Author Topic: Behavior Shield  (Read 9002 times)

0 Members and 1 Guest are viewing this topic.

jwall

  • Guest
Behavior Shield
« on: January 21, 2010, 05:21:24 PM »
New to avast 5 free and I can't find specific information about the Behavior Shield.
What is it and do I need it?  Is it the malware detector?
I use Malwarebytes free (not a resident) and scan every few days or so.

Hermite15

  • Guest
Re: Behavior Shield
« Reply #1 on: January 21, 2010, 05:37:29 PM »
New to avast 5 free and I can't find specific information about the Behavior Shield.
What is it and do I need it?  Is it the malware detector?
I use Malwarebytes free (not a resident) and scan every few days or so.

yeah... that's the avast5 unknown parameter  ;D , it refers to a set of rules that do exist currently only for 32 bit systems. So if you wanna have any use of it right now you need to be on a 32 bit version of Windows. The BS, from the rare things I've heard about it, watches the system and alarms you for unusual behavior. It's not a malware detector but again, a system watcher. Also, you won't be able to interact with it like with a HIPS, you'll just have the opportunity to report an issue detected by it to Avast for further analysis. Can't tell what follows exactly  ;)
« Last Edit: January 21, 2010, 05:39:20 PM by Logos »

jwall

  • Guest
Re: Behavior Shield
« Reply #2 on: January 21, 2010, 05:39:29 PM »
Thanks, I'll stick with Malwarebytes even though I have Win XP Home.

waking

  • Guest
Re: Behavior Shield
« Reply #3 on: January 21, 2010, 05:40:36 PM »
From the help:

Behavior shield - monitors all activity on your computer and detects and blocks
any unusual activity that might indicate the presence of malware. It does this
by continuously monitoring your computer's entry points using special sensors to
identify anything suspicious.

From the Web site:

avast! Community IQ

Most samples we process come from sensors deployed throughout the avast! community
in the Behavior shield and anti-rootkit modules. This is a unique source of data
made possible only thanks to our huge user base. Most of the collected samples are
analysed by a number of automated processes and only a small fraction of the samples
need to be processed manually by our virus analysts.

Behavior Shield

Monitors activity on your computer using a number of sensors (file system, registry
and network based) and reports/blocks any suspicious behavior.

Someones

  • Guest
Re: Behavior Shield
« Reply #4 on: January 23, 2010, 06:24:51 AM »
So are these 'sensors' similar to the rules of a typical behavioural blocker/classical HIPS?

Hermite15

  • Guest
Re: Behavior Shield
« Reply #5 on: January 23, 2010, 03:26:40 PM »
So are these 'sensors' similar to the rules of a typical behavioural blocker/classical HIPS?

as said I have to idea as to what action can be taken if something wrong is detected, only heard from the devs here that it's just about reporting, so no immediate blocking. They (the devs) can react then (after the report) by implementing rules in the next engine update; but you won't see anything in the interface mentioning the applied rules.