There are a couple of scripts that I know are safe, but avast 4.8 pro stops them. I looked all over in avast & the forums and cannot figure out how to tell avast that “yes this script is ok” or get it to prompt me to ask if it is ok to run the script & save the setting for future use.
You should always confirm that the programs are in fact clean, see #### below.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.
This will not work. Basically, in Trillian, my IM screen names show for yahoo, aol, msn. If yahoo has mail, I can click on it & it will launch IE and take me to my email w/o having to log in. With avast running, it launches IE, then nothing happens. If I try to access yahoo directly, the active script is blocked. Avast doesn’t ask me if it is OK to run the script which it should instead of just outright blocking it.
If the web is hacked its 100 % sure the script wont be safe
I know that - that is not the issue. How do I tell avast that the script that the Trillian app is launching is OK to execute - I know that the script is OK. Placing it in a separate folder & stuff is NOT an viable option.
One other thing, where does avast log the items in the script blocking? I’ve set the log level to emergency and there is nothing in the log to tell me what scripts it blocks or allows, etc. However, I do have it set to “show detailed info on performed action” which shows a brief popup, yet this info isn’t logged anywhere - or is it?
The problem is that avast doesn’t block, it isn’t a firewall, it scans and alerts to infection (and this is what I thought your first post was about).
So this is likely to be some form of conflict, possibly from a firewall or other security application blocking avasts scan, in which case nothing would proceed. So whilst the Script Blocking in the Pro version, intercepts scripts to scan them, again this would be the same, if it didn’t find the script malicious then it should continue as normal, unless there was something else in the mix.
Unfortunately I don’t use the Pro version so I’m not familiar the Script Blocking (a really bad name IMHO as it doesn’t accurately describe what it does, Script Scanning would be better). Add to that I neither use IM applications or Yahoo so I can’t really test it.
What is your firewall ?
Have (or did) you another AV installed in this system, if so what was it and how did you get rid of it ?
What other security based software do you have installed ?
When you say the script blocker stops them, exactly what happens, is ther an alert or other message ?
If not they aren’t actually getting blocked, but there is most certainly some form of conflict.
Thanks. Firewall is turned off as I have a good hardware firewall so I don’t need a software firewall.
I’m at a loss as to what else to suggest as this is definitely some sort of conflict.
Though a good hardware firewall unless it specifically mentions outbound checking isn’t enough IMHO and that is where a software firewall comes in…
Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.
What about the other questions, previous AVs on this system, other security applications, what happens when one of these scripts is as you say blocked.