File (OnAccess Protection) & WebShield (Web Protection)

[Guest]

[naren]

In Avast forum, I mentioned that I find the protection provided by Avast Shields are same as the protection provided by FileShield. Only the shields detects before FileShield and FileShield will eventually detect it. So I am running Avast with only FileShield, NetworkShield & BehaviourShield as I find all the other shield provide the same protection provided by the FileShield.

A user mentioned that FileShield cannot protect from few things. He said that if a site is hacked or a malicious script or malware is there in a site, they can steal your info like login, password, etc. FileShield cannot protect you in this coz malware woud not write anything on disk & therefore FileShield cannot protect you from this. Therefore Webshield is important it can protect you from this. Is this correct?

Thanxx
Naren

[naren]

Am I asking something wrong here?

Thanxx
Naren

[D Bone]

Vlk from avast! said this on Wilders:

Absolutely. It's no mystery.
You have to realize that no AV will ever detect/block all binary malware files. Therefore, it's useful to use other protection layers - layers that are ideally independent of the scanning engine that's responsible for the detection/blocking of the binary malware (i.e. the overlap isn't too big).

Avast's Web Shield is an example of that. With 90+ per cent of today's malware coming from web sites, it makes perfect sense to put additional protection layers to the HTTP stack. In avast's case, we use an advanced javascript detection engine, combined with a sophisticated HTML analyzer and URL blocker -- and in practice, these modules are able to detect the vast majority of malware even without ever seeing the corresponding binaries.

Also, the WebShield allows us to track the sources (source URLs) of binaries that are later executed, and these sources are then taken into account by the heuristics engine (generally, files coming from high-profile sites are less likely to be malware than files that are coming from unknown/dodgy sites).

Thanks
Vlk


You can read the whole thread titled, "Web Scanning - Is It Needed?" here:

http://www.wilderssecurity.com/showthread.php?t=305375&highlight=scanner

Vlk has said on more then one occasion, that in avast!, the Web and File shields are NOT the same.

[Tech]

Naren, that is correct. Keep the Shields.
The idea of the Shields is that you can configure them at different security levels, achieving the best balance between protection and performance. They allow that FileShield run at the best balance and keep the critical points is high security (if you set so).

[Tags:]