Author Topic: A question about the behavioral shield.  (Read 586 times)

0 Members and 1 Guest are viewing this topic.

Offline cristianojgm

  • Jr. Member
  • **
  • Posts: 72
A question about the behavioral shield.
« on: April 25, 2021, 05:04:42 PM »
Is the avast behavior module linked to the cloud? Does it also work disconnected from the internet?

Offline Rednose

  • Pirate Party Member
  • Avast √úberevangelist
  • Massive Poster
  • *****
  • Posts: 3744
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
Re: A question about the behavioral shield.
« Reply #1 on: April 25, 2021, 11:52:16 PM »
Hi cristianojgm,

Is the avast behavior module linked to the cloud?

Yes,

Avast Behaviour Shield was originally developed by AVG.
And when I visited Avast with some fellow Evangelists in 2017, they explained to us in a presentation how Behaviour Shield works.
So I know it is using the cloud, but I don't remember the details.

Does it also work disconnected from the internet?

...

I am not sure if it doesn't work at all when disconnected from the internet.
Things can change in time, so I will try to find out.

Greetz, Red.

« Last Edit: April 26, 2021, 12:14:10 AM by Rednose »
OS: Win 10 / iOS 14 / Debian 10 / Tails 4
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with CyberSec

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 85640
  • No support PMs thanks
Re: A question about the behavioral shield.
« Reply #2 on: April 26, 2021, 01:09:28 AM »
There could well be behavioural signatures/patterns/actions (which may not require a connection) that would be considered suspicious.  That said for any resident antivirus regular virus signatures (and engines) require frequent update to stay up with current developments.  I mention 'engines' as that too could be related to things like behavioural, IDP and heuristic detections.

The behavioural shield isn't the only game in town (cyber capture, hardened mode) but these are linked to the cloud and need a connection to be at their most effective.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.691) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline cristianojgm

  • Jr. Member
  • **
  • Posts: 72
Re: A question about the behavioral shield.
« Reply #3 on: April 26, 2021, 01:31:27 AM »
Hi cristianojgm,

Is the avast behavior module linked to the cloud?

Yes,

Avast Behaviour Shield was originally developed by AVG.
And when I visited Avast with some fellow Evangelists in 2017, they explained to us in a presentation how Behaviour Shield works.
So I know it is using the cloud, but I don't remember the details.

Does it also work disconnected from the internet?

...

I am not sure if it doesn't work at all when disconnected from the internet.
Things can change in time, so I will try to find out.

Greetz, Red.
The best thing avast gained when purchasing AVG was to obtain this feature. About 6 years ago I learned to use trojans that are remote access to the victims' computers, I remember that I created crypters to obfuscate the code of these trojans, such as njRat, XtremeRat and managed to cheat several antivirus including Avast. After IDP was coupled with avast, the Trojan users' party is over hahaha. I remember that at the time I tested to see if the trojan would be able to circumvent AVG and even in the scan it did not accuse viruses when I ran the malware, the idp did not let it pass. I stayed 1 year between 2014-2015 messing with tronjans and then I decided to stop.