Author Topic: Why the "Chest" rather than "Delete"??  (Read 3402 times)

0 Members and 1 Guest are viewing this topic.

Offline Proteus

  • Jr. Member
  • **
  • Posts: 27
  • Frustrated, confused and disappointed!
Why the "Chest" rather than "Delete"??
« on: September 17, 2009, 07:40:12 PM »
I have read, somewhere or other, that when Avast locates infections and removes them to the Chest, it is better to leave them there for a time than to delete them immediately. To me, this defies logic.

Can someone explain, please?

Offline mikaelrask

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1557
Re: Why the "Chest" rather than "Delete"??
« Reply #1 on: September 17, 2009, 07:47:27 PM »
hey! its better to send it to the virus chest becouse it can be a false threat. and sending a file to the chest its the best thing you can do. from the chest you can analyse the threat more then if you just remove it. hope this answered your question.
Windows 8.1 amd a10-5700 64 bit
12 GB ram 1 tb hard drive. Avast 18, MBAM

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37109
Re: Why the "Chest" rather than "Delete"??
« Reply #2 on: September 17, 2009, 08:01:43 PM »

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 85797
  • No support PMs thanks
Re: Why the "Chest" rather than "Delete"??
« Reply #3 on: September 17, 2009, 09:25:05 PM »
I have read, somewhere or other, that when Avast locates infections and removes them to the Chest, it is better to leave them there for a time than to delete them immediately. To me, this defies logic.

Can someone explain, please?

The adage 'first do no harm' e.g. don't delete as now you have zero options left.

So sending to the chest and then deleting would be the same as deleting it in the first place. As has been mentioned already false positives are a fact of life in security applications (though many simply won't admit to this). Depending on what the malware name of the detection was, it could be Heuristic or generic detections and those are more prone to false positive.

For example the avast Win32:Trojan-gen is generic signature (the -gen at the end of the malware name), so that is trying to catch multiple variants of the same type of malware and is a fine balance between detecting a new variant and detecting something valid as infected.

So you should leave detections in the chest for a few weeks before a) scanning it again in the chest and b) deleting it if it is still detected. During this time (2-3 weeks) you should be watching out for any adverse effect from having sent the file to the chest, error messages, missing file, etc...
« Last Edit: September 17, 2009, 09:27:41 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.697) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Proteus

  • Jr. Member
  • **
  • Posts: 27
  • Frustrated, confused and disappointed!
Re: Why the "Chest" rather than "Delete"??
« Reply #4 on: September 18, 2009, 04:33:38 AM »
Thank you all for the replies... the "Chest" makes sense to me now.

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 85797
  • No support PMs thanks
Re: Why the "Chest" rather than "Delete"??
« Reply #5 on: September 18, 2009, 02:51:06 PM »
You're welcome.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.697) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Cahya Legawa

  • Sr. Member
  • ****
  • Posts: 386
  • Oh, here we are again.
    • My Log
Re: Why the "Chest" rather than "Delete"??
« Reply #6 on: September 18, 2009, 06:55:30 PM »
Thank you all for the replies... the "Chest" makes sense to me now.


Wow, now I understand more about chest function. I only think chest for created secure area for important file, and sending infected or suspicious files before.

Thanks.
Avast Ultimate (Bundle). Windows 10, Android, iOS.