When amd64+sp2 compatible version???

[Roko]

SP2 is available some time now but when used on amd64 it results in avast to go bonkers  :'(

Any news about a sp2+amd64 compatible version of avast home?

Simply adding avast to the DEP exception list is a bit of a quick and dirty workaround i.m.h.o. Why not disable DEP all together then  

Please?  

Anybody

[bob3160]

Roko
Welcome to the Forum.
There is a work-around for that problem.
Please go HERE for the information.
Hope that helps.

[Blackwood]

SP2 is available some time now but when used on amd64 it results in avast to go bonkers  :'(

Any news about a sp2+amd64 compatible version of avast home?

Simply adding avast to the DEP exception list is a bit of a quick and dirty workaround i.m.h.o. Why not disable DEP all together then  

I suppose any workaround is going to be quick and dirty.  But I think that disabling DEP for Avast! is safer than disabling it altogether.

The fix for SP2 and AMD64 is in version 4.5 of Avast! which should be available soon (there are several threads on version 4.5 in this forum).

[Roko]

Okay, "quick and dirty" is another expression for a quick workaround that will work but does not earn a beauty contest. Ofcourse I'm not complaining about the skills of the avast programmers. I just meant that DEP is a big feature of SP2 especialy for AMD64 owners that have build-in hardware DEP support in their CPU. I do not want to shut down this great feature or exclude anything from being saveguarded by DEP.  

Hopefully the new version will be available soon, untill then I'll keep SP2 in the freezer  

Cheers and keep up the good work!  

[igor]

Well, I don't think DEP is that big feature... if you know it's there, you can probably bypass it as well (if there's a bug in the code), it's just a bit more complicated
Besides, a number of security bugs has already been found in SP2.

In any case, it's certainly better to exclude only some apps from the protection than to disable it completely. Honestly, I don't think there's a big probability of avast! being a target of an attack DEP may prevent.

Anyway, we'll try to release the update as soon as possible - but the update isn't just SP2 compatibility, but a number of other features - and we have to make sure they're OK.

[Lisandro]

I don't think there's a big probability of avast! being a target of an attack DEP may prevent.

Igor, sorry for the off topic, but can I ask you why the RejZor's application (AEC) can disable avast if ashServ.exe is protected by ProcessGuard ?
This way, ProcessGuard will be useless...  :'(

RejZoR, how can you by-pass avast password and terminate it?  

[RejZoR]

Well basically avast! calls password feature only if you wan't to disable it normal way from within menus or change its settings. It doesn't protect you from low level termination.

Regarding Process Guard...
I'm sure its working,but i don't know if you're protecting the right process and with right settings. If i really managed to bypass it then i'm a genius hehe

[bob3160]

Well basically avast! calls password feature only if you wan't to disable it normal way from within menus or change its settings. It doesn't protect you from low level termination

RejZor if it's that easy for you to bypass the protection, then what would protect us from some malicious software from turning avast! off and starting up it's malicious code without any warning to us?

[igor]

As was said multiple times: once the program is running and has enough access rights (administrator), it can do anything if written in a clever way.
So, it's important not to allow it to run at all in the first time.

[Lisandro]

Well basically avast! calls password feature only if you wan't to disable it normal way from within menus or change its settings. It doesn't protect you from low level termination.

Regarding Process Guard...
I'm sure its working,but i don't know if you're protecting the right process and with right settings. If i really managed to bypass it then i'm a genius hehe

RejZoR, right now I'm on Linux and so I can't check that... I should return to Windows. But, as I know, I configurated Process Guard to protect ashServ.exe. Am I wrong? (Oh, I'm using the free version of PG). When I try to close ashServ.exe from the Task Manager, I'm forbiden... I though I was protected from low level termination...

Maybe you're a genius and do not know yet  

[Lisandro]

It's important not to allow it to run at all in the first time.

Which program are you talking about?
The one that will terminate avast?
Well, AEC could do it but how will we know the others (like Bob asked?)
I'm worried now... I though it was not so easy to bypass the antivirus protection...  :'(
Why just avast is protected with manually write a picture code, I mean, we see a picture and only typing what we see the service is disabled...  

[Roko]

Isn't this all the more reason to have avast protected by DEP? Offcourse, any good programmer could bypass it and deactivate DEP and avast and start doing all kinds of stuff. That goes for everything.

DEP is just another tool to make it a bit more save just like avast, a firewall or a Dobermann Pincher.  

[Lisandro]

Hellooooo!  
Igor, could you say something about this? Thanks  

[igor]

What exactly should I say something about?

I must say I don't know much about what the RejZor's tool is doing. Additionally, I don't see any connection between DEP and this...

[Lisandro]

What exactly should I say something about?
Additionally, I don't see any connection between DEP and this...

Sorry Igor, my first post alert to the 'off-topic' question...

RejZor, can you test if your application kill avast (ashserv.exe) even with PG protecting this file? Thanks.