Author Topic: Behavior blocker - any logging?  (Read 2403 times)

0 Members and 1 Guest are viewing this topic.

TheSpirit

  • Guest
Behavior blocker - any logging?
« on: December 15, 2008, 11:25:47 AM »
I find the behavior blocker quite useful for trouble shooting/malware tracking to identify programs that modify files with a given extension, but there is a small hole in the situation when the blocker cannot ask for confirmation. In this case you have to either allow or deny by default, and you get no alert.

So the question is: Can blocker events be logged somehow? I can find no settings or ini-file/registry entries for this. Anybody with insider knowledge?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: Behavior blocker - any logging?
« Reply #1 on: December 15, 2008, 02:37:50 PM »
If it is not logged in any of avast logs (set the Debug level, the lowest in the slider), I don't think it has a special, separated, log for it. Anyway, which extension are you working with?
The best things in life are free.

TheSpirit

  • Guest
Re: Behavior blocker - any logging?
« Reply #2 on: December 15, 2008, 03:44:34 PM »
Thanks Tech. The debug log doesn't seem to work in the free version. Does it require admin rights? I need to track normal user accounts. Maybe you have to turn on debugging?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: Behavior blocker - any logging?
« Reply #3 on: December 15, 2008, 03:52:02 PM »
Thanks Tech. The debug log doesn't seem to work in the free version. Does it require admin rights? I need to track normal user accounts. Maybe you have to turn on debugging?
It works... the slider must be at the bottom... boot (if necessary).
All informations (available) will be logged in the logs. But, I think behavior block is not logged there...
The best things in life are free.

TheSpirit

  • Guest
Re: Behavior blocker - any logging?
« Reply #4 on: December 15, 2008, 04:07:22 PM »
Thanks again Tech. I forgot that in Avast you don't press enter, you boot.  ;D It works and it doesn't work. The log file is created, but the log viewer doesn't display it. No big problem. The blocker doesn't log, though.

Extensions? Maybe you want to know which programs create all those TMP files? What about DAT files? Most applications have special extensions that you may need to track. This feature could be most useful, though most users seem to think that it is useless.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67241
Re: Behavior blocker - any logging?
« Reply #5 on: December 15, 2008, 10:47:08 PM »
This feature could be most useful, though most users seem to think that it is useless.
Well... it's outdated really... I don't think you're increasing that much your system security.
I won't be able to use a tmp file blocker... I'm continuously installing programs, updates, etc...
The best things in life are free.