Windows 10: Rootkit Virus? Inline Hook Ntoskrnl.exe AVG

Now after another reboot, I've got 20 odd again! I mean, what the ****?!!

 

Doing a Google search it looks like a lot of people are encountering this problem with AVG. You may wish to peruse these posts in the AVG forums.

AVG ntoskrnl.exe hook

By fresh install do you mean a refresh? If that's the case, there could still be problems.

Did you run any of the other scanners and what were the results they showed? It might be a good idea to post this in the AVG forums to confirm if it is a false positive or not. Look through the various posts on the AVG forum before posting & see if this is a known issue. If not, you may wish to consider a clean install.

 

Hi Borg...

Yeah. I've Googled too about it. But nothing too concrete about it though. I've just happened to of asked on the AVG forums. Waiting any responses. I've just done a second install of Windows. This time I went with deleting everything. Why did some minor things remain though? Once upon a time, I use to be able to format older Windows, and reinstall that way. I've yet to reinstall AVG at moment. Kind of worried about it detecting again. I'm doing another Malwarebytes scan, and it seems fine so far again. It's only AVG that's detecting this anomaly. I'd feel better if someone else on here had AVG and the same thing. My computer is running fine as well.

 

Actually, to work properly, MBAM needs to be both installed AND run in Windows Normal mode, NOT Safe mode. It needs full access to the system and drivers. If the system is so badly crippled by malware (not a "virus", BTW) that MBAM will not run, then there are other strategies, such as the built-in Chameleon technology.

Hope this clarifies a bit,

MM

 

Did you wipe the drive completely before installing Windows? Like I mentioned, some rootkits/malware can survive a re-install. Have a look at the link below, 4 of these tools are free. If after wiping the drive & installing AVG you still get hits on the radar, there are 2 possibilities. One or more of your personal files that you may be importing back on the OS are infected with malware, or it's a false positive.

See what the AVG forum has to say & if possible, scan any files you have archived on another drive/disk or FD that you plan to reintroduce to your OS with Malwarebytes or SuperAntiSpyware portable edition.

Five hard disk cleaning and erasing tools - TechRepublic

 

I wasn't sure how to wipe the hard drive completely. I just chose to install Windows and not keep any of my files. Even though a few folders still remained! The chances are it's an error with AVG. Some other guy had a similar thing on the AVG forums. Though he said his disappeared after a reboot or something. Surely if it was something bad, then MRT, Windows Defender & Malwarebytes would detect it or something also??

 

You would think so. If you ran all the other tools & nothing showed & the only thing getting hits is AVG, then it's likely its an AVG problem. But just to be safe, but sure to scan your personal files before introducing them back into the system. Here are a couple articles to erase the HDD if you decide you want to take that course of action.

2015: How to securely erase hard drives (HDDs) and solid state drives (SSDs) | ZDNet

How to securely erase your hard drive | PCWorld

http://www.howtogeek.com/213295/how-...-selling-them/

 

Yeah I sometimes do! Cheers for advice. I read too that someone from a few years ago had a similar problem, and was still all clear. It could just be that AVG is detecting a kind of 'root kit' behaviour because of the Windows update or something, or because they haven't updated things from their end. It's hard to see it's a virus etc though. I haven't done anything on my computer, and all AVG scans were fine prior til yesterday. Fingers crossed, lol. If my computer starts behaving bad or weird etc, then I will start worrying!

 

Hope you have it sorted, keep a close eye on things.

 

It had come back again. But now today, this morning. I've done numerous AVG scans, and nothing is detected. Hopefully it's corrected itself!

 

Try to discern if there is a pattern to it's appearances. Does it only happen at certain times, with certain programs, etc.? Does it show up after you put a file back on the system or run a certain program? If there is any pattern to it, maybe you can find the source. Otherwise, if it keeps showing up occasionally, wipe the drive & start from scratch.

Once you got this sorted there is something that can help you down the road. Make a system image on an external drive, make images on a regular basis and make sure the external drive is not always plugged into the system. This way if something happens, you can restore the OS with little trouble. Keep 3 or 4 older images on the drive in case you inadvertently make one with a virus/malware, that way you have something to fall back on. A system image will also be a lifesaver should ransomware strike.

System Image - Create in Windows 10 - Windows 10 Forums