Hi all,
I am confused about how SAV really works.
If I have updated definition, then I inserted my USb and launch .exe file(w/ virus), then the SAV detected it as risk or file quarantined.
Does this mean that the definition cannot stop the virus? becuase when I search the virus name, it says to manually remove the strings, values in the registry/system, and after checking my registry its confirmed that it was modified by the virus, meaning the virus modified my registry so I am infected? I dont understand because it says virus it quarantine but my registry is modified.
What I did i get an updated definition but still the same, the virus is not a zero day type.
how would I know that my SAV is working, it is because its detecting a treat or detecting and stopping a threat without any modification in my system?
If a virus is detected and its quarantine, it still means that the definition needs to be updated?
I hope anybody can help me clarify my understanding.