Now as you might already notice i'm a great fan of proactive protection.
Proactive protection is undeniably a good thing. avast! is no exception to a certain level. Some features are disabled by default and some are not designed that well.
But in general this guide should increase security level by few % if not more
This guide is recommended only for advanced users that know stuff mentioned here and what it does.Please note that this guide is meant only for Windows XP and Windows 2000 (all editions supported by avast!). Please do not use these settings on Windows 98 or Windows Millenium systems since they won't work as expected!Switching to "Detailed Mode"Left click on avast! tray icon (that spinning blue "a" icon near the clock).
In case if you haven't already switched to "More detailed mode"...
Behavior Blocker Proactive protectionSelect
Standard Shield and click
Customize button on the right.
Now select
Blocker tab.
Set all settings the same as shown on screenshot above, except field under number 2. This will come in next few lines...
Add entire line below into field number 2 (Additional Extensions):SCR,VBS,VBE,WSH,PIF,CPL,BAT,COM,CMD,WMF,OCX
Extensions list is dated 2006.04.10It is partially visible on screenshot how it should look like when entered in there.
These extensions are meant for regular user environments where you most probably won't encounter or run such filetypes (which are all possibly dangerous).
If you work with VBS scripts day by day you may want to remove VBS extension from the list. Same applies for other. In general it should provide nice balance between protection and number of warnings.
When you'll get warning about such possibly dangerous file you'll get such message:
This way you'll be notified about possibly dangerous file being created on your hard drive. It will also detect whether these filetypes try to format your hard disk. By clicking "Deny" button you'll stop the creation of that file/formatting. Clicking Allow will allow it's creation/formatting. Best option for most would be
Deny.
Web Shield Proactive protectionSelect
Web Shield provider and click
Customize....
Then select
URL Blocking tab.
Check Enable
URL Blocking and click Add button on the right.
Add following strings into the list, each in it's own line (same way like shown below).
Extensions:*.cmd
*.cpl
*.pif
*.scr
*.vbe
*.vbs
*.wmf
*.wsh
Extensions list is dated 2006.04.09So when you'll encounter such possibly dangerous files you'll get similar warning inside your browser...
In case it's not blocked by Web Shield, there is very big chance that Behavior Blocker will block it.
Internet Mail Proactive protectionNow this last one is a bit special, so please be VERY specific about which way you'll select. It's very important!
I'm using POP3/IMAP based email client (like Outlook Express or Thunderbird)So if you use POP3/IMAP based email client like Outlook Express or maybe Thunderbird you should leave things as they are. Even if you use just 1 POP3 email account and 5 others that are just webmails (to view with browser).
Just move the slider to
High as shown on picture. Existing heuristics will take care for suspicious attachements and mails.
I'm NOT using POP3/IMAP based email client (just webmail like Hotmail, Yahoo or GMail inside my browser)In case if you DON'T use ANY POP3 mail at all, then you may still want to install
Internet Mail provider.
It will most probably spot suspicious activities of mass mail worms that attempt to send large amounts of emails in small timeframe without user knowledge.
avast! will show Heuristics warning with option to Deny these activities.
This way you'll also be notified about malware that slipped past avast! signature detection and Behavior Blocker/Web Shield.
Select
Internet Mail provider and click
Customize... button on the right side. Scroll through tabs all the way to the right and select
Heuristics tab.
Select
Custom preset as shown on image.
Now select next tab named
Heuristics - Advanced and set marked settings as shown on image below.
This will set Internet Mail provider to very high sensitivity level. Setting such settings in case if you're using any POP3 email client will most probably result in large amounts of warning messages! Make sure you selected the right way as described above!NOTE: I currently don't have image of Internet Mail heuristics warning, but will add it as soon as i find one.
Additional helpIn case you don't understand something or you might have a question about anything related with my Proactive settings, please ask here in this thread.
I'll try to do my best to help anyone. Alwil tech support team is already very busy with other things so we shouldn't bother them with these things as they are my unofficial tweak settings.
I hope these settings will serve you well in upcoming avast! adventures in world of internet!
RejZoR
PS: Is there any chance someone would make this thread as Sticky?