CFP preventing AVG Anti-Rootkit from running


When I first tried to run AVG Anti-Rootkit after installing CFP, the firewall asked for a confirmation. I authorized the program and chose “Isolated application” in the pop-up window. Since then, AVG can’t run - when I launch the application, the sandclock appears and then dissapears and nothing else happens. Is it possible to reset the profil in CFP and start the authorization process again for the AVG application?

By the way, how can I insert a screen capture? When I try, nothing happens.



you can goto Firewall/Advanced/Network Security Policy and find where the AVG rootkit program is listed and remove it. but I think you meant to say Defense+ asked for a confirmation so instead look in Defense+/Advanced/Computer Security Policy and scroll till you find the program called avgarkt.exe and click edit for it and select Use a Predefined Policy would be best to choose Install/Updater for it

to upload a screencapture to here, click on Additonal Options and then you’ll find where it says Attach make sure you’ve converted or saved the screenshot as a jpg or jpeg image or one of the other types that is allowed on here then you can attach it to your post

Rule of thumb: Always authorise your security applications to trust/exclude each other. For 2 main reasons… [1] If you don’t feel that you can “trust” them, then you really shouldn’t been running them anyway. [2] You don’t want security applications chasing each other’s tails, it’s a waste of resources & can lead to conflicts (especially if one of them finds something… this can lead to much toy throwing & tears).

Thanks for your help. I was finally able to make it run, but I must say it was a rather laborious process… It looks like this AVG application temporarily changes its name in memory each time it’s executed.

All the best for the New Year!


Ok, but how do you do that in CFP?

A happy New Year to you!


yeah, eachtime you run avg roolkit it creates a few temporary files, i think in C:\windows\system or system32 folder and in C:\my documents\user settings folder and it temporary hooks itself onto a few things for exmaple rundll32.dll file i think i got the name correct and if you have nview then nview dll which is part of nvidia’s display monitor tool, so you get quite a number of Defense+ pop up alerts, detailing all the changes avg roolkit wants to do and if you want to allow or it block it. one should Allow the changes, its all temporary changes and the files it creates are temp files, after you are done running the scan and goto my pending files in the firewall you can click purge to clean out the entries for temp files that avg roolkit created but removed once it was done scanning and you closed it.

just do what i do, eachtime :wink: i load avg roolkit i just click on each allow box without remember me ticked, then the main window of the app loads and while running I get no more additional alerts, when you close it you get 1 more alert i think thats to allow avg roolkit to undo all the temporary changes like the creation of temp files it removes before it closes

Have a good New Year too Nitreb :■■■■



Hi Nitreb, sorry for the delay (a bit distracted playing with toys :slight_smile: ) & happy New Year to you all.

Ron is right… with AVGs ARK it starts a random process name every time you run it (quite a few ARKs do this… probably to avoid being killed by what they are hunting) and you will need to authorise each attempt in CFP. Just tell CFP it is “Trusted”, but do not tick remember. For other security applications (that have permanent process names) just tell CFP they are “Trusted” & tick remember. In you Anti-Virus application you can usually tell them to “Exclude” certain process/directories from being scanned/monitored, this should be done for CFP and your other security apps (ie. AVGs ARK, etc…). I hope that helps.