Community

scoobs2013

AVG antivirus software detected 8 threats that it couldn't remove (Sysenter hook virus, embedded in the OS). [I presume this was the cause of certain documents becoming inaccessible.]

I did a full system restore but this didn't remove the virus.

I've also tried to follow the instructions I found on the web for removing this virus, but it's still there.

Unfortunately I didn't realise I should have created a rescue disk when I first got the laptop - how do I get one? (Or are there any other solutions to this problem?)

rich912

Hi scoobs2013,

You can purchase a set of recovery media from Sony support at a cost of approx. £50.

However before going down that root it may be worth checking whether AVG is reporting a false positive – especially if you are running AVG 2014. I suggest you read this very long thread on the AVG forum:

http://forums.avg.com/gb-en/avg-forums?sec=thread&act=show&id=233676&type=0

Also, there is guidance on how to check out a suspected false positive:

http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=395

Rich

Go n-éirí an bóthar leat

jan2011

Hi

If the laptop was mine, I would proceed in this way, before buying anything. (Sometimes there are “false positives”, but, sometimes malwares “modify” AV or wont “allow” AV to update, and so it's quite impossible erase them).

I would try another antivirus.

For example:

With NAV you have two “free” possibilities.

-Download and execute without installing Free Norton Power Eraser tool, here:

http://us.norton.com/support/DIY/?virusremoval&inid=us_hho_topnav_support_spyware_removal

(NPE.exe is only 3MB and needs internet to update. Better download on another PC and then copy and execute on yours. Be careful on what NPE wants to delete).

-Download and install a 30-days free Trial Internet Security Version. http://uk.norton.com/downloads/

Non mi aspetto nulla. Non temo nulla. Sono libero. - I hope for nothing. I fear nothing. I am free. (N.K.)

scoobs2013

Thanks Rich. I had seen some earlier reports that this could be a false positive but didn't realise it was still such a live issue. I've read the link you provided and lots of others on this topic on the avg forum, and have now posted my experience to the latest thread. Unfortunately there still doesn't seem to be a definitive answer.
I would be inclined to go with the false positive explanation except that I discovered this Sysenter hook on my laptop at the same time as I had a problem with a whole load of files (mostly MS Office) becoming inaccessible (error messages saying access denied, padlock icon next to the file). No other viruses were detected so I'm concerned there could be a real threat.

If I do a new install from recovery disk (from Sony) & use a different antivirus, am I right in thinking that this should eliminate the problem either way (whether it's real or false positive)

Many thanks
scoobs2013

scoobs2013

Thanks for your suggestion jan2011. The problem seems to be that only avg is detecting these root kits but no-one can be sure if they're a real threat or a false positive, so if I use a different anti virus I don't think I'll be any the wiser.

jan2011

You are welcome.

If you notice my first “suggestion” is not “install”!

You copy and run a file, without installing a software.

“Norton Power Eraser tool” will prompt you to restart Windows in order to control “rootkit”!!!!!

Then, after restarting, will control rest of PC and other (see options).

With this tool, and other SW (like spybot) I had resolved many malware issues…

Cheers

Jannis

Non mi aspetto nulla. Non temo nulla. Sono libero. - I hope for nothing. I fear nothing. I am free. (N.K.)

scoobs2013

Thanks Jannis - sorry, I misunderstood. That sounds worth trying - I probably won't get chance to have a go until later in the week but will let you know how I get on.

Community

Join now - be part of our community!

Vaio SVS1311C5E system recovery (Sysenter hook virus)

Vaio SVS1311C5E system recovery (Sysenter hook virus)