Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avg Free Edition Anti-virus Scan


  • Please log in to reply
9 replies to this topic

#1 Anonix

Anonix

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 22 January 2008 - 03:52 PM

Using Mozilla browser, I ran an AVG scan of my computer and in 'test result' (under the virus results tab) the following appears:

listed as 'object':
c:\windows\systems32\shell32.dll
c:\windows\system32\drivers\etc\hosts

next to each object, the "result" is listed as "change"
next to "result" column, the status is listed as "changed"

i have been seeing these "objects" for awhile now in the scans (a few weeks), but did not know how to read it. i thought 'change' meant that AVG had fixed it.

on the latest scan, i was asked if i wanted to accept the (i think) registry changes. i accepted them.

where do i go from here?

thanks in advance.

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:10:07 AM

Posted 22 January 2008 - 04:10 PM

Is the icon by it red or green? If you right-click on the object of concern it should give you more detailed results
Mark

Edited by garmanma, 22 January 2008 - 04:11 PM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 Anonix

Anonix
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 22 January 2008 - 04:22 PM

Is the icon by it red or green? If you right-click on the object of concern it should give you more detailed results
Mark


When I right click these virus results, it describes the paths (listed above) and the 'result' as 'change'. There is no other detail.

While in the virus results tab view, the only icon visible is a blue "I" icon -- nothing red or green -- immediately to the left of the "object' path names.

If I am in 'results overview' tab view, then two green arrows point to "general properties" and "object summary".

The test results do not report any 'threats', but these two objects repeatedly show up in the 'virus results' tab.

Thoughts?

#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:10:07 AM

Posted 22 January 2008 - 04:31 PM

Something is changing your shell32.dll and your HOSTS file - do you have any tweaking programs or custom security programs that could be doing this to protect you?
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 Anonix

Anonix
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 22 January 2008 - 04:51 PM

Something is changing your shell32.dll and your HOSTS file - do you have any tweaking programs or custom security programs that could be doing this to protect you?


I have SpyBot S&D and AVG AntiVirus installed (WinXP Pro). Recently added AVG's rootkit detector. I occasionally run other security software if it looks to be of use, although I also usually delete any files when done. My router has a good firewall. Have the latest browser versions, keep MSFT updated, etc. No 'custom' security programs that I know of. I will take a look at add/remove programs to see if I can find anything unusual. I will also check all program files to look for anything unrecognizeable. AVG's calling these viruses, but I'm not convinced. They are not showing up as 'threats' in the test results. One of those objects is related to the system restore function, which I should be able to reset to MSFT's default setting. Not sure about the 'hosts' file.

#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:10:07 AM

Posted 22 January 2008 - 04:58 PM

I suspect that SpyBot Search and Destroy is doing this. But, to be safe, I'd perform a free, online scan to verify that nothing has gotten past your current protection software. Try these:

http://safety.live.com (requires IE)
http://housecall.trendmicro.com

If they come up clean, then I'd suspect that the results were normal and would just keep an eye on them.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 Anonix

Anonix
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Local time:06:07 AM

Posted 22 January 2008 - 05:14 PM

I suspect that SpyBot Search and Destroy is doing this. But, to be safe, I'd perform a free, online scan to verify that nothing has gotten past your current protection software. Try these:

http://safety.live.com (requires IE)
http://housecall.trendmicro.com

If they come up clean, then I'd suspect that the results were normal and would just keep an eye on them.


Thanks. I've run a bunch of tests (housecall among them) and am coming up clean. Here's what someone else had to say in a Yahoo forum. I think it's by some updates or install/uninstalls (which I do a fair amount of). I'm not going to worry about it. But will keep an eye on program files, etc.

Hi Northman
Dont fret thats normal... its detected a chnage since it last did a check, but if you installed or removed anything or updated anything then of course it will change, there normally 2 or 3 it finds, but this is basically to warn you thats these files have changed.
As the person aboves says it good and its free, but if you want the best, then its kapersky AV or NOD32 or similar, but these will cost around 25-35 each for one year. If you not happy with AVG (i use it myself) then try Avast its also free, just google avast, but its not as simple to use (in my opinion).
Hope this helps.... Good Luck

#8 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 22 January 2008 - 05:16 PM

a long -shot but....have you ever knowingly been to

http://www.mvps.org/winhelp2002/hosts.htm
and downloaded the Hosts file to your computer ?

#9 Dialer

Dialer

  • Members
  • 642 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Great State of Disarray
  • Local time:07:07 AM

Posted 22 January 2008 - 07:04 PM

I suspect that SpyBot Search and Destroy is doing this.

I think you you might be right about this, usasma. Wendy K. Walker made mention of the same thing in this recent thread:

http://www.bleepingcomputer.com/forums/t/126343/spybot-s-d/

#10 Softix

Softix

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:07 AM

Posted 23 January 2008 - 12:14 AM

I suspect that SpyBot Search and Destroy is doing this. But, to be safe, I'd perform a free, online scan to verify that nothing has gotten past your current protection software. Try these:

http://safety.live.com (requires IE)
http://housecall.trendmicro.com

If they come up clean, then I'd suspect that the results were normal and would just keep an eye on them.



HI I would like to asked if this type of program is applicable in any times of OS?. I am running AVG as well and might as well try it out too to see if my system is clean .




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users