to @Alikhan ,

- Please remove the free version registration, you even do not control the mails. I wrote blala@live.com and accepted. This registration make users think "Should I have buy this?" .. if it is a marketing feature then tell me I can accept this. You have to pay your bills. I respect.

It’s surely not that hard to input your email and name once a year, it even states it’s for a free registration.

I did not say it is hard. It has no point to exist. I just said the feature confuse the users.

- Please remove nags from main interface. I installed Windows Avast but it always asks me "Install Avast to your phone".. I do not want to see this. You already show this with popups. Why it is still on main interface. I want clean interface.

To have an ad free GUI, you would need to go to a paid version, however, what is the need to look at the interface once set up?

If users do not look at the main UI after install, whats the point putting ad there?

- Please enable PUP detections by default. It is very importatn situation!

I believe that during setup the user should be asked to enable PUP and explain why rather than be enabled by default.

Yes, we just improved the a suggestion here nice

- Please disable HTTPS scanning by default. Avast is behaving like "man in the middle", it is a common malicious activity of malwares. Do not do that!

No chance. A lot of malware does come from HTTPs in the current day and Avast has secure HTTPs certification implementations

Why no chance? Please ask users about this feature while installing because many user do not want to use Avast certificate on their banking website :-X
I believe that during setup the user should be asked to enable HTTPS scanning and explain why rather than be disabled or enabled.

- While installing Avast, please ask o users "Do you want to participate in data sharing program/Avast community?".. Users should select this while installing software.

I think you have a valid point here but isn’t there a screen that lets you know about privacy during install?

Yes it tells the user but users only have one option “Just accept this”… Why Avast does not offer 2 button?
1 - Accept data sharing
2 - No thanks. Reject data sharing.
There must be 2 options then after informing the user. User should decide this feature will be on or off. Avast already enabled this feature and just informing the user. It is false for me. I believe that during setup the user should be asked to enable data sharing/Avast Community and explain why rather than be disabled or enabled by default.

- Please add more information into hardened mode popups. User should know "why this file blocked?" "Why Avast suspecting on this file" .. if you did not give this verdict, believe me all user will click on "Exclude" to run their god damn program.

Every file which is not under Avast whitelist will be blocked by Hardened Mode if using the aggressive mode. If using the moderate, it will block files which trigger DeepScreen action.

I knew how it works. I just want a popup like.
"Avast blocked this file because the file is not in Avast Cloud Whitelist and it is a suspected “trojan” or “pup” file.
Devs can come up with a better idea on this.

Thank you for your time

I get your point, but I’m not sure if the version would be of any real help… or that there actually is a version you can say the particular component is using.
The 7-Zip is quite a good example - the code has been heavily modified or redone from scratch and only a small part (basically just the LZMA decompression algorithm) is there in a form similar to the original. So you can’t say it’s version this and this because… it is not anymore. The component is shown in the About box because we want to give Igor Pavlov a credit, we did use his code somehow - but it certainly doesn’t mean the whole 7-Zip vX.XX source is a part of Avast.

The recently published vulnerabilities are completely irrelevant here (they don’t affect the 7-Zip format at all, they are connected to other file formats supported by 7-Zip program, a code which has never been part of Avast)… so even if the About box said it’s based on version 9.x (I’m making the number up), there’s no reason to update. So the only thing we could update (if we were asked to solve the “problem”) is the number shown in the About box. Plus, the unpacking code is a part of virus definitions - which is updated daily anyway, so there isn’t much you could do to help it (on the other hand, it’s updated much faster than the program - so even if the program shows an old version in the About box, it can be much newer already).

Some libraries are used in multiple places (in multiple modules, or in the program and virus definitions) - and they might be in different versions.
So… what I’m saying is that in my opinion, showing some exact versions in the About box may bring more confusion than be of help.

On the other hand, I can imagine a page on our web commenting on recently discovered vulnerabilities (and their connection to Avast).
I can see our blog post about the 7-Zip issues noted that Avast was not affected, but I admit it may be somehow hidden.

Hi igor - thank you for a very informative answer. Maybe this sort of thing should be in the blog? (I wish the blog link was at the top of the page…)

@yigido - I quite agree,

Avast should improve their PUP detection to avoid these false positives.

Maybe Avast should compile a library of old/legacy apps to teach the AV what to ignore? This should only take a couple of hundred Petabytes

OTOH, yes, more info should be given about (hardened mode) blocking. I don’t use it, but a few arrests have been made where I couldn’t quite see the evidence, they turned out to be FPs.

Gordon.

Igor thanks for the detailed answer on the 7zip problem that solves lot of questions

Yes thanks

- Please enable PUP detections by default. It is very importatn situation!

I believe that during setup the user should be asked to enable PUP and explain why rather than be enabled by default

+1