015, 04:27:32 PM »
Even stranger considering the OP isn't getting an alert.

Whilst all of these VT results contain a detection by another AV for FakeFolder:Trojan and avast has differing names for it. But  the SHA256 Id numbers in these 3 different results are all different.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36686
Re: File System Shield Sensitivity
« Reply #10 on: August 29, 2015, 06:49:03 PM »
Quote
But  the SHA256 Id numbers in these 3 different results are all different.
Yes, i just did a search for  FakeFolder:Trojan and found these results, and there are more that i did not list

It was done bc of your comment here to find out if this was a avast detection name, and it seems it is not
Quote
That FakeFolder:Trojan is not like any avast malware name that I can recall.


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36686
Re: File System Shield Sensitivity
« Reply #11 on: August 29, 2015, 06:56:54 PM »
Quote
Even stranger considering the OP isn't getting an alert.
Also consider that he tested using a  Eject Disk virus   if considered harmless, or not something out in the wild anymore avast may not detect
And if just a txt string like Eicar test virus it may not trigger all functions

See here  http://lmgtfy.com/?q=Eject+Disk+virus

« Last Edit: August 29, 2015, 07:00:32 PM by Pondus »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83321
  • No support PMs thanks
Re: File System Shield Sensitivity
« Reply #12 on: August 29, 2015, 07:06:34 PM »
At worst/best, perhaps it could be considered a PUP, which if not enabled wouldn't do anything.

I guess we need more input from the OP.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline SwordMann

  • Newbie
  • *
  • Posts: 4
  • Seek for experience
Re: File System Shield Sensitivity
« Reply #13 on: August 29, 2015, 07:29:38 PM »
As I understand, Avast only scan activity on the USB drive. I have inform you the virus detected right away on the free version of Avast, thats mean somehow the shield is more sensitive. ( Note that both free and premier version of avast shield are customized to max sensitivity ). I dont want to install other shield, I know avast had that feature I just cant figure out how to activate it.