I was thinking something…
Rootkits are designed to hide files and functions from OS itself.
So even antivirus cannot detect them.
Now if we perform boot-time scan,all OS elements are gone and rootkits are useless.
So avast! has some advantage over other AVs right? Or am i missing something?
That depends on what kind of rootkits are we talking about. Most of them (but not all) are device drivers, and actually load even before the boot time scanner.
I thought you get just basic functionality at boot-time. Looks like it’s not that simple…
At this stage, the device driver can (but necessarily doesn’t have to be) loaded. It’s more or less its decision at which stage of the boot process to load…