Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avira AntiVir - What Action To Choose For Trojans?


  • Please log in to reply
3 replies to this topic

#1 GeekGrrl

GeekGrrl

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:45 PM

Posted 02 October 2010 - 05:57 PM

I am currently trying to clean up a seriously infected computer and in addition to the usual crapware, I found a bunch of Trojans last night. I thought I had dealt with them successfully, but this morning the computer is worse than ever (I have a thread going in the support forum for the computer's issues).

It occurred to me that perhaps I am not choosing the correct option when Avira notifies me of a Trojan. The default option presented is to "Deny Access", but I chose "Move to Quarantine" for all of them (except perhaps the first one, I can't quite recall).

For my own knowledge, what is the proper option to choose when Avira Antivir finds a Trojan or a virus?

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:45 AM

Posted 02 October 2010 - 10:21 PM

Read page 24 of the Avira AntiVir Personal

Deny Access is the action option for Guard detections: Access to the infected file is blocked.


Quarantine moves the file into a virus vault (chest) or a dedicated quarantine folder where it is essentially disabled and prevented from causing any harm to your system. The quarantined file is usually renamed before moving, safely held there and no longer a threat until you take action to delete it. One reason for doing this is to prevent deletion of a crucial file that may have been flagged as a "false positive" especially if the scanner uses heuristic analysis technology. Heuristics is the ability of a scanning program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list. Doing this also allows you to view and investigate the files while keeping them from harming your computer. Quarantine is just an added safety measure. When the quarantined file is known to be malicious, you can delete it at any time by launching the program which removed it, going to the Quarantine tab, and choosing the option to delete.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 GeekGrrl

GeekGrrl
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:45 PM

Posted 03 October 2010 - 02:03 AM

Thank you so much for the resource and additional explanation! After reading that, it would seem Deny Access is not a good choice at all. I really should have done some research before I started these scans. :thumbsup: From now on I'll be sure to choose quarantine. Thanks again!

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:45 AM

Posted 03 October 2010 - 09:07 AM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users