Jump to content

Search the Community

Showing results for tags 'Virus'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. I have a Lenovo Ideapad 3 with AMD Ryzen 5, it's only one year and 3 weeks old. In April, Lenovo released a security advisory stating that their devices had 3 bios/UEFI related vulnerabilities which allowed a virus to rewrite the SPI and deactivate the UEFI (among other things.) I assume that's what caused the issue but I don't know for certain. Lenovo claimed a bios update would fix the vulnerability but did nothing about those of us already infected. I have done everything imaginable to fix this but nothing works.It has survived every reset, every restore, every clean OS install. Each time I reinstall Windows, I completely format and delete every partition, I tried putting Windows 10 Home, 10 N, 10 Pro, 10 Pro N, something called Windows 10 Single Language, Windows 11 Home, Linux, Debian, Ubuntu, and multiple live Linux versions via Yumi. I also tried the Lenovo Recovery Media, nothing works! I have tried MANY different antivirus programs including Sophos, Malwarebytes, ADWcleaner, Microsoft Malicious Software Removal Tool, Windows Defender, Microsoft Security Essentials, Restoro, McAfee, etc. They all claim there's no virus. They do their scan with no problems found! They're wrong. After resetting the PC (done this about 60 times) I go straight to the Event Viewer, it's the only obvious sign of the infection. The very moment the OS starts up, the virus has already made MULTIPLE privileged users with a long list of "special privileges" added to those users. I removed the wifi card in case that might help, it made no difference. I have run the SFC scannow command dozens of times, sometimes it says it fixed corrupt files, sometimes it says it found nothing, sometimes it says "access denied." I have also tried Dism and bootrec commands they all say successful, except /fixboot which says "access is denied." I'm out of ideas! The 4 other laptops in my house and 2 desktops all have the same symptoms now. It must have gotten into the router. I know I probably gave the virus to one of the desktops via a USB that was used to get the OS downloads from a clean computer (the desktop) to my laptop but I never used that USB on any of the other machines. I am open to any possible help... other than replacing the motherboard... but I think that's the only way to fix this Thanks!!
  2. Hi, This is going to be a long description so please bear with me. Yesterday(On 30th May 2022) at around 5 pm, I downloaded a software "GCleaner" which turned out to be a Malware app. I immediately disconnected my internet after I realised that it's a Malware. My anti virus didn't detect it earlier. But after some time, when I connected my internet connection, I started getting a notification from my antivirus saying "Threat secured, We've safely aborted connection on because it was infected with URL:Blacklist" and my pc got into an unending restarting loop. It's stopped restarting when I deactivated my antivirus and disconnected the pc from internet. Then I searched for the malicious app in the control panel but it was not listed there. I searched on Google regarding this malware and found that it's probably a rootkit malware. I found some relatable posts in the community asking us to install FRST64, AdwCleaner, Malwarebytes. I installed all those apps and run FRST first and In the FRST and Addition files, I found that exactly at 17:07 some files were created in my pc which are highly questionable. I then ran Malwarebytes and found some malwares detected in my pc. I quarantined them and ran the scan once again. I didn't detect anything this time. After that I ran AdwCleaner and found out that there some PUP.Optional.Legacy Trovi.com virus in my Chrome browser. I tried quarantining them. I showed that the virus has been removed but when I scan again, I found out that it's getting detected once again. So, I had to manually remove it. After all these steps, I ran FRST again. But I found the questionable files were not removed. This time I tried removing them manually in the explorer. All but 2 of those files were removed. One of the file was 4y63267.sys and it was situated in the System32\drivers folder. This file is read and write protected so it doesn't delete even using cmd in safemode. Everytime I tried deleting, it shows Access is denied. I even tried TronScript, Unlocker and boot disks to delete it but this file isn't even detected there. Another file is in System32\Tasks\Service. Please help me remove these remaining 2 malwares. I am attaching all the latest scan reports here: Addition.txt FRST.txt Malwarebytes Report.txt AdwCleaner.txt
  3. When I open the Task Manager, my CPU is at 60 - 100%. The temperature is high, but then it drops. I used RKill, Malwarebytes, TDSSKiller, Roguekiller and HitmanPro, but they didn't find anything.
