First of all thanks for making such a great piece of software like Avast! Home. Been an user for years and always liked it.
But I have a question about Avast! in 64-bit OS. One of these days I was reading another forum and noticed that the popular Avira Free anti-virus has the following limitations on 64-bit OS:
Quote: "[i]If installed on Windows XP 64 bit or Vista 64 bit, AntiVir experiences the following temporary restrictions:
protection of AntiVir services is not activated;
detection of active rootkits is not activated.
The installation of rootkit protection through kernel patch protection on Windows Vista is not yet possible. Microsoft has not yet released any API for security tools. Until this happens, the implementation of the above mentioned AntiVir functions may be improved.[/i]"
So basicly they say it’s an OS limitation and not their own. This got me confused because I always thought (and according to Avast! site) that Avast! offered the very same level of protection in both 32 and 64-bit OS.
So are the limitations that Avira state for their own product (no self-protection and no rootkit protection) also present in Avast! when it is installed on a 64-bit OS?
I’m using Windows 7 RC 64-bit and Avast! is apparently working fine but I wanted to clear this out if possible
avast! offers both, Anti-rootkit and Self-Defense functionality under 64bit systems. However boot-time scan is not available under 64bit systems. Thats the only real limitation with avast! under 64bit systems.
As for the service protection (right now, I’m not sure if it means the registry key or the process), it’s true - but only for Vista SP0. If you have Vista SP1 or higher, you’re fully protected.
As for the rootkit protection… there might be some limitations (hidden processes…? I really don’t know, just guessing), but the basic protection (detection of hidden files) is certainly enabled.
Also Avast! is really good again malicious web or hacked one that contain malicious script. With Avast! Pro your sure u can have a really great Anti Virus.
Since i’m using Windows 7 RC I suppose I qualify as being fully protected on this matter
So, as I understood it, the limitations might apply if a rootkit is already active. For example, if installing Avast! on a clean system, it can prevent rootkits from being installed/activated in the first place. Did I get it right?
Eheh, yeah you’re right ofc, my question was more in the line of “in a x64 OS, if a rootkit is still not installed/active and it tries to install/activate in some way (by means of a trojan for example), will the realtime guard of Avast! pick it up and stop it?”
I’m sorry to ask another question regarding this matter but been reading some more stuff and I still don’t get one thing. What makes rootkit protection different on 32bit and 64bit using Avast? I mean, why the limitations you state only exist in 64bit?
Honestly, I’m not 100% sure about this one… but my guess would be PatchGuard, present only on x64.
An antirootkit scanner is often quite a hack itself - and trying to bypass PatchGuard, even though possible, would be even more nastier (read: have higher probability of crashing the system or similar things).
Ah ok. I was not aware that the Avast! Anti-Rootkit scanner had any kernel-mode components or worked by patching the kernel itself That’s why I was not getting why it should be different from running it in a 32bit OS