This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Behavior Shield

This Article Applies to:

  • Avast Small Business Solutions
  • Avast Small Office Protection


Behavior Shield is an additional layer of Antivirus active protection. It monitors all processes the devics in real time for suspicious behavior that may indicate the presence of malicious code. Behavior Shield works by detecting and blocking suspicious files based on their similarity to other known threats, even if the files are not yet added to the virus definitions database.

Behavior Shield is available for Windows workstations only.


Behavior Shield is part of the Core Shields of the Avast Business client.

From Protection > Core Shields, you can enable/disable this component using the dedicated toggle.

Note that it is not possible to individually enable/disable Behavior Shield in managed devices - only all core shields can be disabled/enabled at once from the Advanced Settings. Unmanaged devices have free control over disabling/enabling these shields.

Configuring Behavior Shield Settings

There are no advanced Behavior Shield settings available in Menu > Settings > Protection > Core Shields > Behavior Shield - you can only enable/disable the component here and choose whether the shield's actions will be logged in a report file.

However, within the Geek Area of the client, it is possible to select an added option for Behavior Shield when handling suspicious programs. To configure this setting:

  1. Go to Menu, then select Settings
  2. Click Search in the top right corner
  1. Type geek:area in the search field, then hit Enter
  1. Under the Behavior Shield section, choose the shield's response to malicious program behavior:
    • Always ask: Behavior Shield asks what you want to do with a detected threat before any action is taken
    • Automatically move detected threats to Quarantine: Threats that behave similarly to known threats listed on the Avast virus definitions database are moved to Quarantine
    • Automatically move known threats to Quarantine (enabled by default): Threats that are listed on the Avast virus definitions database are moved to Quarantine, unknown threats will be asked

Adding Behavior Shield Exceptions

If needed, you can add exceptions to the Behavior Shield scans through the Exceptions tab of the Settings > General section. This can speed up the scans and prevent false-positive detections. For detailed instructions, see Configuring Antivirus Exceptions.