Many users say that webshield or webprotection are useless & waste of resources coz every malware has to hit the harddisk or memory & the realtime protection will detect it.
But this seems is not true with Avast or am I missing here something.
Coz just now I tried downloading few malware from MDL & Avast webshield & networkshield blocked 2. So I disabled them & downloaded them. I did a right click scan & also opened the folder & did a single click on the malware but Avast’s Fileshield didn’t detected them (I did not tried running the malware coz its a real system).
I dont know if Avast would have caught the malware if I tried running them. But I think it should have caught them in a right click scan or when I did a single click on them, right?
So atleast in Avast case I think there is a protection difference with the shields. You cannot install only fileshield thinking that whatever other shields detects specially webshield will be eventually detected by the fileshield. Atleast in my test it is this way.
I think the discussion of whether webshield is necessary or not is product dependent. If the products main shield & webshield protection are different then it is good & if they are same then webshield is kind of resource waste. Wot say frds??
Edit - Valkyrie is amazing. Of the 10 malware downloaded 2 were not detected by any on the virustotal. Valkyrie detected all the 10. God when they are going to integrate valkyire in CIS.
They probebly just blacklisted the URL and did not make a signature for the malware hosted there or the malware has changed. Comodo does that with its dns.
I dont think webshield, webscanner etc. are useless. Just scanning with signatures can also be done it a file gets on the harddrive. But scanning for exploits or blacklisted URL’s is in my opinion a good thing.
Shields allow configuration. Configuration allows the program to run at high detection rate when it is most needed. And so, shields give a better balance between protection and performance.
WebShield scans the http traffic. It’s not a blacklist.
Of course, WebShield could have detected any other infection on that site and the particular file is not infected (or avast missed it). The user can try www.virustotal.com.
Its this so, because of copyright things, service protection from being copied, etc…?
Because I think it wouldbe great to add it as a local service, instead of cloud based (because sometimes malware blocks the use of the internet).
But many do say say that.
It’s kind of what CIS is built around.
It is the standard answer when asked why no Email Scanner/Shield, Web Scanner/Shield, IM Scanner /Shield in CIS? It seems like extra processes and program bloat for no gain in real protection.
What would be really False would be to assume any file safe because it was undetected by any AV.
The extra shields and web scanners and link scanners and pre scanners, blah blah scanners.
Are a result of the blacklist/AV industry trying to one up on each other.
“Oh yea, well we scan links before you even think to click them”
So what? If it’s not on the list, black or white then it is unknown or 0day.
That’s what really matters is how you handle these.
You can take your resources to scan the web against some lists to find there is a lot of stuff unlisted.
Or use your resources to protect your machine from what is on it and trying to act on it.
I fing these cloud things little useless sometimes. Useless in the sense they react slower than local signatures.
Many a times in the test I have observed that a malicious app was detected by the cloud in the middle of the install but the apps gets installed though the malicious part of it is deleted by the AV. So though the infection was prevented but the app got installled so the craps or the installation is there which is unwanted.
Local scanner’s react instantly so the malicious app would be detected at the start only & therefore no craps or unwanted leftover installation.
But anyway Valkyrie is amazing & looking forward to it being incorporated in the best possible way whether cloud or any.
i know what you mean with cloud components it all depends on user Internet speed but with valkyrie there is no other choice but to put it in the cloud because of the power it needs to do its calculations is way beyond what end users computers can handle.
Yor are right? And I have observed in my tests that Avast’s main shield i.e realtime shield i.e file shield is not that good. Zeroday Protection of Avast’s is weak. Behaviour Blocker never reacts.
Whenever I have tested only the realtime protection of 3 A’s i.e Avira, Avast & AVG with zeroday malware. In all the tests Avira was the best then AVG & last Avast. Many a times the difference of the missed malware was big.