Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

MBAM found infection


  • Please log in to reply

#16
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi aaaa44

That looks like it has run now. :thumbsup:

Can you have good playabout on the computer and report back in the next 24-48 hrs if the AVG UI pop up's have now disappeared.

Also post any questions you may have before we wrap up the topic.

Thanks
  • 0

Advertisements


#17
aaaa44

aaaa44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts

I'll report back in a day or two on how my computer is running.

 

These are a few questions I have:

1. Was my computer infected, or did MBAM successfully quarantine it?

2. What caused the AVG UI popups?  Did the infection interfere with AVG, or did a problem with AVG allow the infection?

3. These are the cleaning and antivirus programs I use:MBAM, SpywareBlaster, Ccleaner, WinPatrol, AVG antivirus.  All are the free edition.  Is this a good combination?

4. How effective is MBAM at detecting infections?  MBAM detected one infection which is why I posted this thread, but AdwCleaner detected several.  So will I necessarily know I'm infected by just using MBAM?

 

Thanks for any responses.


  • 0

#18
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi aaaa44

In answer to your questions..
 

1. Was my computer infected, or did MBAM successfully quarantine it?


Your logs were showing no indications of any infection. What I and the auto tools such as AdwCleaner identified and removed were more generic orphaned leftover files and PUP's (Potentially Unwanted Programs). These are programs and applications which are usually not malicious in themselves but are often installed without your consent.
They often come bundled with other software e.g. AVG secure search and AVG Tune up will have been bundled with the free AVG virus.
 

2. What caused the AVG UI popups? Did the infection interfere with AVG, or did a problem with AVG allow the infection?


It looks like there might have been an issue with the AVG user interface restarter which runs in the background as one of the registry keys you would normally expect to see was missing, which is why you get the message it couldn't load it. This should not cause any issues with the AV functionality.
 

3. These are the cleaning and antivirus programs I use:MBAM, SpywareBlaster, Ccleaner, WinPatrol, AVG antivirus. All are the free edition. Is this a good combination?


All are decent programs and can be run as a combination, only word of caution is only use Ccleaner as a clean up tool not as a registry cleaner. Cleaning and removing registry entries can be dangerous and does not necessarily improve system performance.
 

4. How effective is MBAM at detecting infections? MBAM detected one infection which is why I posted this thread, but AdwCleaner detected several. So will I necessarily know I'm infected by just using MBAM?


MBAM is a very good, effecctive program at identifying and removing threats. It is regularly updated and I would recommend running regularly, say once a week. Although MBAM and AdwCleaner are maintained by Malwarebytes they are designed for different things, AdwCleaner is more specifically used to target PUPs and other adware whereas MBAM also can identify PUPs is also useful for virus, trojan and other malware types.
Using a good AV and following up with programs such as MBAM will reduce the risk of infection but cannot always guarantee that your machine will stay infection free. Having good security habits and awareness of dangers are equally as important and I'll cover a bit of this in my closing post.

Hope this helps. :)
  • 0

#19
aaaa44

aaaa44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts

My computer is running fine, and I have not had anymore AVG popups.  What do I do if I get another AVG UI popup?

 

Thanks for the help.  I really appreciate it. 


  • 0

#20
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi aaaa44
 

My computer is running fine, and I have not had anymore AVG popups.


:thumbsup:

I wouldn't expect the UI pop up to be appearing again but if it does I would recommend uninstalling the AVG product and then reinstalling it again.

Now for the good bit..

Good News! - Your system now appears to be clean. :)
Now for some clean up and "housekeeping" procedures.

The following will implement some cleanup procedures as well as reset System Restore points:
  • Download Delfix from here
  • Locate the file and right click on it. Click on Run as Administrator.
  • Ensure Remove disinfection tools is ticked
    Also tick:
  • Create registry backup
  • Purge system restore
  • Reset system settings

    delfix.jpg
  • Click Run

    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

    Staying Updated

    Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.

    Malwarebytes - Update and run weekly to keep your system clean.

    Staying Safe


    There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here
  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will be prompted to click OK to continue and select your protection level. Go ahead and click OK.
  • Click the Apply button to set Default protection.
  • If installing for the first time you will get asked if you want to whitelist items in known blocked locations. Say No to this.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.

    That's it. The protection is in place.

    Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates Tab...and select Check for Updates Now to see if there are any as this infection has serious consequences.
    Crypto_Prevent.jpg
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When browsing the internet, look closely at the links you click on. Some aren't always what they seem.
  • Avoid Peer to Peer file sharing utilities, these are a minefield of malware infections.
  • Pay attention when installing a program to your computer, particularly to any check boxes that may appear during installation, it is common for unwanted software to be installed in this way.

    To learn more about how to protect yourself while on the internet read this little guide Best security practices.

    Go here for some good advice about how to prevent infection.

    Happy safe surfing!! :)

    It's been a pleasure working with you.

    PS: Don't foget to post your Delfix log!

  • 0

#21
aaaa44

aaaa44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts

CryptoPrevent free edition is no longer offered.  It can be downloaded from third parties, but updates will end soon.

 

# DelFix v1.013 - Logfile created 27/09/2018 at 11:33:45
# Updated 17/04/2016 by Xplode
# Username : Steve9697 - LENOVO-PC
# Operating System : Windows 8.1 Connected (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Steve9697\Downloads\FRST-OlderVersion
Deleted : C:\Users\Steve9697\Desktop\Addition.txt
Deleted : C:\Users\Steve9697\Desktop\adwcleaner_7.2.3.1.exe
Deleted : C:\Users\Steve9697\Desktop\Fixlog.txt
Deleted : C:\Users\Steve9697\Desktop\FRST.txt
Deleted : C:\Users\Steve9697\Desktop\FRST64.exe
Deleted : C:\Users\Steve9697\Downloads\adwcleaner_7.2.3.1(1).exe
Deleted : C:\Users\Steve9697\Downloads\adwcleaner_7.2.3.1(1).exe.part
Deleted : C:\Users\Steve9697\Downloads\adwcleaner_7.2.3.1.exe
Deleted : C:\Users\Steve9697\Downloads\Fixlog.txt
Deleted : C:\Users\Steve9697\Downloads\FRST64.exe
Deleted : C:\Users\Steve9697\Downloads\FRST64.exe - Shortcut.lnk

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #222 [Restore Point Created by FRST | 09/23/2018 11:33:34]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########


Edited by aaaa44, 27 September 2018 - 12:58 PM.

  • 0

#22
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi

Yes it does seem they are discontinuing the CryptoPrevent free edition unfortunately.

You can still download it from https://www.majorgee...prevent,1.html which is a reputable site.

Cheers.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP