Author Topic: How do I reactivate a program after I hit, "No Action" (Read 3728 times)

Lawyerkill · « **on:** August 19, 2009, 12:01:11 AM »

I made a mistake because I assumed that the, "No Action" button would take, "No Action" and let the program continue, boy was I wrong. Now the program doesn't work at all. Is there anyway I can do to reverse that action so that my program works again. And is there anyway I can set you program to stop your program from flagging it as malware?

DavidR · « **Reply #1 on:** August 19, 2009, 02:19:05 AM »

No action means take none of the actions mentioned in the alert, but there is no way that avast will allow you to run the infected file.

You don't have to reverse any action as none was set.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe

- Or check the source file using notepad C:\Program Files\Alwil Software\Avast4\DATA\log\Warning.log and copy and paste the entry.

Why would you want to allow a file/program that has been detected as infected/suspect to run ?

RejZoR · « **Reply #2 on:** August 19, 2009, 10:07:24 AM »

Quote from: Lawyerkill on August 19, 2009, 12:01:11 AM

I made a mistake because I assumed that the, "No Action" button would take, "No Action" and let the program continue, boy was I wrong. Now the program doesn't work at all. Is there anyway I can do to reverse that action so that my program works again. And is there anyway I can set you program to stop your program from flagging it as malware?

"No action" actually means "Deny access". It doesn't do anything with the file (it's left there on disk), but all access to it is denied to prevent possible infection. You can deal with it on next system boot (usually), if you first disable avast! and deal with the file manually.
Just be careful, because avast! is probably not detecting the file for no reason.

Lawyerkill · « **Reply #3 on:** August 19, 2009, 02:19:15 PM »

Quote from: RejZoR on August 19, 2009, 10:07:24 AM

Quote from: Lawyerkill on August 19, 2009, 12:01:11 AM
I made a mistake because I assumed that the, "No Action" button would take, "No Action" and let the program continue, boy was I wrong. Now the program doesn't work at all. Is there anyway I can do to reverse that action so that my program works again. And is there anyway I can set you program to stop your program from flagging it as malware?

"No action" actually means "Deny access". It doesn't do anything with the file (it's left there on disk), but all access to it is denied to prevent possible infection. You can deal with it on next system boot (usually), if you first disable avast! and deal with the file manually.
Just be careful, because avast! is probably not detecting the file for no reason.

Thanks I tried that and as long as avast is off I can run the file, but the minute I turn avast back on it will not let me access the file.

DavidR · « **Reply #4 on:** August 19, 2009, 02:54:09 PM »

Disabling avast (or excluding the file from scans) to be able to run a suspect file without first having confirmed the detection is bad, is crazy.

That is why I asked the questions to get a better idea of what this is.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

This is the correct way to go about things as if it is confirmed to be a false positive then the file can be submitted to avast to correct the detection and that helps all avast users who might also have this program.

RejZoR · « **Reply #5 on:** August 19, 2009, 04:28:06 PM »

I never said user should run the file. I just said they should then deal with it manually (ie deleting it by hand or disposing it in some other way).

DavidR · « **Reply #6 on:** August 19, 2009, 04:32:20 PM »

My comments weren't directed at you RejZoR but to Lawyerkill's post directly above mine, where he has placed his reply inside the quoted text.

Author Topic: How do I reactivate a program after I hit, "No Action" (Read 3728 times)

Lawyerkill

How do I reactivate a program after I hit, "No Action"

DavidR

Re: How do I reactivate a program after I hit, "No Action"

RejZoR

Re: How do I reactivate a program after I hit, "No Action"

Lawyerkill

Re: How do I reactivate a program after I hit, "No Action"

DavidR

Re: How do I reactivate a program after I hit, "No Action"

RejZoR

Re: How do I reactivate a program after I hit, "No Action"

DavidR

Re: How do I reactivate a program after I hit, "No Action"