Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: softwareguy on June 12, 2004, 04:59:53 AM
-
I have never seen this before.
Is it something new in the 412 build?
What is this suppose to mean?
Thanks! :)
-
how did you get that??? ???
-
It seems that this box was checked and weird dialogs (above) was popping out randomly... :-\
-
seems like avast is blocking some writing operation to that dll file?...i'm not sure though...please wait for more expertise advices..
-
I don't think so...
I just performed a Windows Search and these dialogs appeared on my screen... The first screenshot is just one of them.
I thought the Blocker is what Avast use to block infected file? Confusing... ???
-
No,as it says behavior blocking. This is like very passive heuristic if you want to put it that way. I doubt that avast! selected this option by itself. This was never encountered by me or any other.
Just set it as on this picture below for maximal protection without any limitations in Windows usage.
-
We certainly need more features on this blocker thing. ;)
-
No,as it says behavior blocking. This is like very passive heuristic if you want to put it that way. I doubt that avast! selected this option by itself. This was never encountered by me or any other.
Just set it as on this picture below for maximal protection without any limitations in Windows usage.
RejZoR,
Can you please explain what this block dialog box features thing, cause I cannot find any information enough to understand what this do.
Please advise.
-
With the things I know about Avast, I think that the Blocker prevents infectable files from doing the checked actions specified on this tab.
Avast will prompt you if the actions window if an infectable file tries to execute any of the actions checked.
"infectable" files means any files that could contain an malware. Click show on the default extension list and you will see what Avast defines as "infectable" file types.
-
With the things I know about Avast, I think that the Blocker prevents infectable files from doing the checked actions specified on this tab.
No, as Rejzor said, it's a kind of heuristic against unknown viruses. The selected actions are prevented always, no matter if the file performing them is infected or not. That's why it's called behavior blocker - because it blocks suspicious behavior, not files.
In any case, it's quite an obsolete feature and I wouldn't recommend to use it much (as you found out yourself, many applications open files for writing even if they don't have to - I believe the Explorer in the first post opened the file for writing (+reading) just to access the file's properties).
-
Yup,thats why you should select only to block Formatting. This is not something that you do on regular basis,but format is pretty common destruction method among viruses.
I'll check them all and test them for a while to see how does it work. I never used anything else then Block Format. Might be useful against nev parasites...
-
Hm this looks interesting and could be very useful. I just wish a exclusion list so you can exclude applications that are legit,so you don't have to always click Allow. My avast! External Control is for example sensitive to Deleting file Blocker. If i could add it to exclusion it won't bother me anymore. But i think full file path would be required to exclude,because only filename could be spoofed. Or CRC32/MD4 check. Something like that.
-
No, as Rejzor said, it's a kind of heuristic against unknown viruses. The selected actions are prevented always, no matter if the file performing them is infected or not. That's why it's called behavior blocker - because it blocks suspicious behavior, not files.
In any case, it's quite an obsolete feature and I wouldn't recommend to use it much (as you found out yourself, many applications open files for writing even if they don't have to - I believe the Explorer in the first post opened the file for writing (+reading) just to access the file's properties).
With this explanation I would have to change my avast translations...
I have not understand deeply the behavior of the blocker...
Igor, can I do that? ::)
-
Well, I'm not sure if I explained fully in those few lines I wrote... maybe I should extend the explanation a little :)
But of course, updates are possible... what particular do you want to change?
-
Well, I'm not sure if I explained fully in those few lines I wrote... maybe I should extend the explanation a little :)
But of course, updates are possible... what particular do you want to change?
I need the html file for the Blocker and the Passolo file for the it.
Do you remember when I asked you about the differences in translation due to this?
1. The module that block some suspicious activity behavior
2. The behavior of the module that block some suspicious activity
This is my trouble: 1 is different from the 2. In Portuguese translation of avast we can read the 2nd and, with your explanation, I think the right one is the 1st. 8)