The behavior shield and the ransomware shield need improvement.

Alikhan · 2017-07-22T14:27:06.000Z

Actually the behaviour shield is linked with the File Shield in some aspects. I can’t go into much detail but I’ll give an example. Most of the time zero day malware is already classified in the cloud (old malware is also classified in the cloud). Now here comes the important bit, malware is executed and IDP (behaviour shield) checks the cloud and gets a result that the file is classified as malicious but IDP does this check “asynchronously”. This means that the behaviour shield would not block the malware immediately since the File Shield which does the check “synchronously” would have already removed the threat before IDP got involved. File Shield does this query synchronously, e.g. it will block the malware process creation immediately while the query result gets back from the cloud. This is why sometimes some files get encrypted by ransomware before IDP reacts.

Another example would be CyberCapture being linked to the Web Shield.

I’ll need to see why the Ransomware Shield didn’t react, did the person making the video reboot after enabling the ransomware shield? The default mode for Ransomware Shield is “smart” mode so any trusted applications which are trusted via the cloud will be allowed to make changes such as Word etc. Any unknown programs will require user intervention.

RejZoR · 2017-07-22T18:30:21.000Z

To avast!'s defense, he didn’t actually have the folder he was testing in protected. Of course avast! failed to prevent encryption if it wasn’t even designated to protect that folder.

To the defense of the tester however, the way how avast! protects folders is nothing short of idiotic. It just randomly picks some folders with an excuse of “performance costs”. Protect the whole damn Music, Pictures, Documents and Videos folders. No buts or excuses. It’s absurd to expect regular Joe’s to protect the folders themselves because avast! has a bad mechanism for doing that automatically.

Asyn · 2017-07-22T19:04:15.000Z

In all short, crippling an AV an run tests on it afterwards is nonsense.

bob3160 · 2017-07-22T20:13:59.000Z

Asyn post:16:

In all short, crippling an AV an run tests on it afterwards is nonsense.

Pretty much what I said in reply #1 but who’s counting.

Asyn · 2017-07-22T20:24:23.000Z

bob3160 post:17:

Asyn post:16:

In all short, crippling an AV and run tests on it afterwards is nonsense.

Pretty much what I said in reply #1 but who’s counting.

Well, see it as acknowledgement/reassurance.

system · 2017-07-22T21:02:58.000Z

Asyn post:16:

In all short, crippling an AV an run tests on it afterwards is nonsense.

Not necessarily!

A lot of antiviruses would advertise various “shields”: Web protection, Exploit protection, Malware protection, Ransomware protection, Behavior blocker, Heuristic, Machine learning , etc and all kind of other gimmicks , in order to inspire confidence.

In fact, 99% of detection is still signature based, and when somebody tries to test a specific shield , the answer is " is nonsense"

To illustrate better, see here :

https://support.emsisoft.com/topic/27503-new-anti-ransom-module/

Emsisoft changed the name of their “behavior blocker” (formerly known as Mamutu" to Anti_Ransomware module strictly for commercial reasons

In fact, that module has nothing to do with ransomware.

Asyn · 2017-07-22T21:15:26.000Z

John712 post:19:

Asyn post:16:

In all short, crippling an AV and run tests on it afterwards is nonsense.

Not necessarily!

Well, feel free to dream on…

system · 2017-07-22T21:30:31.000Z

Asyn post:20:

John712 post:19:

Asyn post:16:

In all short, crippling an AV and run tests on it afterwards is nonsense.

Not necessarily!

Well, feel free to dream on…

Well… , see here some other opinions (non-evangelists)

http://www.dslreports.com/forum/r31519031-Avast-Antivirus-v17-5-2303-Released

“Avast Antivirus v17.5.2303 Released
Avast Antivirus v17.5.2303
Released 18 July 2017”

“Is this program still bloated? For example having a crazy amount of “shields” along with unnecessary services?”

"I think it does and that is why I just post the updates and don’t use it anymore!! good luck bro "

Asyn · 2017-07-22T21:33:46.000Z

John712 post:21:

Asyn post:20:

John712 post:19:

Asyn post:16:

In all short, crippling an AV and run tests on it afterwards is nonsense.

