asked on AVIRA: Over-Enthusiastic Hueristics?
I have no reason to suspect that this Win7 PC is infected.
I always have realtime protection and updates running with Avira & Malwarebytes
This is what I get when I scan with Avira. (Heuristics set to default - medium)
I didn't run any repairs.
C:\Windows\regedit.exe
[DETECTION] Contains suspicious code HEUR/Modified.SystemFile
[NOTE] The detection was classified as suspicious.
[WARNING] The file was ignored.
Ditto for these ......
C:\Windows\system32\ntvdm.
C:\Windows\system32\reg.ex
C:\Windows\system32\userin
C:\Windows\system32\rundll
C:\Windows\system32\regsvr
C:\Windows\system32\mshtml
C:\Windows\system32\dnsapi
C:\Windows\system32\d3d9.d
C:\Windows\system32\msvcrt
C:\Windows\system32\aclui.
C:\Windows\system32\dsound
C:\Windows\system32\imm32.
C:\Windows\system32\ctfmon
C:\Windows\system32\driver
C:\Windows\system32\kernel
C:\Windows\system32\gdi32.
C:\Windows\system32\user32
C:\Windows\system32\advapi
C:\Windows\system32\wuaucl
C:\Windows\system32\alg.ex
C:\Windows\system32\spools
C:\Windows\system32\csrss.
C:\Windows\system32\lsass.
C:\Windows\system32\servic
C:\Windows\system32\ws2_32
C:\Windows\system32\wsock3
C:\Windows\system32\winine
C:\Windows\system32\smss.e
C:\Windows\explorer.exe
C:\Windows\system32\winlog
C:\Windows\system32\svchos
Can I believe any of this ?
I always have realtime protection and updates running with Avira & Malwarebytes
This is what I get when I scan with Avira. (Heuristics set to default - medium)
I didn't run any repairs.
C:\Windows\regedit.exe
[DETECTION] Contains suspicious code HEUR/Modified.SystemFile
[NOTE] The detection was classified as suspicious.
[WARNING] The file was ignored.
Ditto for these ......
C:\Windows\system32\ntvdm.
C:\Windows\system32\reg.ex
C:\Windows\system32\userin
C:\Windows\system32\rundll
C:\Windows\system32\regsvr
C:\Windows\system32\mshtml
C:\Windows\system32\dnsapi
C:\Windows\system32\d3d9.d
C:\Windows\system32\msvcrt
C:\Windows\system32\aclui.
C:\Windows\system32\dsound
C:\Windows\system32\imm32.
C:\Windows\system32\ctfmon
C:\Windows\system32\driver
C:\Windows\system32\kernel
C:\Windows\system32\gdi32.
C:\Windows\system32\user32
C:\Windows\system32\advapi
C:\Windows\system32\wuaucl
C:\Windows\system32\alg.ex
C:\Windows\system32\spools
C:\Windows\system32\csrss.
C:\Windows\system32\lsass.
C:\Windows\system32\servic
C:\Windows\system32\ws2_32
C:\Windows\system32\wsock3
C:\Windows\system32\winine
C:\Windows\system32\smss.e
C:\Windows\explorer.exe
C:\Windows\system32\winlog
C:\Windows\system32\svchos
Can I believe any of this ?
Anti-SpywareOS SecurityVulnerabilities
Last Comment
Eirman
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I would to a signature update 1st and check some files on virustotal.
ASKER
I checked reg.exe on virustotal as suggested Tolomir .... Absolutely no infection.
I updated Avira ... same results
I updated Avira ... same results
ok, you could then try a different antivirus solution, a good free start is
Microsoft Security Essentials
I'm using bitdefender anti virus, but pick the best snakeoil, you can get ;-)
Microsoft Security Essentials
I'm using bitdefender anti virus, but pick the best snakeoil, you can get ;-)
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks to all and sundry.
Should I change my antivirus program?