Folder AVG Forums » Other topics » Virus Removal, Tools for Removing » Brand New Windows 7 Sysenter Hook -> Reports
September 24, 2013 14:16 Re: Brand New Windows 7 Sysenter Hook -> Reports #234116
Reply with Quote | Quick Reply | Top
fortunefay

Avatar

Novice
Join Date: 22.9.2013
Posts: 8
sysenter hook SOLVED? or infected?..

I too ended up after updating with 16 rootkit threats for this AVG would not remove. I searched forums this is the first i found others having this problem, I looked under list of false positive rootkits it wasn't there.
I used malwarebytes anti rootkit scan and these showed up on this scan. Does this mean they are actual threats or false positives? I think of no logical way I could have got these except along with the new AVG download. Why isnt AVG giving us any information on this? I can't use my PC as long as a rootkit might compromise its security and I'm on another PC to write this, so i need to know asap. :undecided:

Edit.. Please refrain from carrying out multiple postings on the same subject. You won't obtain an answer to your query any faster.
How To Ask For Help In AVG Forum
September 24, 2013 20:36 Disapproved post #234142
fortunefay

Avatar

Novice
Join Date: 22.9.2013
Posts: 8
The post has been evaluated as inappropriate and therefore it was disapproved.
September 25, 2013 15:59 Re: Brand New Windows 7 Sysenter Hook -> Reports #234176
Reply with Quote | Quick Reply | Top
WCT123

Avatar

Novice
Join Date: 16.9.2013
Posts: 6
SYSENTER hook - "virus"..

SYSENTER-HOOK virus was DELETED!! Despite the widespread AVG2013 problem and no firm instruction coming from AVG about whether the virus was real or what to do about it (yes, I did go to that “false positive” website but heavens knows where to find those offending files since they were never “quarantined” as all of the action buttons in AVG2013 were disabled), I performed a scan today which cleaned out EVERYTHING, including the troublesome Sysenter Hook. I ran again twice for good measure and again came out still clean. From before I had selected the option “alternate removal mechanism” and the only thing I remember doing differently this time was to un-check that “quick scan” box at the start, although the fact that the viruses were being picked up before means that probably that had no effect. Anyway, I now no longer have those 16 Sysenter Hook files. To this Forum, I say THANKS for the moral support. If AVG actually did something here, then I hasten to say THANKS to it as well!

September 25, 2013 17:37 Re: Brand New Windows 7 Sysenter Hook -> Reports #234178
Reply with Quote | Quick Reply | Top
WCT123

Avatar

Novice
Join Date: 16.9.2013
Posts: 6
SYSENTER hook - "virus"..

ERROR!! I really am sorry about my last posting. I had gotten “Spy Hunter” because of its supposed ability to clean “Sysenter Hook” and that is the program I ran and reran confusedly thinking I was running AVG. I just now ran my AVG2014 (I did it twice to be sure) and still have those SAME 16 “hooks.” AVG, PLEASE do something!!!
September 27, 2013 11:17 Re: Brand New Windows 7 Sysenter Hook -> Reports #234258
Reply with Quote | Quick Reply | Top
_malchys_

Avatar

Administrator
Join Date: 2.5.2012
Posts: 1875
Hi guys,

I'd like to let you know that we've released new update the AVG 2014.0.4142 which contains a lot of changes in what's reported by Anti-Rootkit scan. I'd recommend you to update your AVG and share the results. Is it any better after the update?

Thanks



AVG Team
How-To articles | FAQ | Free Support
September 27, 2013 18:33 Re: Brand New Windows 7 Sysenter Hook -> Reports #234287
Reply with Quote | Quick Reply | Top
buckybear

Avatar

Novice
Join Date: 27.9.2013
Posts: 2
unresolved for me..

Hi. Just sneaking in here because I've been following this thread actively. I've been having the same issues since upgrading to 2014, running on an ASUS laptop with Windows 7.

My scans (including anti-rootkit) all prior to the switch to 2014 came out clean and I have not had any issues with my laptop.

I have the most recent AVG update (4142) and the 16 sysenter hooks are still being detected on my system. I have run Windows Defender, malware bytes and TDSSKiller and all came up clean. Have not installed anything outside of the AVG update and, as I said, no other scan has found malicious software.
September 28, 2013 01:01 Re: Brand New Windows 7 Sysenter Hook -> Reports #234299
Reply with Quote | Quick Reply | Top
WCT123

Avatar

Novice
Join Date: 16.9.2013
Posts: 6
SYSENTER hook - "virus"..

I now have that "new" version AVG 2014.0.4142 but the 16 Sysenter-Hook's are still there and the "action buttons" continue to be grayed out.
September 28, 2013 20:24 Re: Brand New Windows 7 Sysenter Hook -> Reports #234336
Reply with Quote | Quick Reply | Top
Andy8768

Avatar

Novice
Join Date: 28.9.2013
Posts: 1
SYSENTER hook - "virus"..

I too have an Asus and the updated version of AVG (2014.0.4142) is still picking up 16 SYSENTER hook issues.

Searching around it seems a lot of people with ASUS computers are having this issue (and almost always it's picking up 16) when there was no issue with AVG2013.

I'm wondering if it's picking up the O/S hooks for the "Instant On" functionality.
September 29, 2013 16:40 Re: Brand New Windows 7 Sysenter Hook -> Reports #234354
Reply with Quote | Quick Reply | Top
gadgetrants

Avatar

Novice
Join Date: 29.9.2013
Posts: 11
Andy8768 wrote
SYSENTER hook - "virus"..

I too have an Asus and the updated version of AVG (2014.0.4142) is still picking up 16 SYSENTER hook issues.

Searching around it seems a lot of people with ASUS computers are having this issue (and almost always it's picking up 16) when there was no issue with AVG2013.

I'm wondering if it's picking up the O/S hooks for the "Instant On" functionality.

Samsung laptop, same issues: 16 SYSENTER detections, referencing two addresses in memory. No option to treat/remove. Y'all know the story.

I *am* scratching my head, though, why the thread title has been updated to [SOLVED] -- I check this thread daily and the only step forward I've seen is the assertion (hope/belief/assumption) by several users that these are false positives. No response from anyone in an official capacity, other than the update to .4142 -- which, like others have reported, has had no effect on the detection report.

FWIW, I've updated 4 machines (Samsung, HP, and Asus) to 2014, and only one of two Samsung laptops has the issue. (The Asus *does not* have instant-on though.) So AVG has now upgraded the issue to noting "a few" users are reporting SYSENTER hook issues -- I wonder if the number is in fact larger than it seems.

Before I wrap this up, two important notes. First, a HUGE THANKS to Big Al for his help on the forum (he gets "hero" status for that) and second, of course, a wholehearted acknowledgement that AVG Free is otherwise a superb application and only paying customers really have the right to complain. Nevertheless, antivirus is a crucial bit of software, and were I to put out my own freeware program, I wouldn't do so unless I could make every effort to honor and address the concerns of the users.

-Matt
September 29, 2013 18:09 Re: Brand New Windows 7 Sysenter Hook -> Reports #234358
Reply with Quote | Quick Reply | Top
Marviel

Avatar

Novice
Join Date: 12.11.2012
Posts: 3
Add me to the troubled. Running a fairly new sony VAIO laptop, with Windows 7 home pro 64. AVG 2014.0.4142, w/ latest database, etc.
Am getting 8 SYSENTER hook 'rootkit' issues.
Never got these rootkit hits with AVG 2013.
Thanks for any help. -- Marvie