avast 6.0.1203 problem with behavior shield???

Hi Everyone,

Since I upgrade avast version to 6.0.1203 the Behavior Shield does not trace many incidents

It is running but before the behavior shield recorded 16 incidents whenever i start window, now just secdrv.sys and very little incidents.

Is this suppose to be normal or something is wrong with avast???

Does any experience any problem??? or this is due to the new update of avast???
I use window 7 ultimate 32 bit

Thanks.

Shouldn’t be a problem.

I have encounter a bug on the last build but fixed after restarting the system.

The bug is that behavior shield analyzed a .sys file the number is 4/0

Last event analyze = nothing

Last event block = nothing

@your topic

I noticed also that behavior shield scan less compare to previous build.

The previous build on stating the system Behavior scans 11 files…

But now it scans only 1.

I hope someone will explain to this.

One reason, over time what is scanned by the behavior shield would reduce. Why, well because of the avast communityIQ feature, which would be reporting these suspicions, interventions, etc. by the behavior shield and the files concerned may well have been confirmed as good.

Today to date on XP SP3 I have had 8 events analysed and 0 suspicious.

3 here - on a very slim system.

DavidR, i hope your reading this thread im tired of reporting FP.

All my thread were all ignored.

I even send the files to them.

The latest build still detecting the previous FP on my system.

I even reformat the system this week.

MBAM appears clean.

Avast bootscan all were clean.

The very frustrating FP is Nprotect game guard which affect all my online games that uses nprotect.

Avast should test their lab on online games.

I’m reading it, but what FP by which shield, if you have a topic that you have started post a link.

Note I don’t work for avast, so I don’t have any input on FP processing.

Tnx DavidR.

Ok i wanna explain based on my experience with avast.

What behavior shield detect as suspicious as it is same with antirootkit and autosandbox.

Ok in summary.

I always get NpptNT2.sys as the 3 feature of avast as a threat file.

Again all this

Autosandbox = behavior shiled = antirootkit

This 3 feature detect all the same.

Autosandbox? well its annoying poping up but i know how to configure to stop this pop up.

Behavior shield is same but i know how to exclude it.

Antirootkit sometime it pop ups.

My concern is that they are not testing this file as many of us here receiving this alert.

What if other people delete this file?

Anyway i will give you the link as this were the present of now appearing on my new OS and new avast build.
http://forum.avast.com/index.php?topic=78259.msg646866#msg646866

My other complain is still paused and not yet appearing which im still observing on it because
this build still new. I hope the other are already fixed.

I have responded in your original topic.

Back on topic regarding the BS… My BS stats are 3/0 for the last week. That’s a mix of the latest stable, and previous stable builds. I hardly ever see any action for the BS on my slim setup, So no, I don’t think that there is an issue with this build’s BS.

@Genesis

This may explain the why in your the above comment

[b]npptNT2.sys file information[/b]

User Comments

It is part of a rookit game hacking protection software, called GameGuard, which uses rootkit to detect and disable common game hacks.
Anonymous

This is a part of the nProtect GameGuard rootkit that prevents hacking in online games. It allows full access to your computer system and if possible all games using GameGuard should be removed. GameGuard itself is not dangerous but hackers can and do hijack the GameGuard system files for malicous intents.
Darian

http://www.file.net/process/npptnt2.sys.html

Exactly the same.

Before you upgrade always analyzing 14 events when you start Windows, after updating to version 6.0.1203 only analyze a “secdrv.sys” event the same as the partner.

It should be clarified whether this is an error or not.

I use Windows 7 Starter Edition 32 bit.

Thank you.