Jump to content

Search the Community

Showing results for tags 'windows'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Here's the Information. I really hope i don't have a virus in my computer , and it's possibly just a false Positive. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 6/24/21 Protection Event Time: 9:54 PM Log File: 9dbb789e-d51d-11eb-a8fa-1c6f655d1155.json -Software Information- Version: 4.4.0.117 Components Version: 1.0.1344 Update Package Version: 1.0.42185 License: Trial -System Information- OS: Windows 10 (Build 19042.1052) CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 Trojan.Crypt, C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.exe, Quarantined, 601, 949123, 1.0.42185, , ame, , B81EE7D3AC6D2AF9E931C8B79811C1AB, 6B85223B9156076F0B5D203551DBDB9AD604013AB7C1C991631A63000F300761 (end)
  2. I recently torrented software from a trusted uploaded on THAT website, and now something has access to my PC that shouldn’t possess it. Malware bytes and other anti malware software like adw and far are are being closed automatically. My free antivirus Avira is still working normally, and I’ve launched at least a dozen scans. It’s not reporting any further malware but I know it’s there. Notepad is among the software that auto closes as well. please advise, I do have a laptop nearby if that will help any. I’m ready at my phone to provide any necessary information.
  3. Just showed up on a scan. Haven't downloaded anything new or anything. Super weirded out by the 6 finds though. Exported the scan info below, would love opinions and help on what to do next. Potentially having malware on my PC freaks me out. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/8/21 Scan Time: 8:55 PM Log File: 65838a92-b07a-11eb-91d2-38d54710e326.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1292 Update Package Version: 1.0.40238 License: Premium -System Information- OS: Windows 10 (Build 19042.928) CPU: x64 File System: NTFS User: PromethiumPC\Promethium -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 342284 Threats Detected: 6 Threats Quarantined: 6 Time Elapsed: 2 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 5 Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, , , , , 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.1035458231, C:\WINDOWS\ASSEMBLY\NATIVEIMAGES_V4.0.30319_32\PRESENTATIONCORE\AA9C1B7D97605C62DA47F787BF616815\PRESENTATIONCORE.NI.DLL, Quarantined, 1000000, 0, 1.0.40238, 8F961A44701714803DB7D6B7, dds, 01237109, 59CC10239EA4A5A8004DABFD09DCF838, A6F04A14F72140B29C7DAD7F3C3F83B0297B4C0A45BDCFF18647707426BF66FD Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  4. Trying to download an activation key and then suddenly my real time protection cannot be turned on. I managed to turn on windows defender but i cant turn on real time protection can someone help me?
  5. Hello all! i need your help please! i brought it to myself, i downloaded a program from a site i didn't know, and it was a malware once downloaded and extracted windows defender detected trojan Win32 Yamacco.AA2B as show in the picture (1) and the problem is i clicked "allow" by mistake then the other one picture(2) trojan win32 Tilevn.A got dettected, i don't remember what i did there since as you see windows says restored or removed from quarantine! then i deleted that program i downloaded, i tried runing it but it was blocked and it said that it contain a virus, so it wasn't instaled i instaled malwarebytes, and started runnign a scan with it and with windows defender too, then defender detected the last one as shown in picture (3) trojan:html/phish!msr got detected and got blocked i clicked "remove" and went to the directory of the files infected it showed, and deleted them! so it was deleted but of course i allowed that one so i panicked! i wanted to know if it's really gone and that's why i'm hereand i did many things, i instaled microsoft safety scanner, and did a full scan with it many timesdid a full scan using windows defender too, and also windows deffender offline scan!many scans with multiple programs, eset online, malwarebyte, hitman pro, zemana,booted my pc on safe mode and did scan with malwarebyte again, none of them detected anythingwent back to normal booting did also a boot clean and some other forms of cleaning, a sfr scann on the command prompt, cleaned the cache disabled the system restoredid a cleaning that delets the browser cache and stuff with CCleaneri changed my emails passwords..i don't remember what other things i also did 0 threat found, i suffer from generalized anxiety and this virus thing made me panick hard lol i worried that infos from my pc were stollen since i had some passwords written in doc.txt filescomputer seems working fine nothing unusual no weird pop ups nothing out of the ordinaryso is it gone? am i safe? or a hard wipe and reinstaling windows is needed ? i wish i won't have to do this
