Mourning the loss of our friend, WhitPhil.
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
 
General Security
Tag Cloud
access audio black screen blue screen boot bsod connection crash dell desktop driver drivers dvd email error excel excel 2003 firefox hard drive hardware hdmi hijackthis internet keyboard laptop malware monitor network networking outlook problem recovery router safe mode screen slow sound spyware trojan upgrade vba video virus vista vundo windows windows 7 windows vista windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > General Security >
Avg?!?!

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ]

Closed Thread
 
Thread Tools
joeyDneedshelp's Avatar
Computer Specs
Senior Member with 266 posts.
 
Join Date: May 2007
Location: Pennsylvania
Experience: Intermediate
09-Dec-2007, 01:33 AM #1
Avg?!?!
okay everytime i do an AVG scan, almost right when the scan begins i get:
kernel32.dll change
user32.dll change
shell32.dll change
ntoskrnl.exe change
hosts change

are these harmful? cause why is AVG pickign this up every scan..please help
blues_harp28's Avatar
Distinguished Member with 8,354 posts.
 
Join Date: Jan 2005
Location: London England
09-Dec-2007, 05:16 AM #2
Hi unless it says Virus next to them it's normal.
Check.
http://forum.grisoft.cz/freeforum/re...?8,74008,74008
golferbob's Avatar
Distinguished Member with 3,730 posts.
 
Join Date: May 2004
Experience: Intermediate
09-Dec-2007, 06:56 AM #3
avg
i run avg and have had no problems. why don't you run a free panda on line scan just to be safe.

http://www.pandasecurity.com/homeuse...ACHEHINT=Guest
DataBase's Avatar
Computer Specs
Senior Member with 336 posts.
 
Join Date: Jan 2004
Experience: Intermediate
10-Dec-2007, 10:37 AM #4
The Kernel32.dll file is a 32-bit dynamic link library file in Windows 95,98,Me. The Kernel32.dll file handles memory management, input/output operations, and interrupts. When you start Windows, Kernel32.dll is loaded into a protected memory space so that other programs do not take over that memory space.

user32.dll is a module that contains Windows API functions related the Windows user interface (Window handling, basic UI functions, and so forth).

ntoskrnl.exe is a critical process in the boot-up cycle of your computer although should never appear in WinTasks whilst under normal circumstances. ntoskrnl.exe should not be disabled, required for essential applications to work properly.

these are NOT hardful files and SHOULD be left alone. seen as they are accessed all the time, the system will detect them as being changed, also i believe that windows update may change them.
DarqueMist's Avatar
Computer Specs
Distinguished Member with 4,719 posts.
 
Join Date: Jan 2001
Experience: just enough to know I know not enough
10-Dec-2007, 10:57 AM #5
kernel32.dll change
user32.dll change
shell32.dll change
ntoskrnl.exe change

are all files that frequently get changed when a windows update is done, all AVG is doing is reporting that they changed. There is a way to clear it but I've forgotten how as I don't bother (they usually reappear after an update anyway)

I suspect its a similar thing with the hosts file being changed, but I don't use one so can't be certain it should be lumped with the others as something you shuld just leave alone
__________________
"I have great faith in fools;
self-confidence my friends call it."
~Edgar Allan Poe~
joeyDneedshelp's Avatar
Computer Specs
Senior Member with 266 posts.
 
Join Date: May 2007
Location: Pennsylvania
Experience: Intermediate
10-Dec-2007, 11:07 PM #6
okayyy thanks guys....i will just let them go lol....and btw, im typing this on my ps3 hehe
Elvandil's Avatar
Computer Specs
Moderator with 36,829 posts.
 
Join Date: Aug 2003
Location: Vermont
11-Dec-2007, 12:26 AM #7
When system files change like that, you should wonder if they have been replaced by viruses or malware. AVG reports the changes because it does not know what the changes mean. If you right-click those files and check the properties and they are Microsoft files, then chances are that they were replaced recently by Windows Update. You only need to worry if they have changed, they aren't Microsoft any more, or you haven't done anything to update them lately.
__________________
Microsoft MVP
Windows Shell/User
forrestgump's Avatar
Junior Member with 1 posts.
 