  4. The problem seemed to have stopped for now. But, I am not fully convinced. The last 3 weeks or so, I have experienced unusual activities on my iPhone and my email. I've been receiving unrequested password reset email attempts and I have been constantly changing my passwords for several sites and services. I am sure it is a virus. It could be malware or another kind of virus that I am not aware of. For security purposes, I am using my backup email address to write this thread. The hacker has successfully changed my passwords on services such as Epic Games Launcher, EA Games Launcher and I think Outlook email. Luckily, I have been able to change passwords from Outlook and EGL, but not EAGL. I have also implemented 2-step verification for my email, which is very important. Within that 3 week timeframe, I have received an email from the hacker saying they have my information and can expose me. I looked it up online (the nature of the email) and it seems to be common for people to receive that as it is a scare tactic. Talking about how they think I watch adult content and have my information. What creeped me out is that they wrote my password on that email, but it was a former password. It seems to be common in those emails. I also noticed that the hacker has sent spam email to many contacts from my OWN email address. I don't even know how that is possible. I am using Windows 10 on my laptop. I have not yet upgraded my OS. I just read that I definitely should update it as malware tends to infiltrate in computers that have outdated OS. I am using the latest OS on my iPhone 8 and I am using the Outlook app on my iPhone. For my laptop, I am using the Inbox Live program (which is Outlook). Overall, should I do a full backup of my files and reset my laptop completely? Should I upgrade to the latest OS of Windows 11? What should I do? PS: I have scanned my laptop several times with Malwarebytes and it hasn't detected any malware or unusual activity. Thank you
  5. So last week I decided to download uTorrent because I needed it for some downloads. Afterwards, my entire pc was slowed down. I did a malwarebytes check and it told me that uTorrent was the problem. I uninstalled uTorrent and everything that I had downloaded with it. Nonetheless, is my PC still extremely slow and it doesn't show anything in task manager. New tests don't detect any malware and I can't figure out what the problem is, and how this could be solves. I also find it weird that there is hardly any hate on uTorrent while it is so bad for your PC. The issues I am talking about are just that (I'm guessing) my CPU is damaged. In games I get less than half of my normal fps, and after doing a user benchmark I found out that my CPU is really really bad. I am willing to reset my entire PC if that is needed. I really wish that someone can help me out with this issue and I look forward to an answer!
  6. Hi! My name is Srijan. So, I got a little too excited and installed malicious game hacks months ago. After donwloading and installing 3< files. I realized what I had done. But I did not care at the moment i dont know why. I got hacked a few days after. It was just a simple attack but the malware added a malicious extension to my chrome. My instagram was hacked but the attacker only increased the number of people I was following. I just changed the passwords that day because I dont know why, I did not care. I got hacked again on november 21, 2021. Again, did not care and just changed my passwords. After a few days it hit me that I really did have a backdoor or malware in my system. Days and days I tried to find it and asked many tech specialists. I even installed Kaspersky's trial version and scanned but no results were returned. I at last cleaned my windows and installed it again with the media creation tool ISO.I installed my new antivirus and set up my computer completely. The sense of relief that there is no malware left in my computer was flowing throughout my brain. I connected my removable storage after I resetted my computer completely and then after a few minutes my google chrome resetted. All google accounts got logged out. It was not even the session expired thing. There was no sign left of my gmail accounts. I thought this was pretty suspicious and asked my mentor about it. He assured me that it was just chrome crashing and I had nothing to worry about. But i still needed answers. Why was no results returned in the scan I did in December when I am 100% sure I installed malware. What if the undetectable malware shifted it to my removable hard drive (which has a lot of important data so i cant format it) and now its back into my system. I would appreciate the help very very much. Regards ~ Srijan
  7. Hello! I had virus issues a month or two ago until I got MalwareBytes Premium, and it removed everything. I recently noticed that my CPU goes from 78% ish all the way down to 10%. I ran a full scan using MalwareBytes, Full and Offline Scan with Microsoft Defender and it stated there was nothing wrong. I downloaded Process Explorer to find what is using it and I found this. I have NEVER heard of ntoskml.exe , only ntoskrnl.exe or something like that. When I open task manager, the numbers dont change here tho. I am starting to think that I found my virus but I am not too sure on what is causing it. I have also tried to use ADW Cleaner. Please help!
  8. I've got rid of a virus thanks to Malwarebytes. However, I keep having a notification popping up and unknown 4 pages everytime i start my pc. Here is a screenshot. How do I get rid of it? It's pretty annoying! ps. my english is not good. if i misunderstand something you can always ask me to rewrite. Thank you!
  9. So I started a scan with Malwarebytes to my computer and I found a trojan virus called Cloudnet from Epicnet Inc. I dont really remember what kind of programs that I installed so I get such virus, but when look up to this forum right here: How to remove cloudnet epicnet virus that keeps returning - Resolved Malware Removal Logs - Malwarebytes Forums I find that I've also installed Smadav program that could be a problem in that forum, so what do I have to do? Should I just straight in uninstall the Smadav or what? Every help would be appreciated, thank you! I've also attached malwarebytes log and farbar recovery tool. Addition.txtFRST.txt malwarebytes log.txt
  10. I recently torrented software from a trusted uploaded on THAT website, and now something has access to my PC that shouldn’t possess it. Malware bytes and other anti malware software like adw and far are are being closed automatically. My free antivirus Avira is still working normally, and I’ve launched at least a dozen scans. It’s not reporting any further malware but I know it’s there. Notepad is among the software that auto closes as well. please advise, I do have a laptop nearby if that will help any. I’m ready at my phone to provide any necessary information.