  6. My PC came with preinstalled Windows 10 and I've got this PC for 2 years. It is ASUS laptop (Republic of gamers). I would check the model but I'm not home yet...so ill update that later. Windows Defender keeps telling me about this PUA. I have been scanning my PC all over again and tried clearing out temporary files and such but still shows the PUA as active,I have F-secure installed and as my main AV but I did a full scan with WD too after getting a blue screen while browsing internet. I know the Recovery folder is not even visible by default...I know I can't access it even when it is visible. Location of the PUA that Windows Defender notifications keeps telling about ---> containerfile: C:\Recovery\Customizations\usmt.ppkg file: C:\Recovery\Customizations\usmt.ppkg->\ICB\MachineSpecific\File\C$\Program Files (x86)\ASUS\GameFirst IV\Driver\tdi\i386\netfilter2.sys file: C:\Recovery\Customizations\usmt.ppkg->\ICB\MachineSpecific\File\C$\Windows\System32\drivers\netfilter2.sys I think it might be ASUS preinstalled program but I can't know for sure since I can't access the Recovery folder (and even if I could I think I still would not know for sure).The other netfilter2.sys was deleted (maybe) since it was no longer in it's folder. Win32 ASUS drivers folder (deleted by Windows Defender after full Scan)? Windows Defender keeps telling me about the PUA. I have tried deleting the detection history but it has no effect.The notification only appears with Windows Defender full scan. No other AV program will detect it (MalwareBytes, HitmanPro, AdwCleaner, F-secure, Windows Defender Offline scan/quick scan, Windows Safety Scanner). I would just like to get rid of it I don't care if the program is actually made/preinstalled by ASUS or not as long as deleting it has no effect on my PC/it's performance. Is netfilter2.sys important? What does it do and do I need it for my PC to work or will it have any impact on my PC's performance? Is the Recovery folder important and will deleting/altering it have severe harmful effects on my PC? Some people said they got blue screen and that their PC wont boot after deleting it. I have been told in Microsoft community, Microsoft Support, F-secure forums and else where that it is most likely a false positive but no one could confirm this for sure. Since F-secure never detected anything it should be false positive and nothing more yet I have not been able to use my PC without feeling paranoid over my accounts/safety. I'm just too paranoid about this. I don't want to do a system reset since getting F-secure back and installing all the 30+ games and other software that I have would be a pain. Can ASUS Backtracker get rid of the Recovery folder that (should?) be ASUS Recovery folder and not the Windows 10 itself since it was preinstalled? Can the netfilter SDK itself somehow be deleted or just delete its Recovery files since Windows Defender can't seem to get rid of it and other AVs don't detect it. Is here anyway to either get rid of it or confirm that it is actually not harmful? I can't check the original file since it got deleted and just the file in the Recovery folder remains. Also what is Win32/DefenderTamperingRestore? Got that notification after scanning the recovery folder with Windows Safety Scanner. No mention about the PUA tho and said that Win32/DefenderTamperingRestore was deleted. I did a Repair Upgrade from USB when trying to get rid of the notification so that might have caused this? If anyone has any suggestions or ideas on what I should do I would really appreciate it. (Sorry for having so many dumb questions and sorry that this is so long but I'm just really freaked out about this).
  7. Hello all, first time poster. I have started coming across weird networking/firewall issues after prolonged use of my computer (I leave my computer on for the most part.) I'd say after about 2-3 days of being on, these issues will suddenly start occurring. Such issues include - OBS Studio will not authenticate with Twitch to provide API elements (The chat and stream info windows will not appear, resuilting with the error: failed to authenticate with twitch) Loading webpages taking a longer time than before... about 10 seconds to load up a google search page. Microsoft Remote Desktop Protocol (RDP) will not work period - either via the internet or locally to my home server. My computer can ping my home server, but the server cannot ping my computer from command prompt.... despite my computers DHCP-assigned static IP showing up when using arp -a. Windows Defenders Firewall WILL NOT load (Although I hear that MBAM may set the Windows Defender processes to be Manual rather than automatic so that may explain this) When creating sessions in games like Monster Hunter World, the session takes F O R E V E R to load. Likewise, using Splashtop (my work's remote access software) to remotely access client computers also can take a prolonged time than normal. Restarting the computer resolves all these issues and everything works as normal. Me being in IT, I thought a networking issue might have been causing this (Specifically thinking that port 443 was being blocked or something) but after running several port checks, updating my routers firmware, updating my LAN driver on my pc ect I determined that the issue is isolated to my system. Then I found this post on Bleeping Computer (Hopefully link sharing is not against the rules here..): https://www.bleepingcomputer.com/forums/t/716117/cannot-open-windows-firewall/ And noticed all the similarities between me and this poster's issues - specifically that we both have MBAM Premium. After finding this revelation, I have come here to seek help on the matter. I am running Windows 10 1909 with MBAM Premium 4.1.0.56. I apologize if this issue has been posted before but it is kind of difficult searching up this topic..
