Author Topic: Tell it "NO!" (Read 3428 times)

bmoner · « **on:** June 22, 2008, 02:07:05 AM »

I was wondering, how can I configure avast to make sure that it never scans, reads or reacts to items in a specific HDD?

I develop programs that have an *.exe extension, but when I go into the folder that my program(s) is kept in; avast screams at me saying it's found a virus (which it hasn't). And although I tell it to "Do Nothing" to that file, I lose all functionality of that file/program after I hit "Do Nothing" and end up having to rebuild or recompile a new program.

How can I stop this?

DavidR · « **Reply #1 on:** June 22, 2008, 03:12:00 AM »

By excluding the file/s not the drive which would leave a gaping hole in your security.

Telling it to do nothing just tells avast not to take any action (move, delete, etc.) but it won't allow a suspect/infected file to be run.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections.

What is the purpose of these files ?

Add it to the exclusions lists:
Standard Shield, Customize, Advanced, Add and
Program Settings, Exclusions (right click the avast ' a ' icon)

Exclusions should only be done if you confirm that the detection is false.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently over 30 different scanners. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

RejZoR · « **Reply #2 on:** June 22, 2008, 10:03:49 AM »

"No action" equals to "Deny access". This means that file will in fact be left there but access to it will be denied in order to prevent possible infection.

bmoner · « **Reply #3 on:** June 22, 2008, 06:07:26 PM »

Thanks. This exclusion will not be on my main drive, but on an external that I do all of my developing on. SO it won't be that big of a risk for my system.

I'll definitely try what you suggested DavidR and see if that works for me.

DavidR · « **Reply #4 on:** June 22, 2008, 06:34:27 PM »

No problem, glad I could help.

There are times when excluding external drives can be awkward as the drive letter may change depending on what usb storage devices you might have. You can use the ? wildcard, which is for a single character, like ?:\ this would be for any drive letter, followed by the location and file/s you want to exclude.

Welcome to the forums.

Lisandro · « **Reply #5 on:** June 22, 2008, 11:06:45 PM »

Quote from: bmoner on June 22, 2008, 06:07:26 PM

Thanks. This exclusion will not be on my main drive, but on an external that I do all of my developing on. SO it won't be that big of a risk for my system.

I think so... there are a lot of infections that come with non-fixed drivers.
Exclude only the file in question (or a folder with your *.exe files) only.
If you submit it to avast, they can correct the false positive detection like David said.

Author Topic: Tell it "NO!" (Read 3428 times)

bmoner

Tell it "NO!"

DavidR

Re: Tell it "NO!"

RejZoR

Re: Tell it "NO!"

bmoner

Re: Tell it "NO!"

DavidR

Re: Tell it "NO!"

Lisandro

Re: Tell it "NO!"