Author Topic: [Resolved] What happened to the Ignore Virus Targeting option (Avast! 5.0.594)?  (Read 7691 times)

0 Members and 1 Guest are viewing this topic.

MostlyHarmless

  • Guest
Until recently, there was an Ignore Virus Targeting option in the Sensitivity settings of the Custom scan - Why has it been removed?

« Last Edit: August 17, 2010, 03:39:10 PM by MostlyHarmless »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88898
  • No support PMs thanks
Possibly because a) the name itself was somewhat confusing and b) those that did venture into those shark infested waters, by checking the option got the shock of their lives when they got lots of alerts (as many such forum posts attest).
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

MostlyHarmless

  • Guest
Ah, you see, you said much the same thing when you replied to my Scan Results: Select the required action for each result and click "Apply" thread back in Feb, 2010  ;D And I said: "But surely if I disabling this feature, I'm removing a layer of inspection during my custom scans?"

The Ignore Virus Targeting option should have been labeled 'Virus Targeting' instead, and it should have been set to 'on' as default. It should also have come with a caveat next to it informing people that if they wish to swim with sharks they shouldn't complain if they get bitten.
« Last Edit: July 27, 2010, 07:39:49 PM by MostlyHarmless »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88898
  • No support PMs thanks
Sorry I can't agree about it being on by default as this forum would have been lit up like a Christmas tree and not the posts as a result of people having enabled it not knowing exactly what it was or the effects of enabling it (as you yourself found in the post that you refer to).

I agree the naming should have been changed (a moot point since they have removed the option) as I have said as much before.

The problem with calling it Virus Targeting is a but off the target also as avast is already targeting viruses, so it isn't a simple clear option name, it requires a degree of explanation of what it does (not much room in the UI for that) and that explanation exists in the Help file, but who reads that before making any changes (as we frequently find).

Quote from: Extract of help file
Ignore virus targeting - if this box is checked, all files will be tested against all of the current virus definitions. If it is not checked, files will be tested only against those viruses that target the particular type of file, for example, the program will not look for viruses that normally affect files with a ".exe" extension, in files with a ".com" extension.

Even that longer explanation doesn't say it is also likely to cause unencrypted virus signatures of other security applications being detected.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

MostlyHarmless

  • Guest
Quote
Ignore virus targeting -
If this box is checked, all files will be tested against all of the current virus definitions.
If it is not checked, files will be tested only against those viruses that target the particular type of file, for example, the program will not look for viruses that normally affect files with a ".exe" extension, in files with a ".com" extension.
I'm pretty sure that when it was available, the box was not checked, I.E. Avast! was using virus targeting as its default setting.

I'm simply saying that if I'm running a user defined Custom scan I want the choice to have all files tested against all of the current virus definitions, and not have files tested only against those viruses that target the particular type of file, E.G. the program will not look for viruses that normally affect files with a ".exe" extension, in files with a ".com" extension.

Quote
...it requires a degree of explanation of what it does (not much room in the UI for that) and that explanation exists in the Help file, but who reads that before making any changes (as we frequently find).
I know what you mean about reading the small print. I was left a little red faced recently when I insisted, in store, that my faulty mobile phone charger was well within its one year warranty, only to be shown the relevant paragraph in the Ts&Cs which stated that "accessories" where only covered for six months.

I've attached a possible solution for the Sensitivity settings UI.
Just add a caveat to the help file that ignoring virus targeting may lead to the detection of false positives.
« Last Edit: July 27, 2010, 08:07:20 PM by MostlyHarmless »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88898
  • No support PMs thanks
It wasn't checked as the extract from the help file stated "If this box is checked," meaning if the user checked it.

Well personally I wouldn't call them false positives as a signature based scan is looking for virus signatures and it has just found some. It would need to be able to determine intent and that isn't so easy, it would have to make other tests if possible to determine intent. When you start adding these other tests to determine intent it is likely to also slow the scan.

