Avast 5.1 and 6.0

For those who may not have seen the posting at Avast by VLK on this subject, the following is a portion of his posting.

Dated:10/2/2010

Avast 5.1, due next month, will not really have any meaningful differences besides improved malware removal/cleaning (I mean, it will have quite a few new features - such the 64-bit boot time scan and new stuff in the Behavior Shield - but none of these features are that related to the topic of this thread). V5.1's main feature is the central administration (i.e. a feature not really interesting to end users) - and it will also be marketed this way (as a corporate product, essentially).

Now, with Avast 6.0 (which is coming sooner than you may think), it's a different story. Avast 6.0 will feature the in-the-cloud heuristics based on the age/prevalence data (as suggested above by sded) as well as new stuff related to the use of our sandbox. But, instead of using the "default deny" paradigm that Comodo is trying to advertise so much, avast will work differently. It will rely on its heuristics engine to make decisions whether an executable file should run sandboxed or not. Let me explain this in a bit more detail. Currently, the outcome of the scan is pretty much binary - either the file is called "clean" (and is allowed to run), or it is flagged as "infected" (and appropriate actions are applied - and the file isn't allowed to run). This also applies to heuristics detections. Now in avast 6.0, the outcome could also be "potentially infected, use extreme caution" and this case, when talking about an on-exec scan, will (by default) be handled by sending the file into the sandbox. If the program is legitimate, it has a good chance of running OK inside the sandbox (and of course you, as a user, can always override the decision and run it normally). And if it's really malware, avast has just saved your butt.

There are many other minor things that make up these changes (such as further emphasis on the Behavior Shield when making these heuristics decisions, i.e. taking into account full context info) but this is, at a glance, how it's going to work. What may be of special interest, also, is that this is how it's going to work even in the free version (which means that the core functionality of the sandbox will likely be moved to the free AV).

Thanks
Vlk

 

Great to hear that Avast will have an antidote for Comodo. . Now am I to understand that Avast 6 free will also have a sandbox?

Thanks.

 

Nice to see that avast! is evolving in its way of protecting users, and specially this part:

I really applaud the avast! team for all this improvements that have been introduced and that will be introduced as well. I really like that most of what avast! has to offer is built in house. This says a lot about a company running a business. They don't just limit to buy what others do!

 

I wonder when they'll make the Behavior Shield available for x64... Currently it's analyzing nothing at all.

 

it will have the core functionality of the sandbox, but it wont have the user controllable sandbox features of the sandbox (the way it currently is, manual sandbox and such)

pretty sure v5.1 will have an improved behavior shield (altho idk to what extent, but hopefully it will at least do something lol)

 

5.1 hasnt been released yet.

 

Seems very nice

 

True, however the message by Vlk talks about the x64 boot time scanner but doesn't mention about x64 behavior shield. We'll just wait and see. It's good to see avast! picking up on new features actually improving protection!

 

but it does say "new stuff in the behavior shield"

 

true, best to let him expand on it. He was in Greece earlier this month on vacation. No doubt, feasting on domaldes and spanakopites. With a tad bit of Ouzo to wash it down. μπράβο

 

Sound delicious, i would care for a recipe, pronto. .

Thanks.

 

Currently, the outcome of the scan is pretty much binary - either the file is called "clean" (and is allowed to run), or it is flagged as "infected" (and appropriate actions are applied - and the file isn't allowed to run). This also applies to heuristics detections. Now in avast 6.0, the outcome could also be "potentially infected, use extreme caution" and this case, when talking about an on-exec scan, will (by default) be handled by sending the file into the sandbox. If the program is legitimate, it has a good chance of running OK inside the sandbox (and of course you, as a user, can always override the decision and run it normally). And if it's really malware, avast has just saved your butt.

Let me see if I got this right. It means if I double click on a file which might trigger a few alarms inside Avast (but not enought to flag it as suspicious), it will be run inside sandbox. It sounds like an exciting feature.

But in the end who will decide if this file is OK or not? Will I get a prompt stating that the file has been sandboxed?

 

mia xara perase.....

 

Many new features ... but even im wondering like sputnik about when will bb scan something in x64 .. boot time scan will be a bonus .. eagerly awaiting 5.1

 

Where is the link of this information?

 

http://forum.avast.com/index.php?topic=64382.msg546016#msg546016

 

im just REALLY HOPING they do NOT bloat what they have. right now it is a awesome av that you barely can tell is running and that includes on older hardware like celeron laptops etc.. i liked it so much i bought all 3 year lic's and my only fear is they go they way of some others in adding things that are simply NOT NEEDED in a av or is like backup and registry cleaning etc i for one DONT WANT ANY OF THAT...

 

agreed, and at least from what i know, they have no intention on moving in that direction

 

Nice updates. When is 5.1 going to be released?

 

Crazy,

Avast was allways the leader of providing most complete feature set. Now AVG has made its full product free, Avast again adds something extra cloud heuristics and sandboxing.

With this freeware offering so much and the OS offering more protection by itself, who needs a paid product anymore?

 

Well businesses needs to use some paid security product don't they?

 

those that have money to afford it if a software is good i buy the paid version because i want support the developers and Avast is a very good product.

 

Not if they dare to use COMODO, PC Tools or/and MSE!

Also @trjam
Admiring your persistence, it's been days now and your still with avast!

 

Depends on the size of the business, if they have a lot of machines configuring those invidually might be hard.

Nice improvement from Avast for version 6, the sandbox isn't in the free version if I'm correct though?

 

Thoroughly looking forward to version 6