Hi, I'm not sure where to post this or who to go to so I chose you AVG Forums...I switched my free 2013 version to the 2014 and after running a scan AVG (specifically the rootkit scan) has found 8 threats that I cannot seem to find on google.
This is what I'm seeing:
"";"SYSENTER hook -> 0xFFFFF8000387EC40, <unknown>";"Infected"
I am running on an Asus K55A, Windows 7
The AVG product version code is 2014.0.4116, virus database version 3599/6639..
I'm running an intel core i5..
I really don't know what I'm doing at this point because I cannot get the threats to go away...and on a side note, I just got done doing a system factory restore. Please, I really need some help...I've added the overview...I don't know if that helps at all. Thank you.
Try using the Windows 7 software called "Windows Defender" to do your scan. AVG 2014 turned off the "Windows Defender" when I installed AVG 2014 Free Antivirus. I would be more likely to believe what "Windows Defender" returns in its scan of your computer, than the AVG scan software. The AVG scan might be returning a false result. :smile:
Eerie... I'm running an Asus N56V, just did a restore to factory settings, installed AVG 2014 free edition, did an initial whole system scan and it returned 16 of the same sysenter hook infections as detailed above. What...?
Please use AVG Rescue CD and restore your MBR as described here (refer to Offline mode using AVG Rescue CD). Then, scan the system using AVG Rescue CD and remove detected threats.
Should the infection be still present after restart, please provide us with new GMER anti-rootkit scan result and new AVG full computer scan result export. Also, please provide us with a screenshot of your partition table listing as follows:
1. Run the AVG Rescue CD.
2. Switch to the linux terminal by the left ALT + F2 key combination.
3. Login as the root user.
4. Execute the fdisk -l command.
5. Take a picture of your screen and attach it to your reply.
6. Use the left ALT + F1 key combination to switch back to the AVG Rescue CD menu.
I Just received a new i5 computer from HP. I filled in the proper information on it and registered. I then uninstalled the bundled Norton Internet Security and installed a trial of AVG Internet Security 2014 in anticipation of purchasing several licenses for five people and about twelve computers. As soon as the AVG was installed I ran the initial scan and got eight hits. All of them were SYSENTER hook related. I then Did a total system recovery and followed the same procedure as before. Again I got the same eight SYSENTER hook hits. I am convinced these are false positives. I find it difficult to believe that the exact same virus would infect this brand new computer twice in exactly the same way on two different clean installs. Please don't tell me that I should go ahead and delete these files. I think they are part of Hewlett-Packards additions to the Windows 7 Home Premium 64 bit operating system. I have not yet checked with HP since it is late Friday but I will do so on Monday. AVG has more false positives than any Antivirus software I ever have used. Please come up with a different solution than deleting these files. I looked but could not find where the files reside on the hard drive. If you know please tell me so I can create an exception or else I will not be able to complete my intended purchase of about twelve licenses of AVG Internet Security 2014. Neither Windows Defender or Microsoft Security Essentials has a problem with these files. One other thing I am hardly a novice so please don't try patting me on my pointed head.