Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: cristianojgm on April 25, 2021, 05:04:42 PM

Title: A question about the behavioral shield.
Post by: cristianojgm on April 25, 2021, 05:04:42 PM
Is the avast behavior module linked to the cloud? Does it also work disconnected from the internet?
Title: Re: A question about the behavioral shield.
Post by: Rednose on April 25, 2021, 11:52:16 PM
Hi cristianojgm,

Is the avast behavior module linked to the cloud?

Yes,

Avast Behaviour Shield was originally developed by AVG.
And when I visited Avast with some fellow Evangelists in 2017, they explained to us in a presentation how Behaviour Shield works.
So I know it is using the cloud, but I don't remember the details.

Does it also work disconnected from the internet?

...

I am not sure if it doesn't work at all when disconnected from the internet.
Things can change in time, so I will try to find out.

Greetz, Red.

Title: Re: A question about the behavioral shield.
Post by: DavidR on April 26, 2021, 01:09:28 AM
There could well be behavioural signatures/patterns/actions (which may not require a connection) that would be considered suspicious.  That said for any resident antivirus regular virus signatures (and engines) require frequent update to stay up with current developments.  I mention 'engines' as that too could be related to things like behavioural, IDP and heuristic detections.

The behavioural shield isn't the only game in town (cyber capture, hardened mode) but these are linked to the cloud and need a connection to be at their most effective.
Title: Re: A question about the behavioral shield.
Post by: cristianojgm on April 26, 2021, 01:31:27 AM
Hi cristianojgm,

Is the avast behavior module linked to the cloud?

Yes,

Avast Behaviour Shield was originally developed by AVG.
And when I visited Avast with some fellow Evangelists in 2017, they explained to us in a presentation how Behaviour Shield works.
So I know it is using the cloud, but I don't remember the details.

Does it also work disconnected from the internet?

...

I am not sure if it doesn't work at all when disconnected from the internet.
Things can change in time, so I will try to find out.

Greetz, Red.
The best thing avast gained when purchasing AVG was to obtain this feature. About 6 years ago I learned to use trojans that are remote access to the victims' computers, I remember that I created crypters to obfuscate the code of these trojans, such as njRat, XtremeRat and managed to cheat several antivirus including Avast. After IDP was coupled with avast, the Trojan users' party is over hahaha. I remember that at the time I tested to see if the trojan would be able to circumvent AVG and even in the scan it did not accuse viruses when I ran the malware, the idp did not let it pass. I stayed 1 year between 2014-2015 messing with tronjans and then I decided to stop.