Okay, āquick and dirtyā is another expression for a quick workaround that will work but does not earn a beauty contest. Ofcourse Iām not complaining about the skills of the avast programmers. I just meant that DEP is a big feature of SP2 especialy for AMD64 owners that have build-in hardware DEP support in their CPU. I do not want to shut down this great feature or exclude anything from being saveguarded by DEP.
Hopefully the new version will be available soon, untill then Iāll keep SP2 in the freezer 8)
Well, I donāt think DEP is that big featureā¦ if you know itās there, you can probably bypass it as well (if thereās a bug in the code), itās just a bit more complicated
Besides, a number of security bugs has already been found in SP2.
In any case, itās certainly better to exclude only some apps from the protection than to disable it completely. Honestly, I donāt think thereās a big probability of avast! being a target of an attack DEP may prevent.
Anyway, weāll try to release the update as soon as possible - but the update isnāt just SP2 compatibility, but a number of other features - and we have to make sure theyāre OK.
Igor, sorry for the off topic, but can I ask you why the RejZorās application (AEC) can disable avast if ashServ.exe is protected by ProcessGuard ?
This way, ProcessGuard will be uselessā¦
RejZoR, how can you by-pass avast password and terminate it? ???
Well basically avast! calls password feature only if you wanāt to disable it normal way from within menus or change its settings. It doesnāt protect you from low level termination.
Regarding Process Guardā¦
Iām sure its working,but i donāt know if youāre protecting the right process and with right settings. If i really managed to bypass it then iām a genius hehe
Well basically avast! calls password feature only if you wan't to disable it normal way from within menus or change its settings. It doesn't protect you from low level termination
RejZor if it's that easy for you to bypass the protection, then what would protect us from some malicious software from turning avast! off and starting up it's malicious code without any warning to us????
As was said multiple times: once the program is running and has enough access rights (administrator), it can do anything if written in a clever way.
So, itās important not to allow it to run at all in the first time.
RejZoR, right now Iām on Linux and so I canāt check thatā¦ I should return to Windows. But, as I know, I configurated Process Guard to protect ashServ.exe. Am I wrong? (Oh, Iām using the free version of PG). When I try to close ashServ.exe from the Task Manager, Iām forbidenā¦ I though I was protected from low level terminationā¦
Which program are you talking about?
The one that will terminate avast?
Well, AEC could do it but how will we know the others (like Bob asked?)
Iām worried nowā¦ I though it was not so easy to bypass the antivirus protectionā¦
Why just avast is protected with manually write a picture code, I mean, we see a picture and only typing what we see the service is disabledā¦ :
Isnāt this all the more reason to have avast protected by DEP? Offcourse, any good programmer could bypass it and deactivate DEP and avast and start doing all kinds of stuff. That goes for everything.
DEP is just another tool to make it a bit more save just like avast, a firewall or a Dobermann Pincher.