Avast Explains Where Boot-Time Scan Went
With more that 100 million users, Avast is one popular security software application. And now that that version 5 of the antivirus program has been released, we can only expect it to draw in even more users. ALWIL Software, the company behind Avast, rolled out Avast! Free Antivirus 5.0, Avast! Pro Antivirus 5.0, and Avast! Internet Security 5.0 late last month, software that comes with a completely redesigned UI, a new gaming mode, and enhanced, top quality protection against security threats.
“With Avast! 5.0, we are defining a new direction in antivirus,” explained Vince Steckler, CEO of ALWIL Software. “Our free and paid versions are identical in terms of the level of malware protection. The free version is designed for ordinary internet use while Avast! Internet Security 5.0, our new top product, is best for internet users doing security sensitive activities such as on-line shopping and banking. Our free version is for home non-commercial use. We believe that by showing these users the full potential of our software, they will continue to advocate our brand into the wider market.”
There were some noticeable absences. For example, previous Avast versions required you to register the antivirus program. With version 5, the email registration process has been eliminated. Another thing that seems to have disappeared is the option to set up automatic actions for the boot-time scan (BTS). According to Avast representatives, this feature has been removed on purpose because, at least for the time being, it represents a risk.
“The reason why the boot-time scan (BTS) in v5 doesn’t support automatic actions is that the feature (at least for now) is very dangerous. In the past, we have seen a worrying number of users who accidentally deleted critical system files by means of the boot-time scanner set up to take automatic actions,” explained a member of the Avast team.
When Avast detects a virus, it checks the whitelist of well-known good applications, and files digitally signed by trusted publishers. If the virus matches an application in the whitelist, Avast assumes the file is not a virus, it assumes this is a false positive (when a genuine program is flagged as malware). Because it assumes this is a false positive, Avast does not report the file as infected, it only asks the user to submit the file for further analysis. The problem is that during boot-time scans, this feature is not available (if the BTS is set up to take automatic actions, it could delete a file that has been erroneously flagged as malware). The Avast team is working on implementing the feature in future versions – it will probably be added to version 5.1, but it is a lot of hard work.
“The boot-time scanner is an expert feature, and was designed to be used when there’s something bad going on on the system. And in these cases, I’d say that having to actually select the actions manually is a small price to pay,” added the Avast team member.
“With Avast! 5.0, we are defining a new direction in antivirus,” explained Vince Steckler, CEO of ALWIL Software. “Our free and paid versions are identical in terms of the level of malware protection. The free version is designed for ordinary internet use while Avast! Internet Security 5.0, our new top product, is best for internet users doing security sensitive activities such as on-line shopping and banking. Our free version is for home non-commercial use. We believe that by showing these users the full potential of our software, they will continue to advocate our brand into the wider market.”
There were some noticeable absences. For example, previous Avast versions required you to register the antivirus program. With version 5, the email registration process has been eliminated. Another thing that seems to have disappeared is the option to set up automatic actions for the boot-time scan (BTS). According to Avast representatives, this feature has been removed on purpose because, at least for the time being, it represents a risk.
“The reason why the boot-time scan (BTS) in v5 doesn’t support automatic actions is that the feature (at least for now) is very dangerous. In the past, we have seen a worrying number of users who accidentally deleted critical system files by means of the boot-time scanner set up to take automatic actions,” explained a member of the Avast team.
When Avast detects a virus, it checks the whitelist of well-known good applications, and files digitally signed by trusted publishers. If the virus matches an application in the whitelist, Avast assumes the file is not a virus, it assumes this is a false positive (when a genuine program is flagged as malware). Because it assumes this is a false positive, Avast does not report the file as infected, it only asks the user to submit the file for further analysis. The problem is that during boot-time scans, this feature is not available (if the BTS is set up to take automatic actions, it could delete a file that has been erroneously flagged as malware). The Avast team is working on implementing the feature in future versions – it will probably be added to version 5.1, but it is a lot of hard work.
“The boot-time scanner is an expert feature, and was designed to be used when there’s something bad going on on the system. And in these cases, I’d say that having to actually select the actions manually is a small price to pay,” added the Avast team member.