  11. I downloaded a file (it was just called Setup.exe but when I ran the file multiple times it didn't seem to do anything) from a site that seemed safe but turns out it was infected with a bunch of trojans and random apps (I don't remember the other 2 and can't find them but one of them was MaskedVPN which took forever to fully remove). I've done a custom full scan with malwarebytes, ran rkill, hitmanpro, ESET and it says they've removed the trojans as it doesn't find anything else when I start a new scan. At a glance my pc seems fine as nothing changed aside from my ram usage being up by quite a bit (Usually around 20% when idle and is up to around 40% now). I was planning on doing a full system reset but I have a lot of files I need and have no clue how to back them up in case they're infected. What do you suggest I do?
  12. Just showed up on a scan. Haven't downloaded anything new or anything. Super weirded out by the 6 finds though. Exported the scan info below, would love opinions and help on what to do next. Potentially having malware on my PC freaks me out. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/8/21 Scan Time: 8:55 PM Log File: 65838a92-b07a-11eb-91d2-38d54710e326.json -Software Information- Version: Components Version: 1.0.1292 Update Package Version: 1.0.40238 License: Premium -System Information- OS: Windows 10 (Build 19042.928) CPU: x64 File System: NTFS User: PromethiumPC\Promethium -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 342284 Threats Detected: 6 Threats Quarantined: 6 Time Elapsed: 2 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 5 Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, 1.0.40238, 8F961A44701714803DB7D6B7, dds, 01237109, 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  13. Greetings! I am the developer of WFE (Warcraft Feature Extender) and my .exe/.dll sometimes both get detected as MachineLearning/Anomalous.100%, I do not have malicious code, and VirusTotal and other scanners report it to be comepletely fine. Could you please take a look and hopefully remove my software from being detected as virus? Archive with files attached below. Thanks in advance! WFE v2.23.zip
  14. A few hours ago for no apparent reason my laptop began moving slowly. In particular downloading and opening downloads takes a very long time. I have run my Malwarebytes Premium Antivirus, Adwcleaner, Microsoft MSERT Security check but to no avail. Could you kindly investigate this? My laptop is an Inspiron 5570 I am using Windows 10 and Chrome Browser. Thank you
  15. Nothing much to say here. A malware added exclusions to my Windows Defender that I cannot remove. I do not know how to fix it, but I have seen a solution with FRST64 however I dont know how to do it. Please help me.
  16. Last time on Sunday, January 24th, 2021, I was taken along for my research to find a better program to make my videos, yet, I was found on torrent website and download the pirated versions for adobe Photoshop and adobe after-effects. Then I have a Chance to Install it, but no one seems to appear. Where’s the Installation pop-up, where’s a language Install selection, none of It doesn’t have their options to work. I was trying to use a crack to Install the program, but It wasn’t an Installation or a setup.exe, But It went turning out to be a hoax. And my entire C drive Is filling up over 132GB to 109GB. That Is one of the most dangerous malware That I would like to show to you as proof. https://www.file.net/process/set-up.exe.html This Is the Set-up.exe. Using with Hyphen, but not altogether with setup.exe. One of the most dangerous Malware causes to filling up the C: Drive Infected. And It did try to fool those people themselves, Including me. I Had a chance to restart my computer, Using the whole scan and deleting the set-up.exe, But It doesn’t work since they kept filling up my C drive. However, Moving the files over to the HDD Drive such as Toshiba, Seagate, and the Others, for instance, Does It have a chance to move a lot safer? That might be one problem: The malware connects In between the files infection. Because moving over Wasn’t a great idea for the virus. Because once your files move over and connect to the other laptop systems, It would Infect to fill your C: drive than before & I’ve seen everything, a lot worse and worried. I can’t remove the hidden virus and hidden files to stop it. If anyone could help me, I would glad to set things right. .