  8. Hi, today i found on task manager that "Antimalware Service Executable" is using 90% of my cpu, what can i do? Thank you
  9. Hello , I have a very persisting spreading screen virus on my asus windows 10 laptop ( and others) By my knowledge it only messes with my screen ( makes it reddish gloomy and seems to slightly pulsate) but it doesn’t freeze your computer or such or searches for information, to my knowledge. I have the same issue on multiple pc’s and 2 macs ... they have AlL anti virus protections Malwarebytes , clamxav on macs and also malwarebytes free version and f-secure on pc , the latest windows updates , And standard and administrative accounts... tried with several anti virus programs but none seem to recognize this.... the virus spreads from even connecting an external device without opening anything. From Mac to windows ???? it presumably originated from a malicious torrent file Downloaded years ago. And has gotten on every computer in my house via usb connection. I know from trying On the macs that erasing your drive and reinstalling the operating system Doesn’t solve the alterations . Even booting to an other drive with a clean system gives no good result. The infection on my latest windows pc comes from the ext. ssd connected to that infected Mac ..,, I have tried on the windows to go to a restoration point . But that doesn’t do anything. I am going to try to restore my laptop to original factory settings . But I hoped that I could find a Different thoroughly solution from my malwarebytes antivirus here at the help forum? I have posted on the forum before but then Mac related. And have been told that a virus doesn’t work like this on a Mac . I do not really know if it would be categorized as one . But I know these screen alterations spread so that must be some kind of coding or such. are there any steps I can take before trying to reStore my pc to factory settings ? I didn’t make a backup yet as the pc is a month old . I do have a recovery drive from my windows fully updated. And have enabled the windows restore at start of boot. with kind regards jonas
  10. Our work from home computers cannot access Outlook anymore since MB is blocking the same exploit that I see posts about from 2-3 years ago. We can't get into delete the offending email as "Contacting Server" pops up and then MB crashes the program. It is now happening throughout all the desktops of our visual & graphic media teams. I see a MB post from April 2017 that is a known issue and you are working on it. Its 2020 and I can't find the answer for why its happening in 2020 or how to stop it as we crash or the block kicks in from MB. Help is appreciated.
  11. I recently opened a Microsoft Word document i was sent my someone who i didn’t know very well. When i opened it my mind began racing as to why he would want me to open this... that’s when i got to googling and found out about “Malicious Macro’s”. That’s when i decided to have a look at my Task Manager, there i found a file called “Launch” in my Start-Up. I disabled it right away and then began finding more and more suspicious things running that i knew were not previously there. One was called “Coordinator.exe”. As i started digging more clicking on “Open-File-Location” i found a folder full of at least 100 python scripts... in my panic i deleted almost everything i suspected to be malicious... i found dozens of DAT files and text documents which are mostly appearing in Temp folders in Users>Local>Temp and Windows>Temp. The DAT files are all just named a random assortment of characters and the text documents are all called the name of my PC and then random numbers, these text documents are being dumped into Temp hour after hour and contain a sort of Log looking thing? However i don’t know what it is logging... I also found a file called “ZoomInfoContactContributor” blah blah blah.. I believe this to be a part of the malware as i have never used Zoom before. I did a google search and found that it could be malware, you can see it for yourself here: https://www.hybrid-analysis.com/sample/0ac026cc1f7a108f5fd908f7703d8af1d14735cff2556f230f902990321563b7?environmentId=120 although i could not really make sense of it. I have also done a MalwareBytes scan (with Rootkits box checked) and it found 0 Threats in an 8 hour scan... So what i want to know is... did i disrupt this malware in my tangent of deletion? or could it still be present somewhere undetected? Thanks in advance.
