[ArtoShirt]

Hello all...

Ok so the other day my new avg 8.0 (free version) popped up and quarantined 2 files found in the sp3 file folder. Totally legit folders too, and the files were both msconfig.exe, just found in 2 locations. One was C:\windows\pchealth\helpctr\binaries\msconfig.exe and the other was C:windows\ServicesPackFiles\i386\msconfig.exe.

It's calling them I-Worm/Brontoc.KO

So I'm thinking it's the new avg 8.0 going crazy, and Microsoft with sp3 looking like a worm when it's not.

Any thoughts?

AMD 64X2 Dual
Windows Home SP3
Home built
Foxcon board

Never had a problem until I uninstalled avg 7.5, and installed avg 8.0 and two days later this happened.

I don't want to assume it's not a worm and have issues. The computer is on a lan at work with 10 other machines running Zonealarm but allowing the other 10 machines into the trusted zone. The other machines are maintained by me and have limited access (in some cases no access) to the internet, but email is there and spam and such. They all have avg 7.5 and we are all behind a Belkin router.

I do surf at work, but mainly to trusted sites unless I’m searching for things for work, so it could be something, but I have Zonealarm and a router. The machine is only 4 months old was built by a friend and has never had any p2p or anything questionable.

The files are still in quarantine and I'm wondering if I should let them out, although windows if running fine. I think msconfig.exe is for setting up your start-up files an things of that nature. Haven't used it on this machine and it won't work now with them sitting in the virus vault.

Any help would be appreciated.

Thanks

[mrss]

Yes, msconfig is a useful utility for blocking startup programs that one has installed, but really didn't want to run. The folders you mention are where those two files reside on my SP3 computer. You can also submit them to an online scan. These guys, and others, provide that service.
http://www.kaspersky.com/scanforvirus

Or just copy them onto a flash drive and scan them with one of your PC's.

Who knows, maybe they are corrupted, as msconfig is on every XP PC in the world and you wouldn't expect AVG 8.0 to trip over itself. But given what I've read about it ....