Author Topic: Where can I find the behaviour shield log?  (Read 3393 times)

0 Members and 1 Guest are viewing this topic.

alecj

  • Guest
Where can I find the behaviour shield log?
« on: August 27, 2012, 03:29:14 PM »
I'm a new user still finding my way around.  I've looked in the user manual, program help and searched the forum but cannot find whether there is a log of behaviour shield events, is there one?

Last night avast popped up a supicious program (I assume behaviour shield reported this) that was rundll32 executing from my local settings\temp directory. 

I was considering uploading the file to some analysis site that I'd googled across when it the file disappeared (deleted).   Googling this I've found some virus descriptions with rundll32 running in user\local settings\temp, but none of the other indicators / virus symptoms they describe exist on my system - registry keys, other files, etc.

In behaviour shield-->show traffic history-->today I see an event but it doesn't specify what it was.  Is there anywhere I can look to see how many times this particular event has occured?
thanks
a



Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: Where can I find the behaviour shield log?
« Reply #1 on: August 27, 2012, 03:49:46 PM »
It is here C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast\report\BehaviorShield.txt (winXP) or C:\ProgramData\AVAST Software\Avast\report\BehaviorShield.txt (Vista, win7), this is likely to be a hidden folder unless you have previously changed the folder options to show hidden files and folders.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

alecj

  • Guest
Re: Where can I find the behaviour shield log?
« Reply #2 on: August 28, 2012, 07:52:10 PM »
Thanks DavidR

Still only the one event there but I'll be keeping an eye on it

alecj

  • Guest
Re: Where can I find the behaviour shield log?
« Reply #3 on: August 28, 2012, 08:36:50 PM »
I have an event showing in the behaviour shield traffic history at 7pm today but no entry in the behaviour shield log.  The original event from a few days ago is there and a start up banner from each PC reboot.

Is there any other way to find out what the shield traffic history event was?

Thanks
A

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: Where can I find the behaviour shield log?
« Reply #4 on: August 28, 2012, 09:17:39 PM »
I don't find a whole lot on my XP systems, mainly because I uncheck the 'Monitor the system for unauthorised modifications' as my firewall and WinPatrol Plus cover that also.

Personally I wouldn't even bother trying to track it down as it isn't an issue of it being malicious, just that it was initially considered suspicious, so should have been further analysed, if it were malicious then there should have been an avast alert to the screen.

I tend to keep my nose out of the logs (not that interesting/exciting) I only consider it worthwhile checking if avast actually alerts, which for me is highly unlikely, normally only happens when I'm checking something out for the forums.
« Last Edit: August 28, 2012, 09:19:21 PM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security