Heuristics can improve malware detection ???

[the Tester]

RejZor is right.
What I mean is low,medium,high settings.
Not type of malware detected. I should have been more clear in my wording.

I'm not an advocate of suites either.
Although Norman has sandbox technology in their antivirus if I'm not mistaken.
I'd still prefer heuristics though...

[Martheen]

You may not want to be too curious when dealing with malware.
I wouldn't recommend you trying to change anything about it. Leave that to those that are fighting the good fight to keep your pc free of it.

Ok, i agree it's just as dangerous as playing with grenade. But Solow is a really simple script, one with ANY programming language experience & windows system understanding will easily grasp what the virus do, and how to modify it. I have no background on VB, just Java&C++. Now, the fact that anyone can build a new (undetected by avast) variant of particular viruses (especially those in script), spreading it only to found that avast can't do anything.. well, that upset me.

[DavidR]

You have to plan for the unexpected, no single piece of software is going to give 100% protection. For the most part prevention is much better than cure, there will always be zero day malware that perhaps even heuristics won't detect so you have to take measures to limit the potential damage and stop it from getting established.

Malware needs permission to place files in the system folders and to create registry entries and they get this by inheriting your logon account privileges, so if you have admin privileges so will the malware (unless you do something about it) and it will be able to get into system folders and create registry entries, etc.

You might also consider proactive protection, in order to place files in the system folders and create registry entries you need permission. Prevention is much better and theoretically easier than cure.

Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can't put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.

Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP. Check Bob's, setup instructions and importantly the dropmyrights.msi file needed as MS have now cleared the original link.
http://mysharedfiles.no-ip.org/dropmyrights

If you have Vista the UAC attempts to do this for you by requiring a password for tasks that would require admin privileges.

Unfortunately this isn't available in XP (until recently forum Search for SuDown) or win2k so DMR is an option to help limit any potential damage.

[Martheen]

Behaviour blocker in avast, if also applied to registry&important files (such as the subtle autorun.inf&debugger in image file execution) may eliminate the need for heuristic. but then, multiple warning just to do something trivial will stop anyone from using the feature. Could it implemented in Avast without bugging the user too much?

[davidpr]

One of the reasons I use Avast, and keep coming back after being tempted away, is that it is quiet. I am behind a router, use WFW and GeSWall - to support Avast - and my machines run clean and quick. So if heuristics, behaviour blockers etc were introduced I just hope I am not forever clicking the 'Allow' button.

[DavidR]

Since avast is a highly configurable application I would like to hope that that would be continued in any addition so it can be set to a level where it provides a balance between protection and performance or as you say quiet.