Now as you might already notice i’m a great fan of proactive protection.
Proactive protection is undeniably a good thing. avast! is no exception to a certain level. Some features are disabled by default and some are not designed that well.
But in general this guide should increase security level by few % if not more 
This guide is recommended only for advanced users that know stuff mentioned here and what it does.
Please note that this guide is meant only for Windows XP and Windows 2000 (all editions supported by avast!). Please do not use these settings on Windows 98 or Windows Millenium systems since they won’t work as expected!
Switching to “Detailed Mode”
http://i14.photobucket.com/albums/a348/rejzor/normalprov.png
Left click on avast! tray icon (that spinning blue “a” icon near the clock).
In case if you haven’t already switched to “More detailed mode”…
Behavior Blocker Proactive protection
http://i14.photobucket.com/albums/a348/rejzor/stdshield.png
Select Standard Shield and click Customize button on the right.
http://i14.photobucket.com/albums/a348/rejzor/block_set.png
Now select Blocker tab.
Set all settings the same as shown on screenshot above, except field under number 2. This will come in next few lines…
Add entire line below into field number 2 (Additional Extensions):
SCR,VBS,VBE,WSH,PIF,CPL,BAT,COM,CMD,WMF,OCX
Extensions list is dated 2006.04.10
It is partially visible on screenshot how it should look like when entered in there.
These extensions are meant for regular user environments where you most probably won’t encounter or run such filetypes (which are all possibly dangerous).
If you work with VBS scripts day by day you may want to remove VBS extension from the list. Same applies for other. In general it should provide nice balance between protection and number of warnings.
When you’ll get warning about such possibly dangerous file you’ll get such message:
http://i14.photobucket.com/albums/a348/rejzor/blocker_test.png
This way you’ll be notified about possibly dangerous file being created on your hard drive. It will also detect whether these filetypes try to format your hard disk. By clicking “Deny” button you’ll stop the creation of that file/formatting. Clicking Allow will allow it’s creation/formatting. Best option for most would be Deny.
Web Shield Proactive protection
http://i14.photobucket.com/albums/a348/rejzor/webshldpro.png
Select Web Shield provider and click Customize….
Then select URL Blocking tab.
http://i14.photobucket.com/albums/a348/rejzor/webshldext.png
Check Enable URL Blocking and click Add button on the right.
Add following strings into the list, each in it’s own line (same way like shown below).
Extensions:
*.cmd
*.cpl
*.pif
*.scr
*.vbe
*.vbs
*.wmf
*.wsh
Extensions list is dated 2006.04.09
So when you’ll encounter such possibly dangerous files you’ll get similar warning inside your browser…
http://i14.photobucket.com/albums/a348/rejzor/webtest.png
In case it’s not blocked by Web Shield, there is very big chance that Behavior Blocker will block it.
Internet Mail Proactive protection
Now this last one is a bit special, so please be VERY specific about which way you’ll select. It’s very important!
I’m using POP3/IMAP based email client (like Outlook Express or Thunderbird)
So if you use POP3/IMAP based email client like Outlook Express or maybe Thunderbird you should leave things as they are. Even if you use just 1 POP3 email account and 5 others that are just webmails (to view with browser).
Just move the slider to High as shown on picture. Existing heuristics will take care for suspicious attachements and mails.
http://i14.photobucket.com/albums/a348/rejzor/intmail.png
I’m NOT using POP3/IMAP based email client (just webmail like Hotmail, Yahoo or GMail inside my browser)
In case if you DON’T use ANY POP3 mail at all, then you may still want to install Internet Mail provider.
It will most probably spot suspicious activities of mass mail worms that attempt to send large amounts of emails in small timeframe without user knowledge.
avast! will show Heuristics warning with option to Deny these activities.
This way you’ll also be notified about malware that slipped past avast! signature detection and Behavior Blocker/Web Shield.
Select Internet Mail provider and click Customize… button on the right side. Scroll through tabs all the way to the right and select Heuristics tab.
http://i14.photobucket.com/albums/a348/rejzor/heur1.png
Select Custom preset as shown on image.
Now select next tab named Heuristics - Advanced and set marked settings as shown on image below.
http://i14.photobucket.com/albums/a348/rejzor/heur2.png
This will set Internet Mail provider to very high sensitivity level. Setting such settings in case if you’re using any POP3 email client will most probably result in large amounts of warning messages! Make sure you selected the right way as described above!
NOTE: I currently don’t have image of Internet Mail heuristics warning, but will add it as soon as i find one.
Additional help
In case you don’t understand something or you might have a question about anything related with my Proactive settings, please ask here in this thread.
I’ll try to do my best to help anyone. Alwil tech support team is already very busy with other things so we shouldn’t bother them with these things as they are my unofficial tweak settings.
I hope these settings will serve you well in upcoming avast! adventures in world of internet! 8)
RejZoR
PS: Is there any chance someone would make this thread as Sticky?
