The registry hives are scanned as files (strings) and not as a 'set of registry keys'.
The registry activity is scanned by the avast resident.
The resident scanning, by default, will not scan archive files. The on-demand scanning will do it if you set so. I recommend a monthly scanning of avast with archive files turned on (at least on critical areas of the computer).
I guess what I mean is, say I turn On-Access Protection off.
Then I run a program which contains a virus or trojan, and it's not detected because On-Access Protection is off.
The program modifies the registry, creates various files, etc.
Then I run a scan on the C drive.
Will Avast! catch those registry mods, etc. and see that the machine is now infected, even though it didn't catch it when the infection occurred? i.e. it will catch the effects of the infection, not just the infection happening?
If it won't, is there any way to scan for these infection *results*?
- Tim