The BEHAVIOR shield

[ArminPasalic!]

When will AVAST Behavior Shield Improve??? My SETUP is: Comodo Firewall Free V4.0 with Sandbox and Defense+ and ofc. Avast 5 free(This is my free protection that is REALLY REALLY powerful. So, I have watched many reviews with AVAST IS 5, Pro and free, and they let some stuff through but the Behavior Shirld didnt pop-up. When will you make it powerful? Thanks. :-)

[Hermite15]

When will AVAST Behavior Shield Improve??? My SETUP is: Comodo Firewall Free V4.0 with Sandbox and Defense+ and ofc. Avast 5 free(This is my free protection that is REALLY REALLY powerful. So, I have watched many reviews with AVAST IS 5, Pro and free, and they let some stuff through but the Behavior Shirld didnt pop-up. When will you make it powerful? Thanks. :-)

1 what stuff was let through?
2 what is the behavior shield?
3 what do you expect it to be?

[DavidR]

The problem is one of interpretation as you believe all behaviour shields,etc. work in the same way.

- avast! Behaviour Shield, general information from an interview Softpedia - Vlk

Vlk: The Behavior Shield that we shipped in version 5.0 is a new component that is going to be further developed moving forward. For example, in version 5.1, we will be adding more sensors that will allow for even finer-grain filtering.

For now, the Behavior Shield is focused on exploits coming via typical mechanisms (browser, PDF reader, and flash vulnerabilities, for example). It also closely monitors all kernel-mode code (drivers) loaded into the operating system, and is able to detect zero-day rootkits.

[bri]

its sounds like and seems to me that the behaior shield is there to pickup exploits and zero day stuff that the avast sigs dont catch,therefore in my opinion the behavoir shield is very weak or in my opinion it doesnt work.needs a ton more work and seems like thats what there doing.

[DavidR]

Well if you check the quote it is more specific than all zero-day stuff, but zero-day rootkits.

The fact is that it doesn't currently fall into what people interpretation/expectation of a behaviour shield to be.

[essexboy]

Mayhap you will not see anything until something tries to penetrate your system

[bri]

davidr when i said zero day stuff i meant all malware so rootkits too.all im saying is ive been infected already and not a peep from the behaior shield not one single alert,so therefore to me it doesnt work.at the moment not a biggie for me i use ais sanbox.

[DavidR]

I know what your saying but the problem is behaviour and heuristics are somewhat loose terms. Given Vlk's quote he defines a) what is does now and b) what they are working on. Given that we can't say that it doesn't work as it is limited in what it is doing in 5.0.

Hopefully some additional sensors for the behaviour shield in 5.1 will go some way towards that.

[bri]

very well put
i agree,hopefully it will get better and better

I know what your saying but the problem is behaviour and heuristics are somewhat loose terms. Given Vlk's quote he defines a) what is does now and b) what they are working on. Given that we can't say that it doesn't work as it is limited in what it is doing in 5.0.

Hopefully some additional sensors for the behaviour shield in 5.1 will go some way towards that.

[Lisandro]

Some changes are being implemented...
http://forum.avast.com/index.php?topic=59223.msg499294#msg499294

[Asyn]

When will AVAST Behavior Shield Improve???

It starts right now...
asyn

Hi *,
we'll soon be releasing a new build of avast 5 Free/Pro/IS. As usual, we're making the build available for public testing before it's officially released (so far the version number is 5.0.533).

What's new
Most notable improvements include:
•   Improvements in the Behavior Shield (realtime antirootkit part)