Not necessarily!

Well, feel free to dream on…

Well… , see here some other opinions (non-evangelists)

Your links are OT here.
https://www.avast.com/faq.php?article=AVKB96#artTitle (Add/Remove components)

bob3160 · 2017-07-22T22:15:39.000Z

I personally think all this crapp is to simply to continue pushing the nonsense video.
I’m finished with any other responses to this post. Apparently the user isn’t willing to listen to reason.

system · 2017-07-23T04:56:40.000Z

RejZoR post:15:

To avast!'s defense, he didn’t actually have the folder he was testing in protected. Of course avast! failed to prevent encryption if it wasn’t even designated to protect that folder.

When he realized that he added the folder to ransomware shield but even after that the files got encrypted by another ransomware.

stibi · 2017-07-23T09:07:58.000Z

RejZoR post:15:

To the defense of the tester however, the way how avast! protects folders is nothing short of idiotic. It just randomly picks some folders with an excuse of “performance costs”

What does this mean? Does Avast protect really “randomly some folders”? I cannot believe this…

RejZoR · 2017-07-23T10:29:31.000Z

From my system, that was exactly the case. I don’t know what kind of mechanism they use, but I know it’s a garbage one. I have tons of images in Pictures folder. And avast! just selectively picked few folders from it. Not even all the folders or entire Pictures folder. Granted, I have my data folders on drive D: (relocated), but quite frankly, these destinations are variable based, it doesn’t matter where user relocates them, Windows is always aware of the path.

Asyn · 2017-07-23T10:31:54.000Z

Ransomware Shield - FAQ: https://www.avast.com/faq.php?article=AVKB50

chris... · 2017-07-23T11:15:08.000Z

Ransomware Shield secures your personal photos, documents, [b]and other files[/b] from being modified, deleted, or encrypted by ransomware attacks. This feature scans for and automatically secures folders which may contain personal data and allows you to specify which other folders you want to protect from untrusted applications. Additionally, you can specify which applications are allowed to modify the files in your folders and which applications are always blocked.

So , if we can protect the files we want, why not protect all the files on the hard drive ?

stibi · 2017-07-23T16:10:08.000Z

Asyn post:27:

Ransomware Shield - FAQ: https://www.avast.com/faq.php?article=AVKB50

Ok, but that’s unbelievable, until one adds all his personal folders manually. And this may slow the system down …

RejZoR · 2017-07-24T08:19:09.000Z

chris05 post:28:

Ransomware Shield secures your personal photos, documents, [b]and other files[/b] from being modified, deleted, or encrypted by ransomware attacks. This feature scans for and automatically secures folders which may contain personal data and allows you to specify which other folders you want to protect from untrusted applications. Additionally, you can specify which applications are allowed to modify the files in your folders and which applications are always blocked.
So , if we can protect the files we want, why not protect all the files on the hard drive ?

They say it’s for performance reasons. Though, quite frankly, protecting entire Documents, Pictures, Music and Videos folders shouldn’t present too much of a performance hit quite frankly.

chris... · 2017-07-24T08:45:26.000Z

RejZoR post:30:

They say it’s for performance reasons.

However , I just did the test , impossible to add
(A message appears, but I do not have time to read it full , it disappears quickly , just begins by : “impossible to add…”)

mchain · 2017-07-24T17:34:19.000Z

If the folder in question is under user\user name\Pictures (i.e. Pictures) what is said here is that not all pictures and their respective folders inside the Picture folder is/are protected? Must one create a custom file protection setting for each folder?

Isn’t the default setting really about the file extension? See attached below:

Not clear at all what is not protected by default settings here if we go by what has been posted.

system · 2017-07-24T17:44:21.000Z

I’m sure one of the Avast evangelists will promptly reply that you are the problem and Avast works perfectly. Meanwhile, we should all consider a product that performs without bloatware that is soulessly designed for marketing purposes.

Any suggestions?

Announcements