Jump to content

AVG Virus Alert Notification when MBam was started.


Recommended Posts

History behind the upcoming question concerning Mbam.

Wednesday - I was hit by the Win 7 Security Suite Virus - having been hit by this beast before, I instantly recognized the popups, didn't click on anything and began seeking help to remove the monster. First I contacted Microsoft Help Desk, refused to pay them their Fee of $99.00 argued with the Agent until they agreed to walk me through a "self-remove" attempt up to the point they could no longer "assist" me for Free but would provide me with a link to their website - where I could walk through the process myself. I did everything their website suggested, ran Microsoft Safety, Defender etc etc etc, also un-installed then re-installed MSE, ran scans came back clean and system seemed clean, even IE was acting ok.

Thursday - again everything seemed ok, connectivity was slow, but nothing too extreme. Until I logged out of work, then I got hit by really odd websites & popups coming up on IE anytime I ran a search and clicked a link shown on the page, so I scanned with Microsoft SE, it came back clean, ran Microsoft Malicious Software Removal Tool again, nothing was found but issue with IE and random webpages were still there, so I knew something was still in there but Microsoft SE was giving no warnings etc.

Friday - while I got desktop popups and knew the beast was not gone. I finished work and started searching for a way to really remove this *@%* thing. IE was (& still is) pretty much useless if I do not type in the exact site address. I would run a search for help with removal of the virus and every link I clicked on would take me to some random page.

As this is a work provided PC, we are not supposed to download anything to the PC except updates to MS or change the Free AVG protection to Microsoft Security Essentials, which I had done when the AVG Free version ran out earlier this year. With that said, at the time of the attack, -I did not- have MBam installed. I was using Microsoft Security Essentials w/MS firewall and this Win 7 Security Suite Virus blasted past all of that like a McLaren racing a snail. Despite the policy about downloads, I was determined to get Mbam downloaded, so I headed out here, having those popups the entire time, ending their Tree process through the Task Manager, I was able to get Mbam downloaded and get it to run. Of course Mbam found infections, I cleaned system up with Mbam, followed removal instructions from bleepingcomputer and all seemed* to be back to normal.

Hit IE to run a search for issues with Microsoft SE to see what I could do (if anything) to secure MSE known problems, etc. IE gives me random pages again under any link I click on, so I head to Microsoft.com, to scour the forums, very little is found that I didn't already know. Keep system downloads up to date, run Malcious Removal Tool, update-update-update etc. Got fed-up decided to uninstalled Microsoft SE and installed ZoneAlarm Extreme Security. ZA pretty much put my system into lock down, immediately shut my internet connection down, I chatted with their LivePerson Help (great service to offer but found 4 chats until the internet issue was fixed, a bit excessive) finally got ZA to allow internet connection while it was running, ran scan, no issues found, IE however still giving random webpages when a link was clicked on search pages.

Saturday - Hell. I spent 1.5 hours on the phone with work Tech Support starting at 6:56a trying to figure out what happened to AnyConnect because it wouldn't work. After uninstalling ZA and reinstalling VPN client just so I could work, the day consisted of fighting to stay connected and odd behavior with webpages through IE. I had reinstalled, at company suggestion, Microsoft Security Essentials, however Windows Firewall would not (and still will not) activate, Windows Firewall now gives me an error so I had no firewall the entire time apparently. I even tried downloading just the ZA Firewall, same issues with DSL and VPN. I finally uninstalled and said no way, never again to ZA.

By this point, well and truly fed-up I finally went to AVG, downloaded and it found infections & threats. Healed all but one, which is the following "C:\Windows\System32\drivers\dfsc.sys";"Trojan horse Hider.ONO";"Object is white-listed (critical/system file that should not be removed)". Never finds anything but that one file and refuses to remove it.

Fast Forward to about 45 minutes ago; ran AVG scan - same infection notification, only that one file. Then ran Mbam scan. The moment I clicked Mbam, AVG Shield Protect popped up with a infection threat warning and gave Mbam as the source - under driver/dfcs.

I need to know - why? Why isn't Mbam finding any threats or infections, showing clean system under quick scan and full scan both. Why is Mbam listed with AVG - is it because I downloaded it from the Cnet auto download link, is it because I downloaded it while virus was on system, did I install incorrectly. Why would Mbam come up as a virus threat/infection under a driver file?

Thank you in advance.

L2L

Link to post
Share on other sites

Hello Luv2Laugh: :welcome:

If you are a reseller, affiliate, technician, corporate, business, educational, government or non-profit customer, then please contact corporate-support@malwarebytes.org and include full contact details along with your Reference # when you do to ensure that you receive prompt assistance.

Thank you :)

Link to post
Share on other sites

Hello Luv2Laugh: :welcome:

If you are a reseller, affiliate, technician, corporate, business, educational, government or non-profit customer, then please contact corporate-support@malwarebytes.org and include full contact details along with your Reference # when you do to ensure that you receive prompt assistance.

Thank you :)

I am none of the above, so who should I contact if that is the case? I thought this was the correct Forum? Am I incorrect?

Thank you.

Link to post
Share on other sites

Hello and :welcome:

Well you are comparing Malwarebytes with AVG. They both are different and work in different ways. AVG is designed to catch viruses (first) and Malwarebytes is designed to work with your antivirus to catch Malware that your antivirus fails to catch. That being said, if you are infected and you suspect that Malwarebytes is not catching something, you could submit samples of the file in the Research Center so that the folks at Malwarebytes can review the files.

On the other hand, if you feel your infected, just have the experts take a look at your logs by following the instructions below.

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:


  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the
General Malwarebytes' Anti-Malware Forum
, you need to start a topic in the

Malware Removal forum
so a qualified helper can help you fix any malware related problems/infections you may have.


  • Please read and follow the
    , skipping any steps you are unable to complete.

  • After posting your new post, make sure under
    options
    , you select
    Track this topic
    and choose
    Immediate Email Notification
    ,

    so that you're alerted when someone has replied to your post.

NOTE:
Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.

      Or

    • You may send a Private Message to a Moderator asking for assistance.


OPTION 2

Alternatively, as a paying customer, you can contact the help desk at
or
.

OPTION 3

If you would like to use our
Malwarebytes Premium Services
, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our
support site.

Please be patient, someone will assist you as soon as possible.

PS: Please use the "Add Reply" Add-Reply.png button not the Reply button when you start replying.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.