I really don't see how this option if still available would bring that much to the party as on-demand scans are scanning what are inert files, they aren't running. So when a file is run the on-access scanner intercepts this and scans the file first. I would say that increasing the Heuristic Sensitivity to High and Test whole files would be just as good. If you want to enter paranoid mode you could also check the Scan all files in the Scan section.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

MostlyHarmless

  • Guest
It wasn't checked as the extract from the help file stated "If this box is checked," meaning if the user checked it.
Yes, which means virus targeting would have been the default, because if you ignored it, "all files will be tested against all of the current virus definitions". This may have lead to a lot of dubious scan results, and like you said earlier, this "forum would have been lit up like a Christmas tree".

Well personally I wouldn't call them false positives as a signature based scan is looking for virus signatures and it has just found some. It would need to be able to determine intent and that isn't so easy, it would have to make other tests if possible to determine intent. When you start adding these other tests to determine intent it is likely to also slow the scan.
You say potato, I say potato. Yes a signature IS a virus strand (so in that sense it's not a false positive), but NO it isn't a full-on malicious infection in that computer. As to lengthy scans, I scan during the night when I'm tucked up in bed and my PC is idle.

I really don't see how this option if still available would bring that much to the party as on-demand scans are scanning what are inert files, they aren't running. So when a file is run the on-access scanner intercepts this and scans the file first. I would say that increasing the Heuristic Sensitivity to High and Test whole files would be just as good. If you want to enter paranoid mode you could also check the Scan all files in the Scan section.
My Custom Scan name is 'The works' and the comment below it is 'the kitchen sink'. I want EVERY tool available to make sure my poxy Windows PC doesn't succumb to attack.


...So I guess the Virus Targeting opt out option isn't coming back then? If it's not, then all mention of it needs to be removed from the help file.

Hermite15

  • Guest
Quote
I'm pretty sure that when it was available, the box was not checked, I.E. Avast! was using virus targeting as its default setting.

confirming that it was of course unchecked by default ::) ... and honestly, what's the difference with "scan all files" ;D...could be that "scan all files" scans more files then what happened when you just unlocked virus targeting... ...so yeah it's missing now, RIP "ignore virus targeting setting" :)
« Last Edit: July 28, 2010, 05:29:02 PM by Logos »

MostlyHarmless

  • Guest
Thank you Logos,
I'm afraid my original query has turned into a bit of an argument over semantics.

I'd completely overlooked the 'Custom Scan > Scan Parameters > File Type > Scan all files' option. I guess this has replaced the clumsily named Ignore Virus Targeting button.

I'm happy now  8)
Thank you, and goodbye.

MostlyHarmless

  • Guest
Thank you Logos,
I'm afraid my original query has turned into a bit of an argument over semantics.

I'd completely overlooked the 'Custom Scan > Scan Parameters > File Type > Scan all files' option. I guess this has replaced the clumsily named Ignore Virus Targeting button.

Quote from: Extract from Creating a Custom Scan section of help file
You can also specify how avast! should recognize potentially suspicious files that should be scanned, either by checking the file extension or by checking the actual content.

If "content" is selected, avast! will look inside every file to determine what type of file it is and whether it should be scanned.

If "name extension" is selected, then by default, only files with extensions such as "exe", "com", "bat" etc. will be scanned. You can add other file extensions by clicking on "select additional areas" and typing the required file extension in the box. Then click OK. To remove a file extension, click on it once and then click "delete".


Though I'd still like the option to scan all files against all of the current virus definitions, regardless; but I guess this will have to do.


I'm happy(ish) now  8)
Thank you, and goodbye.

P.S. It's about time the help file was revised.

Hermite15

  • Guest
you're welcome ;)

SafeSurf

  • Guest
MostlyHarmless,

If you feel that your issue is now resolved/fixed, please go back to the open post in this topic, click the modify button in that Post and change the title/subject, add [Resolved] to the beginning of the title so this thread can be closed.  Thank you.  ;)