AVG Scan-Unusual findings?

  AngeTheHippy 09:22 21 Mar 07
Locked

Morning Chaps,
Last week dueing the daily AVG scan, the following was flagged:

trojanhorseBeckDoor.Generic5.ICJ .

It wasn't in the Virus Vault when the scan finished, so, panic-person that I am, did scans throughout the day - AVG, AVG AntiSpyware,AdAware,Spybot etc. Turning off SysRestore, and also in Safe mode. Absolutely nothing was found.
Today, I've noticed that this entry is again in the security status window as scan is scanning:

FILE:
ntoskrnl.exe

RESULT/INFECTION:
Change

PATH:
C:\WINDOWS\system32\ntoskrnl.exe .

At the end of the scan, nothing is in the virus vault, and message, 'no threats detected' displayed.

When I go into Test Centre/Test Results, I view Shell Extension Test, and in the virus tab is:
C:\WINDOWS\system32\ntoskrnl.exe.

I don't understand what's happening here. Is there a virus on my PC or not? I don't know what to do next. Any ideas please?

Thanks a lot,

AngeTheHippy
xx

  Technotiger 09:30 21 Mar 07

Hi, have a look through this lot, see which, if any, appear closest to your system ... if everything else is working ok, it may just be a corrupt driver file, if so you should find the answer here -


click here

  brundle 09:30 21 Mar 07
  Technotiger 09:36 21 Mar 07

Just did a check on my own system, nothing to worry about - it is normal, as brundle's link infers. I had forgotten previously, but I have had the same entry on my AVG scans on several occasions.

  Batch 09:50 21 Mar 07

The particular issue with ntoskrnl.exe showing as changed is probaby due to the latest Windows Update (issued earlier this month). See click here for details.

AVG detects changes in certain system files and has flagged this in this case.

It will keep showing unless you force a change to be accepted. This can either be done by loading the AVG test center and hitting F3 (to run the system areas test) and then clicking on Confirm Changes when the warning is given for ntoskrnl.exe

OR

by deleting AVG7QT.DAT from your system drive's root (e.g. C:\AVG7QT.DAT). This file is used to store file signatures for comparison from one run to the next and it is from this that it can detect that a file has been changed.

  Batch 09:52 21 Mar 07

I should have added that if you delete AVG7QT.DAT, AVG will recreate it on the next run (with the then current info.).

  AngeTheHippy 10:26 21 Mar 07

Thanks so much for your reassurance. I noticed too that on the Grisoft forum it stated that it appeared following a windows update and OK, but wanted to double check with PCA forum users as you've got me out of the s*** before now, quite a few times in fact!! I TRUST you guys!!

Have you noticed though, on Grisoft Forum, a moderator named rdsok is a bit of a misery - his 'IF you'd bothered to search.. IF you'de bothered to check' etc etc... Ooooooooohhhhhhhhhhh!!!!!!

AngeTheHippy
xxxxxxxx

  Batch 10:34 21 Mar 07

I think what rdsok doesn't appreciate is that you often do a search and end up with masses of hits, many of which don't answer ones issue.

  birdface 11:07 21 Mar 07

Hi, If AVG Anti-Virus found the Trojan it will not delete it.You have to run AVG Anti-Spyware to get rid of Trojans.

  birdface 11:29 21 Mar 07

Oops. You already tried that ,Sorry.

  birdface 11:34 21 Mar 07

Hi,To stop From showing those problems everytime you do a scan.Open AVG Test center,Click f3, And accept the changes,

This thread is now locked and can not be replied to.

Nintendo Switch review: Hands-on with the intuitive modular console and its disappointing games…

1995-2015: How technology has changed the world in 20 years

Prehistoric Britain is laid out in these Royal Mail stamp illustrations

Best running headphones | Best sport & fitness headphones: 4 brilliant pairs of wireless…