Join Date: Jan 2008
Experience: Intermediate
09-Jan-2008, 12:04 PM #8
Wink Jan 2008 XP Security Update Changes? kernel32, user32, shell32, ntoskrnl
Microsoft's XP Security updates which I applied Jan 8, 2008 appear to have changed based on what my AVG is saying:
kernel32.dll
user32.dll
shell32.dll
ntoskrnl.exe
I'm assuming there is no hidden virus or spyware but I'd like to be certain.
I sent an email to Microsoft to compain about their updating process b/c they don't tell you what's going on during the update nor what will be changed. I searched AVG, McAfee and Norton on this specific issue with zero hits in their databases. I tried calling a Microsoft support number on their website 8667272338 which is BOGUS, to report possible security issues. If you have suggestions, they are welcome.
Finally, found the issue here in techguy.com via google. Good to know I am not alone.
~~ForrestGump "Run Forrest Run" "Run PC Run"
joeyDneedshelp's Avatar
Computer Specs
Senior Member with 266 posts.
 
Join Date: May 2007
Location: Pennsylvania
Experience: Intermediate
09-Jan-2008, 09:28 PM #9
hahaha ur not alone man but good thinking about tellin them...
reidy100's Avatar
Senior Member with 203 posts.
 
Join Date: May 2005
Location: London England
Experience: sort of intermediate not scared
10-Jan-2008, 02:01 PM #10
May I tag on here pls

AVG Says .. Partition Table (MBR) Change
C:/WINDOWS\system32\shell32.dll Change
C:/WINDOWS\system32\drivers\etc\hosts Change

From what ive read Im worried about the Partition Table change

Any ideas?? And is there any way to tell AVG to ingnore above?? or is that a bad thing to do

This seems to have appeared since my pc crashed in December
blues_harp28's Avatar
Distinguished Member with 8,354 posts.
 
Join Date: Jan 2005
Location: London England
10-Jan-2008, 02:30 PM #11
reidy100's Avatar
Senior Member with 203 posts.
 
Join Date: May 2005
Location: London England
Experience: sort of intermediate not scared
10-Jan-2008, 06:32 PM #12
Thanks Blues_Harp Thats got rid of the last two but continuously finds the first one MBR Partition change still so im still worried bout that one
blues_harp28's Avatar
Distinguished Member with 8,354 posts.
 
Join Date: Jan 2005
Location: London England
10-Jan-2008, 06:44 PM #13
Hi Quote.
http://forum.grisoft.cz/freeforum/re...?4,55031,55643
Posted by: rdsok - Moderator (IP Logged)
Date: November 24, 2005 07:13AM

"It is normal that AVG shows that files, the MBR or Boot record to have changed. These are done during normal maintainance, when you or windows updates files or have had to correct errors on the drive. The only time that you should worry is if they also show as infected. "
__________________
Superantispyware
reidy100's Avatar
Senior Member with 203 posts.
 
Join Date: May 2005
Location: London England
Experience: sort of intermediate not scared
10-Jan-2008, 06:48 PM #14
Ta Mate,
So there is no way I can get AVG to ignore that particular partition change like i did with the other two
blues_harp28's Avatar
Distinguished Member with 8,354 posts.
 
Join Date: Jan 2005
Location: London England
10-Jan-2008, 06:51 PM #15
Quote.
http://forum.grisoft.cz/freeforum/re...?4,55031,55643
"To get AVG to quit showing them as changed, open the AVG Test Center, click the F3 key on your keyboard and tell it to accept the changes. If it still shows something as changed after this.. delete the file named AVG7QT.DAT in C:\ and AVG will rebuild it the next time it is run."

Is that what you used?
__________________
Superantispyware
Closed Thread Bookmark and Share

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Smart Search

Find your solution!



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -5. The time now is 11:17 PM.
Copyright © 1996 - 2009 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2009, Jelsoft Enterprises Ltd.
Powered by Cermak Technologies, Inc.