avast! 2014 BETA released!

Not fully enabled yet

 

avast! 2014 Free Antivirus, Internet Security betas now available

avast! Free Antivirus 2014 Beta 1 Build 9.0.2000

 

Looks like Network and Script Shield was integrated with Web Shield after all.

Since it's there regardless, how do I optimize the HTTP Scanner to not waste resources overlapping the other components?
I'm thinking scanning only .htm*, .php, and .css, what else do I add? Isn't .js already covered by script scanning in both Web and File System Shield? What about .jar and .swf?

Lastly, how do I enable Hardened Mode only for specific users? Some command-line arguments for enabling and disabling it at logon?

 

ReJZoR,I reckon Vlk said dynamic binary translation layer will be in next week,so I assume dyna-gen is running currently is it?

I will see if I can risk one of my home systems or my own system to test this out because I destroyed my VM softwares yesterday after 360 IS test LOL

AntiMalware,you can instead test them against deepscreen to see how it behaves?

VPS seems to havent moved a inch since yesterday though

 

Web Shield is already setup to be as low profile as possible as it already excludes bunch of files that don't need scanning.

As for the .js scanning, Web Shield as a file scanner checks the file basically in on-demand mode. Script Shield checks them during execution and traces it's commands during runtime (as far as my knowledge goes). Otherwise it would be pointless to do the same job twice otherwise.

 

Aye, thanks for the clarrification. I was in such a hurry to try this i didnt fully read the notes

 

Not really, it scans everything other than multimedia files. That's still an impact on browsing and downloading, especially when it's more efficient letting File System Shield handle those files. The only items that needs to be scanned are live components of a webpage, which I'm trying to find all of that's likely infectable and not covered by File System Shield.

By on-demand, do you mean the "Script scanning" checkmark and 2 sections on it? That means I don't need to add .js under "Web scanning" right?

Okay, currently settled with ".htm*:.php:.css:.jar:.swf:.pdf:.asp*:.x*:.json". More suggestions welcome (no JPEG, I've seen those gibberish that only work on outdated Windows Photo Viewer).

 

Well, frankly, only certain multimedia file types are non infectable. The rest either has no proper common MIME type to be excluded and the rest simply has to be scanned.

Web Shield is really a first barrier for ALL online born files. File System Shield is basically made only for files in transit or local files that arrive to your system from USB or CD/DVD. Files that get scanned by Web Shield are to my knowledge not scanned again by teh File System Shield unless they get modified. It's the caching thing doing it's magic, so you're not getting unnecessary overhead because two different shields scan the same file type. They do, but from different entry points to your system and never repeatedly because it now has caching which avoids that...

 

That only matters if executable. Otherwise I'll just let File System Shield pick it up.

Never said anything against Avast performance, but web browsing and downloads tends to be slower with Web Shield checking them before letting through.

Strangely, Avast 2014 Web Shield doesn't even block websites (like the URL of "Infection: JSecode-AWC [Trj]") without "Scan all files" set. I even tried direct file links with the extensions I've set, but nothing. Even URL's detected by Avast 8 Network Shield outside of Virtualbox isn't working.

Actually, this experience feels quite similar the last time I tried Web Shield 3 versions ago. Looks like I'll have to live with it (at least exclusions work) or try Avast's forum after all.

 

I've tried it with EICAR and it works just fine. HTTP is detected by the Web Shield, HTTPS one is detected by File System Shield.

Network Shield is another "beast" that only blocks malicious URL's which don't necessarely end up with binary EXE. They can be anything in a form of URL.

 

If it detected EICAR, you haven't tried "Scan only custom extensions" under "Web scanning" in Avast 2014 Web Shield. At least my custom extensions, will test with different Virtual Machine tomorrow.

Are we talking about the same Avast 2014 that doesn't have Network shield? What I've found is that all components of Web Shield appears to stop detecting anything if I disable "Scan all files" in "Web Scanning".

 

Well, if you set it to scan onyl selected extensions, then of course it won't scan anything other than what you say it should scan. So if you don't add EXE to the list, it won't scan it at all.

 

I am sure you wont stop using your ESET even if they change their UI

 

Also guys,please consider NOT to test this version right now.VPS is outdated by 3 updates and anything could have been activated during that time.Plus,we will have wait for next week to get new technologies running.This is more like a Pre-Beta as many things seem to be still not ready so please take it for granted

Thanks!

 

It doesn't matter, i like to see progress through the beta test so even if it did badly now, who cares for as long as it will improve through the beta. It seems like AutoSandbox is not functioning just yet in this beta...

 

The problem is not the tests,the problem is the performance,if it performs bad in a YT test,there many users taking that as a final result and hence avast will get a bad rating

Rather I wonder if dyna-gen is also coming next week or if it is activated during the VPS that v9 missed?

 

Im absolutely loving this thread full of conjecture.Lets just wait until avast actually releases the final version before issuing premature criticisms upon the product.
Thanks.

 

I love the new stat screen. I'm sure some folks won't like it because it might seem cluttered. I like that it has a wealth of info on it.

yeah detection seems a little hampered. I had a folder of 180 fresh samples and it detected 104 with a folder scan. It then detected another 42 when executed. That was with file scan set to high sensitivity and PUP enabled.
After about 30 min though it started to detect a few more. Not too bad for a beta and since it's only running on one leg, not bad at all.

 

thats pretty nice done indeed for a beta
and its running on one leg indeed

not bad at all thats for sure!!

 

Yeah,the setback of 3 VPS is hammering the detection.Hope they fix their update servers.

 

Hoe long has there been a issue? Becausr avast is one of the AV`s I (keep a eye) on and ive noticed falling signature detection in the last few weeks (atleast with whst i use) and am hoping that the full 2014 release gets it back on track.

 

The issue only exists in v9 since yesterday...v8 is fine and in my experience I havent notice a fall in sig detections,from where did you base that fall of sigs from by the way?

 

See my problem is childish honestly, i dont have a VM setup so i just check VT reports on Malc0de and for the last two weekz almost every sample posted is.not detected.by avast while being detected.by the other big names (bitdefende, avira ect.) Some of these pieces i ownloaded in SBIE and no URL block and no detection for over 95% now i know malc0de is a very small representative of real malware its just i feel that avast should.be up.there eith those other vendors, and like i said.i only started noticing this two weeks ago.

 

malc0de ? oh please...I'm sure you are checking 100 % clean files as well.

many fps out there not quite reliable.

 

These files are not clean when alot of them hace over 15.scanners detecting.(in my book).and i was having the same issue with MDL links as well although.not as much.