Author Topic: MS Update on Vista 64bit: "Trustedinstaller.exe" accused as rootkit  (Read 14577 times)

0 Members and 1 Guest are viewing this topic.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88898
  • No support PMs thanks
Re: MS Update on Vista 64bit: "Trustedinstaller.exe" accused as rootkit
« Reply #15 on: July 10, 2010, 04:49:33 PM »
Yes it should be able to be changed as in my reply in another topic, http://forum.avast.com/index.php?topic=61636.msg521086#msg521086.

There is a drop down list in which you can choose Ignore or Delete, whilst avast displays what it considers the best option based on its detection you don't have to choose that option.

By clicking the inverted triangle, see image, it should also show Ignore as an option.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

bo.elam

  • Guest
Re: MS Update on Vista 64bit: "Trustedinstaller.exe" accused as rootkit
« Reply #16 on: July 11, 2010, 02:09:22 AM »
Thanks for your reply s Dave. I know the action can be changed if we don't
experience the problem that Sgt.Schumann had when he tried to choose
ignore. Scares me what he describes here:

"Unfortunately after several clicks in the notification window (I tried to choose "Ignore", there were not much options) it was not possible to close the notification window with a regular button (it was some kind of blocked), so i closed it using the "x", which obviously caused, that this file has been deleted"

Before yesterday I did not know about this automatic "auto anti-rootkit scan"
and after finding out about it, I did some reading and I think we should be able
to have "ignore" on default and if something is detected, then do some search
to make sure the detection is a good one. I have not had a infection for a long
time so I prefer to leave files where they are when they get detected.
Bo

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88898
  • No support PMs thanks
Re: MS Update on Vista 64bit: "Trustedinstaller.exe" accused as rootkit
« Reply #17 on: July 11, 2010, 02:16:10 AM »
I somehow doubt avast would allow setting of default actions the last thing you want is to have all set to Ignore in the event of a genuine rootkit, that could be very dangerous.

I would imagine it would be the same as their policy on allowing a user the option to exclude/ignore and run a file which they consider to be OK, as any such single click option could leave a users system in tatters.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: MS Update on Vista 64bit: "Trustedinstaller.exe" accused as rootkit
« Reply #18 on: July 11, 2010, 02:21:15 AM »
I somehow doubt avast would allow setting of default actions the last thing you want is to have all set to Ignore in the event of a genuine rootkit, that could be very dangerous.

+1
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

bo.elam

  • Guest
Re: MS Update on Vista 64bit: "Trustedinstaller.exe" accused as rootkit
« Reply #19 on: July 11, 2010, 02:42:04 AM »
I agree with you that for most users it would be dangerous but users like
you or me should be allowed (I think) to have ignore as the first action if
something gets detected. I prefer to choose what action to take if a file
gets detected as malware but at the same time I can tell you that 2 years
ago when I was clueless on what actions to take, I would had prefered
that Avast pick the action for me. Today I am not the same clueless user
I was 2 years ago and I have learned how to prevent infections and I know
that my chances of ever again being infected are minuscule. So, if something
gets detected on my PC, most likely it will be a FP. A rootkit infection 2 years
ago is what got me interested on security and I was able to fight it and beat
it. It took me a couple of weeks and after a few days of fighting it, it became
a game that was fun, specially after I beat the infection by myself.
Today I use programs like DefenseWall and Sandboxie together with Avast and
is almost impossible to have a rootkit infection if you learn and use them the
proper way.
Bo