Windows defender says I have virus, 3 other AV say I don't

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580
Windows defender picks up Trojan:Win32/Dynamer!ac. When I click to clean, it fails after 2 hours.

I also used Malwarebytes, Emsisoft Emergency kit and Eset and none of them detect a thing.

So false positive or something more dark that only Windows defender picks up?

I am on Windows 8.1.
 

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580
Well, I downloaded some games and movies, but that was 2 years ago. Windows defender picked this up a couple months ago. But like I said the other AV don't pick up a thing and they are all updated to latest definitions and versions.
 

Rogue Leader

Distinguished
Moderator
This is a known issue to Microsoft, go here:

https://www.microsoft.com/security/portal/threat/Encyclopedia/Entry.aspx?Name=Trojan:Win32/Dynamer!ac

You may need to use Microsoft safety scanner to get rid of it, available under the "What to do now" tab.

Also try Windows Defender Offline, probably your best route:

http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline

This will allow you to reboot your PC directly into a scan and clean before the virus can load, and then get rid of it.
 

aparnell572

Commendable
Mar 30, 2016
25
0
1,610
Ideally you're not supposed to run more than one AV due to them interfering with one another, so I'd pick one and stick with it, also its very taxing on the hardware as well. Have you seen the root folder where it claims this virus to be? Like in your users folder somewhere for embedded deeper in the system?
 

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580
All the AV I listed are scan on demand, not active, so they don't conflict. Only Windows Defender is active. I am now doing a full scan using Microsoft safety scanner, and after I will do the remaining ones you suggested.
 

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580


Which version do I download? Reason core security or herdProtect full?
 

Rogue Leader

Distinguished
Moderator


Defender offline should take care of it, being that it is identified by Microsoft in there. You should do that as soon as safety scanner is done.
 

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580


I'm guessing I'll need to change all the passwords that I used on this laptop after cleanup? What if this safety scanner does not detect anything? I'll still do defender offline, but do I need to do that in safe mode or not? I scanned with Windows defender in safe mode, and it still could not clean that bs.....
 
Found this on a malware forum about that file.

"False positive it is then. Stupid Microsoft Defender"

Most malware forums are stating a false positive.

Probably in a recovery folder so it gets detected over and over again.

Microsoft Defender has passed Certification in several years , get Bitdefender FREE or Avast FREE.
 

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580


What about Avira free? It was stated best on here in December 2015.
 

Rogue Leader

Distinguished
Moderator


Defender offline will reboot your PC into its own "Safe mode" to get rid of the virus before the OS loads.

Like I said don't bother with anything else till you try this, Microsoft has already identified the issue as per the link I showed you, this is the fix.

Afterwards get yourself some good AV software like Bitdefender or Avira.

And yeah I would change my passwords.
 

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580


How do I boot from the usb in windows 8.1? Do I have to go into bios and change boot order or is there another way?
 

LonelyMan

Honorable
Jun 22, 2012
37
0
10,580


We'll see; so far Microsoft safety scanner scanned all of my c drive and found nothing and it's now scanning the recovery drive, still nothing so far. I'll use that defender offline anyway just in case.
 

Rogue Leader

Distinguished
Moderator


You can change the boot order in the BIOS or some BIOS allow you to do a 1 time boot from a different drive.
 

Rogue Leader

Distinguished
Moderator


I agree, I would never use it normally. Defender was created by Microsoft as a failsafe, because they get so much heat for Windows being susceptible to viruses, and a lot of times its caused by people not running any virus software, so they made SOMETHING to force protection on people. But the "Defender Offline" utility is a nice free product you only use once, by booting your PC into it. It cleans on that boot and then you dont need it anymore.