Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Para-Noid on March 19, 2011, 08:03:24 PM

Title: [Resolved] Rootkit setting?
Post by: Para-Noid on March 19, 2011, 08:03:24 PM: I have learned, from experience, that setting the rootkit to full causes a "threat detected" when there is no threat.
I have ran a boot scan, and found nothing. I am wondering why there is even a "rootkit full scan" setting at all? Is there a need for a "full" scan for rootkits? If nothing else I am curious. This has nothing to do with a recent scan! :-\
Title: Re: Rootkit setting?
Post by: Lisandro on March 19, 2011, 08:05:25 PM: Well, if you want to scan for hidden malware (a.k.a. rootkits), you can run a specialized scanning called "rootkit full scan". Why not?
Title: Re: Rootkit setting?
Post by: Para-Noid on March 19, 2011, 08:40:48 PM: If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"? ???
Title: Re: Rootkit setting?
Post by: Gargamel360 on March 19, 2011, 08:44:59 PM: Quote from: Para-Noid on March 19, 2011, 08:40:48 PM
If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"? ???

Maybe because...
Quote from: Para-Noid on March 19, 2011, 08:03:24 PM
I have learned, from experience, that setting the rootkit to full causes a "threat detected" when there is no threat.
and the default settings are for average users, who do not want to be chasing around FP's.
Title: Re: Rootkit setting?
Post by: Lisandro on March 19, 2011, 08:46:42 PM: Quote from: Para-Noid on March 19, 2011, 08:40:48 PM
If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"? ???
Because quick is quick, full is full, everything.
Title: Re: Rootkit setting?
Post by: Para-Noid on March 20, 2011, 09:26:23 PM: Quote from: Gargamel360 on March 19, 2011, 08:44:59 PM
Quote from: Para-Noid on March 19, 2011, 08:40:48 PM
If finding "hidden" rootkits is important why is the default setting at "quick" and not "full"? ???

Maybe because...
Quote from: Para-Noid on March 19, 2011, 08:03:24 PM
I have learned, from experience, that setting the rootkit to full causes a "threat detected" when there is no threat.
and the default settings are for average users, who do not want to be chasing around FP's.
I think you are right...concerning false positives. A full scan for rootkits could find a lot of FP's.
Title: Re: [Resolved] Rootkit setting?
Post by: nweissma on October 08, 2011, 07:11:00 AM: i don't see how to configure a boot-scan for rootkits (avast pro 6.0.1289).

but i see from these posts that a boot scan may not be the best strategy for detecting a rootkit -- so what is the most efficient strategy -- where will i most likely find rootkits -- there's no point wading through entire gigabytes of paths where rootkits are never to be found -- barking up the wrong tree.