Author Topic: Does the Avast free version protect against rootkits?  (Read 32081 times)

0 Members and 1 Guest are viewing this topic.

Offline jwall

  • Full Member
  • ***
  • Posts: 185
Re: Does the Avast free version protect against rootkits?
« Reply #45 on: December 26, 2007, 02:11:07 PM »




Hmmm I think this will be for paid (professional) version only (at least I don't know a free antivirus program with anti-root-kit detection/removal) ;)
[/quote]

AntiVir Classic free version has an antiroot kit included with its anti virus program.
Just thought you all would like to know. :)
XP Home SP3, IBM Thinkpad P4, Avast 7 free, ccleaner, jv16 powertools, Malwarebytes free, Two Windows 7 premium 64 bit machines.

Offline BJ_GeOrgE

  • Avast Evangelist
  • Sr. Member
  • ***
  • Posts: 350
  • prevention is better than cure
Re: Does the Avast free version protect against rootkits?
« Reply #46 on: December 26, 2007, 11:59:41 PM »
As already suggested in my previous post, we're coming up with an antirootkit tool shortly. The same technology will then be integrated into the main avast product, but I can't tell when exactly will this take place (for now).

The antirootkit technology we have is quite unique, and you can expect a high-end product (with detection rates & cleaning capatibilities substantially better than the vast majority of the existing AR tools).

Stay tuned.

Thanks,
Vlk

Hmmm I think this will be for paid (professional) version only (at least I don't know a free antivirus program with anti-root-kit detection/removal) ;)

actually,antivir personal edition classic states that protects against rootkits http://www.free-av.com/ but i'm not sure how effective it is..


p.s sry for the repeating but i didnt see the previous reply..really sorry
« Last Edit: December 27, 2007, 12:04:26 AM by BJ_GeOrgE »
OS:Windows 7 Professional 64-bit SP1
Antivirus: Avast Free v8.0.1497/Firewall: Windows Firewall/On Demand: Malwarebytes Free Edition/Other tools: CCleaner

Offline NAMOR

  • Jr. Member
  • **
  • Posts: 72
  • NAMOR
    • sLoWkIdSpLaYiNg.CoM
Re: Does the Avast free version protect against rootkits?
« Reply #47 on: December 27, 2007, 06:39:47 AM »
Windows 7 64bit + LUA + Full DEP + Avast Internet Security.

Offline cnon

  • Jr. Member
  • **
  • Posts: 23
Re: Does the Avast free version protect against rootkits?
« Reply #48 on: December 27, 2007, 07:34:57 AM »
I'm new here on the boards but have been using Avast(free version) for almost 4 years. I agree that Avast should have the ability to scan for rootkits. Picking them up before they're installed is even better, Vlk mentioned that Avast does this. But being able to pick them up during a scan after the fact wouldn't hurt either. I do use AVG Anti Rootkit now and scan once in a blue moon. I'm not too concerned because I don't do stupid shit. But I think in general a rootkit scanner built into Avast would be a benefit.

I use Kaspersky, but my friend is using Avast free and I agree with the above 10000000000%!

cnon

Offline cnon

  • Jr. Member
  • **
  • Posts: 23
Re: Does the Avast free version protect against rootkits?
« Reply #49 on: December 27, 2007, 07:38:03 AM »
Try this blog post for more info on anti-rootkits:
http://radajo.blogspot.com/2007/11/anti-rootkit-windows-tools-searching.html

I posted a request for proper rootkit detection on the wishlist thread a long time ago. It should be possible to have heuristics designed to detect rootkit like behaviour. Hopefully, this will be part of Avast 5 - whenever that may come out!!!!

Many of the tools mentioned in this thread so far are tools for searching out rootkits after the fact! The vast majority of users wouldn't have a clue how to use them or what to do if they done a scan that found something. They need to have a product that stops the rootkits getting a foothold in the first place.

