Questions about the new version

Hello guys,

I did read the following link:

http://www.avast.com/eng/avast-4-home_pro-revision-history.html

But some itens I dont have any idea what they mean…

1- added new unpacker “droppers” (by default turned on in all tasks including the real time scanner)
—> I never heard about a dropper unpacker? Its means that now Avast is able to open the droppers malwares and see what they are going to drop (unpacking it)?

2- added the possibility of sending of statistical information about detected viruses
—> How it works? Its invisible for user? Or the user fill some form when his avast founds a Malware?

3- improved the submission from the Virus Chest (now based on HTTP protocol)
—> Asking again for this version: Whats better now, send new samples by the virus chest or by Email? They have the same priority? Whats easier for the analists?

4- added a component for gathering of new samples from exploited pages
—> What it exactly does? How it works? Its invisible for the user?

5- Network Shield: added a component for blocking of malware URLs
—> How do I report new malwares URLs?

Thanks for your time and Patience!

BrBrasil

  1. this is probbaly a proactive part for detection of unknown malware droppers.
  2. You get a checkbox on every malware detection dialog so you can enable/disable it for every malware detected induvidually. It remebers selection through sessions.
  3. It used to be SMTP but now it’s through HTTP. I guess the priority is only known to ALWIL guys but i think it’s pretty much equal.
  4. Submission of samples detected through new Network Shield link detection
  5. It blocks malicious links that are spreading malware, detected malware is automatically reported back to ALWIL

I don’t want to go into much detail, but it’s basically a tool that will allow us to detect more malware on-access.

It’s not invisible, you can opt out if you’re not comfortable with it. Basically, the virus alert dialog has been modified so that it now offers this option to the user.

I think you don’t have to worry about this, it’s just saying that submissions from the chest now get uploaded directly to our server using HTTP.

I don’t want to comment on this, really. It’s an experimental feature that will most likely be completely unnoticable for 99% of users.
Again, no data is ever transferer without explicit user consent.

If you have some relevant / up-to-date URLs you can submit them to the virus lab (virus at avast dot com).

Thanks
Vlk
Thanks for your time and Patience!

BrBrasil