Avast and AVG - PowerShell crashing when Anti-Rootkit Shield is enabled

mitja.kolsek -

We were alerted about PowerShell (powershell.exe) crashing immediately upon launching when 0patch is installed on the computer where either Avast Free Antivirus or AVG AntiVirus Free is also installed.

Note that this may apply to other applications besides PowerShell, although we were unable to quickly find any that would be affected.

We tracked the issue down to Avast's and AVG's Anti-Rootkit Shield, which is enabled by default. Disabling the Anti-Rootkit Shield resolves the issue. To disable Anti-Rootkit Shield, do the following:

  • Avast: open Avast -> Menu -> Settings -> Protection -> Core Shields and untick the Enable Anti-Rootkit Shield option. In the resulting dialog, select MORE OPTIONS and Until I turn it on again.
  • AVG: open AVG -> Menu -> Settings -> Basic Protection -> Detections and untick the Enable Anti-Rootkit Shield option. In the resulting dialog, select MORE OPTIONS and Until I turn it on again.

The above was reproduced with Avast Free Antivirus 24.3.6108 (build 24.3.8975.832), AVG AntiVirus Free (build 24.4.9067.439) and 0patch Agent 22.11.11.10550. There is a relevant thread on Avast forum that may hold additional information.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.