I agree 3000000000%

cnon

Offline jwall

  • Full Member
  • ***
  • Posts: 185
Re: Does the Avast free version protect against rootkits?
« Reply #50 on: December 27, 2007, 02:19:42 PM »
I'm new here on the boards but have been using Avast(free version) for almost 4 years. I agree that Avast should have the ability to scan for rootkits. Picking them up before they're installed is even better, Vlk mentioned that Avast does this. But being able to pick them up during a scan after the fact wouldn't hurt either. I do use AVG Anti Rootkit now and scan once in a blue moon. I'm not too concerned because I don't do stupid shit. But I think in general a rootkit scanner built into Avast would be a benefit.

I use Kaspersky, but my friend is using Avast free and I agree with the above 10000000000%!

cnon

+1 on that.  Panda free anti rootkit is another option.
XP Home SP3, IBM Thinkpad P4, Avast 7 free, ccleaner, jv16 powertools, Malwarebytes free, Two Windows 7 premium 64 bit machines.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67255
Re: Does the Avast free version protect against rootkits?
« Reply #51 on: December 27, 2007, 03:14:58 PM »
Panda free anti rootkit is another option.
Only for XP. Not Vista :'(
The best things in life are free.

Offline Gort

  • Jr. Member
  • **
  • Posts: 39
Re: Does the Avast free version protect against rootkits?
« Reply #52 on: December 31, 2007, 04:53:40 PM »
As already suggested in my previous post, we're coming up with an antirootkit tool shortly. The same technology will then be integrated into the main avast product, but I can't tell when exactly will this take place (for now).

The antirootkit technology we have is quite unique, and you can expect a high-end product (with detection rates & cleaning capatibilities substantially better than the vast majority of the existing AR tools).

Stay tuned.

Thanks,
Vlk

Will this tool work on win9X machines?

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9359
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Does the Avast free version protect against rootkits?
« Reply #53 on: December 31, 2007, 05:20:51 PM »
I doubt it. Rootkits only work on NT systems anyway...
Visit my webpage Angry Sheep Blog

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11786
    • AVAST Software
Re: Does the Avast free version protect against rootkits?
« Reply #54 on: December 31, 2007, 07:48:47 PM »
Well, you could write a rootkit specifically for Win9x (which wouldn't work on NT, of course) - but it's not very likely to happen these days.

So yes, this tool will be designed for Win2000 and higher (and I'm not sure if it'll support Win64 right from the start... but if not, it certainly will later).

Offline gordon451

  • Full Member
  • ***
  • Posts: 165
  • It MUST be beer\\\\food'o'clock SOMEwhere!
Re: Does the Avast free version protect against rootkits?
« Reply #55 on: January 02, 2008, 01:22:54 AM »
G'day all, hope your Christmas was happy, and have a Merry New Year -- all of it!

Actually, rootkits work on any non-DOS system.  And -- alas! -- it not only could happen, it does happen.

Quote
While Hacker Defender does not subvert Windows 95, 98 or Millenium, hf offers plenty of insight into those products:

"Since we know the NT architecture, we don’t want to waste time with something like 9x/ME. These systems are useless. There is no reason to use them any more.

"But rootkits for these systems exist. They are downloadable on the net. We are just not interested in these systems because there is no reason."
From trimMail's Email Battles http://www.emailbattles.com/2005/12/14/security_aacddidjci_dh/

Having said all that, while W9x is indeed totally compromised (by design?), it does offer a level of detection not available on NT-base systems with NTFS: and we can do that by simply comparing snapshots from the WinAPI environment against the DOS snapshots.  It's primitive, slow, manual, (put adjectives here), but it works.

Of course, there is another defence...  Your brain.  While rootkits can magically climb up your modem/router in addition to being delivered by spam express delivery, you can disable both of these:  Have you shut down the MS IIS server in your W2K/XP Pro system?  (Dunno if Vista installs/runs it by default)  And you have wisely stopped your Outlook from opening attachments as well as telling it to ignore all HTML and scripting in your email, as well as to send all email as text only?

Gordon.
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon 76RC, Pale Moon 26.2, Opera 12.17x64, IE11, Clyton email 14.0, Foxit Reader 7.0.6.1126, PaintShop Pro 6.02, Avast! 12.3.2280, SuRun 1.2.1.2, VoodooShield 3.50