4.8 Home script blocker and self-protection

Hi,

For those Avast! 4.8 Home edition users, what can they do, other than getting the Pro edition, to protect their PC even without having the built-in script blocker function? Should they manually disable certain script functions to prevent from being affected? Or, are there any other add-on script blocker tools which can supplement Avast! Home edition?

Where to find extra info, other than this page - http://www.avast.com/eng/avast-free-home-antivirus-antispyware.html, regarding 4.8’s strong self-protection enhancement, such as the difference between 4.7 and 4.8 self-protection level? Thus, I can rest assured that 4.8 does have a strong protection comparing to anti-malware test lab’s “self-protection” test result on 4.7.

Thanks

The web shield will provide protection against malicious scripts on web sites, The script blocker goes a little further but is limited to three browsers.

Firefox with the NoScript add-on provides comprehensive script blocking.

The avast self-defence module helps prevent it from being disabled by the great majority of malicious malware. Like anything in life nothing is 100% guaranteed and the self-defence module is no exception as there is a variant of beagle that can disable it, but this is an exception.

There is still room for self-protection against some variants of Vundo, Bagle, etc. But, generally, 4.8 is stronger (in very deep) than 4.7.
Which is your browser?

How much further will script blocker go compared to web shield? Only blocking browser scripts as put in the manual, or even including Wscript, Java bytecodes, and batch programs? Pointing me to any online references will be appreciated.

If there is an associated satellite program running in tandem to monitor the health of the main antivirus program, then upon failure it can either give warning or reactivate the antivirus program after self-repairing.

IE, Firefox, …

I don’t know as I don’t use the Pro version and I don’t work for Alwil software the makers of avast, I’m just an avast user.

Again outside my control, and there is also nothing to stop said malware disabling that, as the windows security center should also report if your AV isn’t running and guess what they can disable that too. It really isn’t that frequent an occurrence.

According to http://www.avast.com/eng/avast-4-professional-antivirus-antispyware.html,

Script Blocker
The resident protection of the Professional Edition includes an additional module, not contained in the Home Edition, called Script Blocker. This module watches all scripts being executed in the operating system (so-called WSH scripts - Windows Scripting Host), and scans all the scripts run as a part of a web page within your web browser (Internet Explorer, Netscape Navigator and Mozilla).
<<

So, are Firefox, Opera, Google Chrome users not protected by the script blocker from malicious web page scripts? Or, does the Mozilla mentioned here include Firefox? Won’t Web Shield or Network Shield check on malicious scripts of a web page at all? How big is the hole without script blocker? Is there a workaround so Home users can survive, script blocker less, without losing an arm and a leg? For example, will the combination of Avast and ThreatFire blocks not just wscript or web page scripts but some other holes? (**It was interesting to read this thread “Avast and ThreatFire seem a good combination”, http://forum.avast.com/index.php?topic=30834.0, and found DavidR and Tech had both made comments on it.)

How about malicious BAT programs? Are they the targets of command line scanner or script blocker? How about Java applets or bytecodes? I thought Avast will not categorically ignore a group of malicious codes. But, now I am not sure how to assess the security risk. Really need some in depth technical advice from advanced users or Avast support engineers.

As I said the Web Shield looks after scripts on web sites from what you found the script blocker in the pro also monitors scripts run locally. The Mozilla doesn’t refer to firefox the Mozilla browser pre-dates firefox.

The script blocker also I believe pre-dates the Web Shield and at the time of introduction that was the only cover for web site scripts.

Batch files aren’t really scripts but a series of run commands, so I don’t know if these would be covered. However and command line in the .bat file before it is allowed to execute would be scanned by the resident on-access scanner.

So I guess having only used avast for a little over five years I’m not advanced enough to help you further, so I hope you find some one to answer any further questions.

Your advanced help is appreciated nonetheless. It is just that I am not sure when Home users are the script blocker less how big the hole is and what they can do about it. I hope someone who has the advanced knowledge on these specific questions can come out help.

Let me include your responses and rearrange my questions as:

  1. The Mozilla mentioned here does not include Firefox. Are Firefox, Opera, Google Chrome users not protected by the script blocker from malicious web page scripts?
  2. The newer Web Shield will do some script scanning, but how much more script scanning can only be accomplished with DavidR believed pre-dated script blocker? In other word, how big is the hole without the script blocker nowadays?
  3. Is there a workaround so Home users can survive, script blocker less, without losing an arm and a leg? For example, will the combination of Avast and ThreatFire blocks not just wscript or web page malicious scripts but some other holes?

That is what I would expect from the resident on-access scanner, which can handle .com .bat and even wscript files. But, since wscript and some web page scripts are not included in the baseline protection, I start wondering what else are not scanned, like Java applets, or even .bat files.

Simply because the above questions seem still open for answers, that is why I am calling for the help from Avast engineers or someone who knows where the related document can be found.

Is there no one concerned about Avast Home 4.8 somewhat unclear baseline protection against malware scripts? I start wondering if my questions are valid.

DavidR believes “The Avast Home 4.8 Web Shield will provide protection against malicious scripts on web sites”, just like what Script Blocker can do. According to http://www.avast.com/eng/avast-4-professional-antivirus-antispyware.html, Script Blocker from PRO edition can provide an extra protection against the scripts running locally on the computer, so-called WSH scripts - Windows Scripting Host.

So, does the baseline protection between Home and PRO Script Blocker only differ on the local machine WSH scripts scan? Does the Web Shield of Home 4.8 have all the web mal-scripts scanning firepower as provided by Avast PRO Web Shield + Script Blocker? DavidR had no experience on the PRO edition and therefore did not comment on that. But, this unanswered question will hinder any efforts of assessing risks and finding workarounds.

Also, will Firefox users not be protected from mal-scripts even with Avast PRO edition installed?

Via http://support.avast.com/index.php, I submitted a technical support ticket “Avast Home 4.8 somewhat unclear baseline protection on mal-scripts” to Avast. If anyone is interested in the going of this subject, let me know. Thus, I will keep this post updated and alive.

Yeah I’m interrested too…I just noticed script-blocking/scanning is only in Pro version.
Thats like the only relevant thing left out from Home it seems…for a home-user.

I guess maybe it doesn’t matter much, cause bad scripts are used for pusing viruses/trojans etc into your pc, but then the AV will stop that from happening, or instantly find them anyway. So maybe it doesn’t matter much, I dont know :s

I use FF with no-script, and if I’m on a site that I dont really trust I dont allow any scripts, so guess it doesn’t matter very much to me, but still strange the documentation for this is so unclear.