Using Mozilla browser, I ran an AVG scan of my computer and in 'test result' (under the virus results tab) the following appears:

listed as 'object':
c:\windows\systems32\shell32.dll
c:\windows\system32\drivers\etc\hosts

next to each object, the "result" is listed as "change"
next to "result" column, the status is listed as "changed"

i have been seeing these "objects" for awhile now in the scans (a few weeks), but did not know how to read it. i thought 'change' meant that AVG had fixed it.

on the latest scan, i was asked if i wanted to accept the (i think) registry changes. i accepted them.

where do i go from here?

thanks in advance.

Is the icon by it red or green? If you right-click on the object of concern it should give you more detailed results
Mark

When I right click these virus results, it describes the paths (listed above) and the 'result' as 'change'. There is no other detail.

While in the virus results tab view, the only icon visible is a blue "I" icon -- nothing red or green -- immediately to the left of the "object' path names.

If I am in 'results overview' tab view, then two green arrows point to "general properties" and "object summary".

The test results do not report any 'threats', but these two objects repeatedly show up in the 'virus results' tab.

Thoughts?

Something is changing your shell32.dll and your HOSTS file - do you have any tweaking programs or custom security programs that could be doing this to protect you?

I have SpyBot S&D and AVG AntiVirus installed (WinXP Pro). Recently added AVG's rootkit detector. I occasionally run other security software if it looks to be of use, although I also usually delete any files when done. My router has a good firewall. Have the latest browser versions, keep MSFT updated, etc. No 'custom' security programs that I know of. I will take a look at add/remove programs to see if I can find anything unusual. I will also check all program files to look for anything unrecognizeable. AVG's calling these viruses, but I'm not convinced. They are not showing up as 'threats' in the test results. One of those objects is related to the system restore function, which I should be able to reset to MSFT's default setting. Not sure about the 'hosts' file.

I suspect that SpyBot Search and Destroy is doing this. But, to be safe, I'd perform a free, online scan to verify that nothing has gotten past your current protection software. Try these:

http://safety.live.com (requires IE)
http://housecall.trendmicro.com

If they come up clean, then I'd suspect that the results were normal and would just keep an eye on them.

Thanks. I've run a bunch of tests (housecall among them) and am coming up clean. Here's what someone else had to say in a Yahoo forum. I think it's by some updates or install/uninstalls (which I do a fair amount of). I'm not going to worry about it. But will keep an eye on program files, etc.

Hi Northman
Dont fret thats normal... its detected a chnage since it last did a check, but if you installed or removed anything or updated anything then of course it will change, there normally 2 or 3 it finds, but this is basically to warn you thats these files have changed.
As the person aboves says it good and its free, but if you want the best, then its kapersky AV or NOD32 or similar, but these will cost around 25-35 each for one year. If you not happy with AVG (i use it myself) then try Avast its also free, just google avast, but its not as simple to use (in my opinion).
Hope this helps.... Good Luck

a long -shot but....have you ever knowingly been to

http://www.mvps.org/winhelp2002/hosts.htm
and downloaded the Hosts file to your computer ?

I think you you might be right about this, usasma. Wendy K. Walker made mention of the same thing in this recent thread:

http://www.bleepingcomputer.com/forums/topic126343.html

HI I would like to asked if this type of program is applicable in any times of OS?. I am running AVG as well and might as well try it out too to see if my system is clean .