  17. My windows 10 Microsoft Surface laptop has recently stopped working, something I suspect is caused by a virus. The other day I lent my laptop to my brother so that he could work remotely from it. He downloaded Anydesk, as well as OpenVPN (according to him, he just googled them and downloaded the first link). He was recently notified by his work that their network was infected with a virus which case from his machine. As soon as he told me this, I downloaded Avast and ran a scan, but from this point my laptop kept freezing any time I tried to install, uninstall or run any kind of antivirus software. I installed malwarebytes and had the same issue. After trying to fix it for a while, I decided to reset the pc, keeping the files. Once this completed, the laptop seemed to run better until I downloaded malwarebytes and ran a scan (with all of the advanced search settings switched on). Although it returned nothing, file explorer started opening repeatedly which I’m fairly sure was caused by the virus. Now, the laptop won’t properly boot up. Instead, it gets stuck in an ‘automatic repair’ loop. I cant continue to Windows 10, or it just switches off and goes back to the Automatic Repair screen. I also cannot reset my PC by removing everything - this simply starts loading and then returns me to the previous screen a few seconds later. Does anyone know how I might me able to fix my laptop and remove this virus? I have no issues with completely resetting the PC, as I don’t have many important documents on it. Thanks
  18. Hello, Please help me, today i downloaded program from "keygenninja"while trying to get a keygen for a game i wanted. I run the file and my laptop suddenly makes a sound, then my laptop turn itself off, and i try to turns it back on but what appears is an underscore sign in the upper left corner, then i try to press something, but what comes out it just a sound
  19. Hello, Yesterday I downloaded a program from the website "Keygen Ninja" while trying to get a keygen for a game I wanted. I ran the .exe file and ads were showing up on my google chrome and some shortcuts were getting deleted. A lot of requests for programs to run kept showing up and I pressed "no" on all of them. After that, I immediately downloaded MalwareBytes and ran a full scan, which took 6 hours, and something around 70 viruses were found. I quarantined all of them, and I ran other tools like Hitman Pro and adwcleaner to make sure everything was clean. I woke up this morning to a notification from paypal that my password had been changed, great, so I immediately changed all my passwords. The problem now is that my google chrome is showing a "Managed by your organization" tab on my settings in Google Chrome. I deleted the Chrome policies in the registry editor and uninstalled chrome multiple times while also disabling and enabling Chrome Sync. Nothing is changing, the "Managed by your organization" tab is still there. When I click on it, nothing shows up in the "Your browser is managed" tab. What should I do???
  20. Hi, So yesterday i noticed that my antivirus isn't working, i was using eset and suddenly it got disabled, i tried to reinstall it and i saw a cmd popup and it just deleted eset by itself, i ran an onlineesetscan and it found some objects, then i went into a forum on your site and used Kaspersky's VRT, Malwarebytes, adwcleaner, FRST, mbar, mbclean and i think i got the virus removed but still the cmd command doesnt let me download eset and i still can't use Windows Defender, is there someone here that can try to help me?
  21. Hello, I have recently been alerted by windows security that there is a Trojan virus program on my pc and immediately downloaded malwarebyte to see if I can delete this file. I completed a scan and it singled out the trojan file and then prompted me to quarantine it which I did. I then went on to delete the file from the quarantine although I am not sure this was the right thing to do. Since then I have restarted and rescanned my PC countless times but have not gotten any reports of any new threats on my PC but am still really scared that there still might be some left. Therefor I decided I would completely wipe my HDD and SSD since I am not really sure what else to do and Reinstall windows 10 on my PC. If there is anything else I can do once my PC is done clearing and resetting everything and there is anyone willing to support me through this, it would be much appreciated Thanks, Moritz
  22. Good morning I wanted to consult with a member of malwarebytes to help me with a problem that I have had for a long time, it is that I have a virus that is installed only on my cell phone even after having restarted it from the factory, what happens is that applications are installed With names like Calendar, Settings, Game store and the one that always appears and apparently is the strongest one called gooysf, apart from this, the browsers only open to a page called hastopic.com and also to the playstore to applications Like alibaba, when I try to type on the keyboard sometimes it closes on its own and when I want to see all the apps I see that there is an app called settings that apparently works in the background and it also pauses the videos that I see, finally all this is It installs in the files of the system folders with names like qwusz ayzx and many (I got to delete 46) also it slows down the phone and turns it off by itself or leaves it inoperative forcing me to restart it forcibly, my t Elephone is a zte blade a315 with android 6, I would appreciate your help
  23. So as i was using MalwareBytes my device found 43 detections as it was sending them to quarantine it was stuck on removing 4 out of 43 it has been 4 hours since and it still hasn't been removed , i have 4 gigabytes of ram and no background applications were running . So can anyone help me?
  24. Hi, I have a problem in my windows pc with a site "monerohash.com", which I never visited and didn't know its existence before now (I apologize for my bad english, I'm from Italy🇮🇹 ). Every 30 seconds malwarebytes blocks a connection to that site (that I didn't asked for) telling me that the infected path is located in system32 (I will attach the notification here). Can someone please tell me how to fix this? I am really afraid about it. Thanks.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.