i’m having trouble with avast free continually detecting avast.setup in the c:\program files\avast software\avast\setup as a hidden rootkit process. when it scans it shows the file as PID0 to PID12 and when looking at the scan results avast.setup is repeatedly shown even though it’s the same file. when i try to remove or move the avast.setup it says “access denied”
no other software (spybot, malware bytes, malware fighter) has been able to detect anything bad in that folder, so i suspect it’s a false positive. even so, i’m quite worried. can anyone help me?
Do you mean as resident? Or only on demand?
I don’t know much about Malware Fighter… Spybot is outdated for security imho, MBAM is very good, SpywareBlaster is an immunization only… But, maybe, some of all of them is conflicting with avast!.
SpywareBlaster shouldn’t be causing a problem, as no part of it is resident. I have it’s full immunizations enabled.
If you are running the current SpyBot Search & Destroy 1.6.2, you may wish to disable it’s resident protection. See http://www.safer-networking.org/en/howto/disable.html. This doesn’t remove it’s immunizations but keeps the TeaTimer from loading into memory. If you are using SpyBot S&D 2.0.7 Beta 5, it currently has no resident protection.
I’m also not familiar with Malware Fighter, but since it’s from IOBit I won’t touch it.
i recommend u to remove malware fighter…its real-time protection is next to nothing. disable spybot’s real-time, its heavy on system resources, not really effective either. keep malwarebytes as a free on-demand scanner, its a gd compliment to any antivirus programs.
I think that was confirmed in the OP first post (my emphasis):
i'm having [i]trouble with [b]avast free[/b] continually [b]detecting[/b] avast.setup[/i] in the c:\program files\avast software\avast\setup as a hidden rootkit process.
Well the avast.setup is created on the fly (from setup.ovr) if there is an update to be done, on completion of the update as far as I’m aware it is then removed (as there is no avast.setup file in that location for me either).
EDIT: - Note, when avast.setup is running its PID isn’t 0-12 (which are system PIDs) although for user name it is listed/runs under System. The last time I checked (manual update check) it was 3 thousand and something.