If you check the resident confg screen there is a option "scan modified/created file" below that option appears only files with selected extension. There you will see the extension of the scripts(JS for javascript) ect. Also you can add more extension if you know the extension of other scripts. Or you can chose the option "scan all files". There are heuristics in the mail and outlook providers, but it only give you a alert about a "suspicious message" alert, it uses the virus db to give you a virus alert.
Amazing! In addition to "JS?" in the Default extension list, I also found "VB?" and "WS?", are they VB scripts and WSH scripts? I noticed all Shields are up and running except Outlook/Exchange, and its status is read as "The provider is waiting for a subsystem to start". I checked all tabs in [Outlook/Exchange>Customize...] and found [Heuristics - Advanced] options are greyed out. The note on that tab reads [The following settings affect handling of outbound messages and are relevant only when the sensivity is set to "High" or "Custom"]. In the [Outlook/Exchange>Customize...>Heuristics] tab, the sensitivity is shown set to "High". I went to [Standard Shield>customize...>Scanner(advanced)] and selected/checked [Scan created/modified files] and [Only files with selected extension] with [Default extension set(recommended)] plus verified [show ...] and found EML on the list. After I made the modification by selecting [Scan created/modified files], Standard Shield security level jumped from Normal to High. But, the Outlook/Exchange Shield is still showing the same "waiting for a subsystem to start" with both Outlook/Exchange and Standard Shield now set to High. Any idea?
The bottom line is that the Script Blocker is able to check scripts more thoroughly (generally speaking). That is, it checks them after they're decrypted, reassembled etc.
There are numerous attacks towards the traditional script scanners that cannot be efficiently shielded without the Script Blocker (at least in the case of Avast).
Since XP SP2 and up Microsoft has beefed up its browser security via "local machine zone lockdown", how does JavaScript or other browser scripts work around Microsoft's defense by encrypting or reassmbling? Do those rare cases happen only when someone tries to open a locally cached/saved web pages? If the difference of Script Blocker is the capability of handling polymorphed scripts, why don't name it so? Thus, Avast Home users know that they are still protected from bad WSH scripts and other browser scripts except polymorphed scripts.
Will using IE-SpyAd, Script Sentry, WormGuard, RegRun Guard, or ScriptDefender as a supplement to Avast Home help somewhat mitigate the possible vulnerabilities exploited by polymorphed or advanced scripts even though Script Blocker of PRO would probably be the best choice?