AVG - false poisitve?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
AVG has just found    shell32.dll  changed
c:\windows\system32\shell32.dll

Is this a false positive?  Could something have "changed"
this without making it a virus?  I did just do all the
Windows Updates.

TIA

Louise

Re: AVG - false poisitve?


| AVG has just found    shell32.dll  changed
| c:\windows\system32\shell32.dll
|
| Is this a false positive?  Could something have "changed"
| this without making it a virus?  I did just do all the
| Windows Updates.
|
| TIA
|
| Louise

No it is NOT a False Positive as it was not declared to be infected.  AVG
indicated it
change, not infected so it can't be a False Positive.

Since it was recently MS Patch Tuesday, it was most likely a case of the DLL
being changed
when you installed the latest MS HotFixes.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: AVG - false poisitve?

@mid.individual.net:

Quoted text here. Click to load it

I have had the same report problem with AVG free...interesing to note over
on the AVG free Forum when this question arose they were giving
instructions on how to set AVG to not indicate a changed file, which seems
to me to be pretty stupid advice. After all any file that has been changed
does not always mean it was just updated by legal software.
My shell32.dll has a date on it of 12/18/2006, it only started to show up
as "changed" on the Feb 14/2007 AVG scan report. as David says  MS made
it's usual WinXP update on the second Tues of the month which was Feb
13/2007, so maybe MS did update shell32.dll on Feb 13/2007 which the AVG
free report showed the next day. But the question in my mind is why would
MS update now to a file with a two month old date such as 12/18/2006, if it
needed updating why would MS mot have done it before?
Another mystery of computer life I guess.(G)

ICU


Site Timeline