Web script blocking not very efficient?

[romeonation]

Hi there!

I use Avast 4.6 home edition. I tested a rogue website
h**p://www.freeserials.com
to test if Avast's web scanner and script blocking engine can protect my computer from the rogue scripts running in that website.

When you click any link for a serial in that site, a rogue script is loaded that asks you to click YES or install a cab file or something. I was hoping AVAST!'s webscanner will block this from happening.  BUT, SADLY AVAST! HAS NOT STOPPED THAT SCRIPT FROM RUNNING.

Can someone tell me why the webscanner can't protect such scripts? I will be happy if you can give me links to other rogue sites where AVAST! can stop rogue scripts, which can convince me AVAST's web scanner is efficient in some ways atleast.

PS: Kaspersky 5.0 (trial version) was the only anti virus I tested (among Bit defender (trial) , Norman (trial) , Antivir (free) and Avast) that managed to prevent the above mentioned rogue script from running.

Regards
Santosh
India

[cvsa]

i went to the site you mention, but i didn't notice any script.....

When clicking on a link, my browser (firefox) blocked a popup screen.... and that's all.....

Use Firefox..............

[xistenz]

Hey, I found some serials for avast! antivirus there.  Perhaps it would be better if you didn't advertize this site here.

[DaveD]

Script Blocker is available in the Professional Edition only.

http://www.avast.com/eng/avast_4_professional.html#5

The resident protection of the Professional Edition includes an additional module, not contained in the Home Edition - Script Blocker. This module watches all the scripts being executed in the operating system (so called WSH scripts - Windows Scripting Host). It also scans all the scripts run as a part of a web page within your web browser (Internet Explorer, Netscape Navigator and Mozilla).

[DavidR]

Hi there!
I use Avast 4.6 home edition. I tested a rogue website

When you click any link for a serial in that site, a rogue script is loaded that asks you to click YES or install a cab file or something. I was hoping AVAST!'s webscanner will block this from happening.  BUT, SADLY AVAST! HAS NOT STOPPED THAT SCRIPT FROM RUNNING.

1. That is a valid request to install a 'cab file or something' being used possibly for malicious purposes, avast doesn't and shouldn't stop valid requests (that is not a script).

Which script blocking engine would you be referring to? The Home version doesn't have the Script Blocking, that is a function of the Pro version.

2. You the user are given choices, Yes or No or clicking the x at the top right of the pop-up window). If you chose Yes, it has to be based on 'is this correct use for the site in question and do you want to install it,' rather than curiosity or testing, especially if this is your main pc.

Personally I never chose No either, I use the x at the top right of the pop-up window, you don't know what processing action will occur for either the Yes or No buttons. For the most part No will close the window, but you never know.

Caveat Emptor - Common sense is your best weapon against many attacks.