Jump to content

AVG Resident Shield - error?

Phlox
 Share

Recommended Posts

Phlox

Phlox

Posted
Posted

I was running Malwarebytes and suddenly AVG popped up to say that one of the files accessed was a Trojan Downloader.

Malwarebytes found nothing on this scan, so I don't know what to believe, I've still got this alert window sitting on my screen.

I've had this game on more than one PC with no problems at all and I can find nothing on the net about the Agent2.cxs.

post-13922-1242734491_thumb.png

post-13922-1242734491_thumb.png

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

Hi I had the same problem with a Trojan on a friends computer and then on my own computer it popped up with a cookie alert.

Try reading through the thread I started and see if that helps. I am not completely sure what is happening either though. Hopefully this is figure-out able :P AdvancedSetup has been helping me a lot in that thread but we are still trying to figure it out.

http://www.malwarebytes.org/forums/index.php?showtopic=15344 That's the thread that I started.

Link to post
Share on other sites
Phlox

Phlox

Posted
  • Author
Posted

Thank you Mountaintree for your response.

I did see your post 'after' I had made mine.. although I did use the search beforehand to find out if it was something known, but nothing came up.

I've run umpteen virus checks locally and online on this system and the other PC where that game has been installed for years and have never ever had anything come up before, I'm not about to remove my favourite game without investigating it first, especially when I can find no reference to the Trojan Agent2.cxs on a google search.

Looking at the responses to your post, I would like to know what we have to put in AVG to ignore it, I have no exceptions listed in mine.. do we just type in Malwarebytes and hope for the best, or just put in the 2 files mentioned... Or is there a complete list that we need?

Good fun this stuff.. NOT :P

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

You're welcome!

The computer that I am having the problem with had a Spyware Protect 2009 infection so I am pretty much certain that what the ResidentSheild found is a virus. I just don't understand why it was ONLY found this way. It concerns me.

I had Malwarebytes run on the computer again today and the ResidentSheild issue did not come up again, so I am so confused. I don't want to change the settings IF this is the only way the virus gets found. At least with the Sheild it tells you that its finding a virus.

I have heard of perfectly legitimate .exe files getting infected and being used as a host for a virus. One example I have heard of is lsass. I don't know anything about it really but that is one example.

Maybe that happened with your game file?

In my case, I have never HEARD of ker.exe before and I googled it and there was slim pickings.

What version of AVG do you have? And is it free or paid?

I couldn't find where to put them either, but I am going to look again. I didn't look too thoroughly before.

I just ran Hijackthis for a look and see, and it shows my login and pass for a games forum.. Argh!!!!!!!
Link to post
Share on other sites
Phlox

Phlox

Posted
  • Author
Posted

My AVG is a Free version 8.5.339, as is my Malwarebytes. I do tend to go for free applications as they are usually as good with the necessary features as the Pro versions.

I never ever saw anyone's login and pass before on a hijackthis log, so if I ever have to post it in a forum, I will make sure it's clean of that information.

Link to post
Share on other sites
Phlox

Phlox

Posted
  • Author
Posted

Can't seem to edit my previous post :)

I found where to put exceptions in AVG.

It's in Tools > Advanced > Exceptions > Add Path, you can navigate to where you want there....I chose to add the folder, don't know if that's right, we shall see :)

Link to post
Share on other sites
Phlox

Phlox

Posted
  • Author
Posted

Thanks, I uploaded it there and got this result.

File AquaBall.exe received on 05.21.2009 22:29:19 (CET)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 1/40 (2.5%)

Not sure what that means, according to that list only 1 found a problem, that was AVG.

Link to post
Share on other sites
Phlox

Phlox

Posted
  • Author
Posted

That's what I thought :)

I just tried to update MB and failed, I tried a few times with no result.. I was a bit worried, but I decided to close it and reopen it again..bingo, it updated perfectly.. how odd :) These things are sent to make us sweat a little :)

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

Hey sorry for the late reply.

Thanks for letting me know what the fields to enter were!

However, I am not sure if I want to change the setting because it seems that this was the only way the virus got found? If that makes any sense. On my friends computer that this virus popped up on with the AVG Shield (and it happened on my computer once, but mine was a tracking cookie not a virus) it seems as though that was the only way the virus was found. If the settings get changed, I am not sure if that will hurt the ability to find that virus or similar viruses in the future if they happen again (which hopefully they won't!)

The AVG conflict hasn't happened again since that day on the friends computer, so I am thinking that it was actually a virus being found and not a false positive.

Do you think that your system is clean now?

Link to post
Share on other sites
Phlox

Phlox

Posted
  • Author
Posted

Ohhhh, I'm not suggesting that you put things in Exceptions that you know are real problems.

I've had that file on 2 of my PCs for years with no problem, it's been through many Virus checks online and locally without incident.

I researched the file that was causing a problem for AVG here.. http://www.virustotal.com/ and it was only AVG that marked it, so 1 out of 40 is a good sign that it's a false positive in AVG.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

DO NOT add items to the Ignore List unless you're absolutely sure it is a False Positive and even then you should submit it to us so that we can confirm and remove it from detection for everyone. If you're wrong and it is Malware and you've placed it on the Ignore list then we won't detect or remove it as it sits there and damages your system.

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

Thanks AdvancedSetup! I haven't added anything to an ignore list on Malwarebytes or AVG.

I moved the detected virus into the vault on AVG when it was picked up during the MBAM scan and did the same with the cookie that came up.

I did not alter any settings on AVG or MBAM on either computer.

Not that I have, but if I did accidentally put something on the ignore list, is there a way to get it off of the ignore list?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.