Need help with AVG Detection

Xanatos357

Estimable
Mar 23, 2014
2
0
4,510
So, I recently installed about 10 Windows 8.1 updates and after the restart AVG Identity Protection popped up saying a few files were behaving suspiciously.

The two files it detected were:
C:\windows\system32\spool\drivers\x64\3\old\1\printconfig.dll

and

C:\Windows\system32\regsvr32.exe

Both of these seem like important files and I was wondering if they truly are infected or if this is just a false positive?

 
Solution
I would download Malware Bytes and give it a good thorough run. Make sure you scan everything. If there's anything wrong, it'll sniff it out. IMO AVG has gone down hill over the last few years. They used to be solely FREE, and since they've added the pay version it seems like it's become less and less effective. Personally, if I was going to pay for software for security again, I'd go with Panda Security. They are always on top of their game. I used to run it on my old laptop that I carried for school, and it was phenomenal. I used to be sitting at the Starbucks, then boom boom boom, in a second it had blocked several attempts at getting into my laptop. It's saved my privacy tons of times.

gizzard1987

Honorable
Aug 7, 2013
5
0
10,520
I would download Malware Bytes and give it a good thorough run. Make sure you scan everything. If there's anything wrong, it'll sniff it out. IMO AVG has gone down hill over the last few years. They used to be solely FREE, and since they've added the pay version it seems like it's become less and less effective. Personally, if I was going to pay for software for security again, I'd go with Panda Security. They are always on top of their game. I used to run it on my old laptop that I carried for school, and it was phenomenal. I used to be sitting at the Starbucks, then boom boom boom, in a second it had blocked several attempts at getting into my laptop. It's saved my privacy tons of times.
 
Solution

zooith

Estimable
Nov 18, 2014
1
0
4,510
AVG notified me that C:\windows\system32\spool\drivers\x64\3\old\1\printconfig.dll was a virus/malware after doing the updates today also. I ran Malwarebytes and had no detections. I had AVG leave the file.




 

cripkill

Estimable
Dec 17, 2014
1
0
4,510
Yes, they are false positives. I had the same thing pop up with AVG during the update on Dec 10, 2014. Several files including the ones you mentioned were flagged and removed. After they were, W8.1 started having all kinds of issues, including loss of sound, very slow to access systems items such as Control Panel or Troubleshooting, and the computer waking to the wrong monitor (dual monitor setup).

After a few days with problems, thinking I'd be having to do a complete new install, I decided to restore the files AVG had removed. After restarting them, all is fine! Hopefully this works for others as well, but yes, AVG picked up a false positive. The files in the update from Microsoft are fine.

Here's something odd. After reinstalling the files, I ran a complete scan using AVG and it did NOT pick up any files as suspicious or infected! Completely clean scan.