  12. i know my computer is infected because each time I enter chrome it has two new extensions with strange names like "sleepy science", "wild medicine", "unusual community" and such. I scanned with malwarebytes and adwcleaner but both said that there are no detections. What can I do to stop getting this extensions?
  13. Hi, I want to delete the malwarebytes trial version from my system. When i follow the normal method through control panel it doesnt get uninstalled, a dialogue box appears but then nothing happens. So i downloded mb check and I have attached the file below. What should i do now? mb-check-results.zip
  14. Good morning everyone, I'm new in this forum, I really hope you can help me. Yesterday I've find something strange in the behaviour of the PC: Windows Defender doesn't find any problem but when I open its history it crashes. I've find the name of the maleware before the last crash (Trojan:PowerShell/Mountsi.A!ml). Running MalwareBytes I've found some malewares so I eliminate them but the problem is still there! Thanks.
  15. I have been using KMSpico to keep my windows activated for a long time now, and i never got any issues, but tonight i realized that the windows was deactivated, so i went to use KMSpico again but it got insta deleted, even if the windows defender is not activated, so as i tryed to get to the quarantine mode or something, i realized that a lot of information did not appear to me, and when i tried to check de history of protection, windows defender just closes whitout opening anything
  16. Hi all, First time with this type of trouble and I've come across this forum via a Google search which I had started reading through this thread here: I will try to do my best here in understanding and communicating with the everyone and your knowledge. Thank you in advance for any help. I'll try and keep this simple and broken down into what I know. To start I am running Windows 10 on a Cyberpower PC that I purchased about 3 months ago. As briefly as I can be I use this PC strictly for iRacing and use only a limited number of applications that run along with it. I use Chrome as a web browser which is pretty much just familiarity and a preference. This whole adventure started when the command prompt opened on me in the middle of a race. I noticed in the task bar following this race that Internet Explorer and Chromium were there. Not thinking too much of it as this was the first time it happened I unpinned them and continued what I was doing. This happened again several hours later and I got to investigating this Chromium deal. I am now familiar with what it is and how it works and I also learned more about Electron and how it operates some of the apps I use such as Discord and Simracingapps. More familiar with how this all comes together I continued with trying to get these apps removed. Im almost positive I had uninstalled Chromium via the command prompt and a hidden folder in This PC>Windows(C:)>Users. I also took a second look at SAntivirus which is my fault for not noticing sooner and I found out all about that.. I followed instructions to remove SAntivirus by rebooting in "Safe Mode with Networking". The following step is to download and install Malwarebytes. As there seems to be no way to connect via WI-FI in this mode (which is currently all I am able to use) I downloaded on my Surface and tried to install but it still needs to download during this time so I could not do so. I went on to the next steps as they were 2 more removal softwares so I figured leaving one out would be just fine. These were HitmanPro and then Adwdefender. Following the instructions to reboot after the Adwdefender scan all I booted to was a black screen. I restarted using the power button on the tower out of frustration at this point with this already being a 4 hour headache. When I powered back on I navigated back to where I was given the options that included "Safe Mode with Networking" and others. Since I was familiar with that one during this process I chose it. Boot to black screen. Reset again and believe I chose the startup troubleshooting after finding it and chose some type of boot recovery. This is where i was starting to see red so I cant remember exactly and I dont want to really do much else on here using that route unless instructed to do so. But that sounds about right. This went through and finished and the pc booted and I am at my desktop and logged in. Now whatever it did to recover gave me a sigh of relief but now I have the apps that I originally started this process to try and remove(Chromium and SAntivirus)back again along with 2 or 3 others that I have decided not to use and had previously uninstalled. All I want is Chromium off of my computer for good. I'm sick of saying the word. I'm sick of looking at it. SAntivirus Realtime Protection Lite off my computer for good. I'm already planning on being more vigilant for these things as the SA snuck in thetr on me. Also using all three of these softwares in the future to help me do thst... if Malwarebytes doesn't hang up on installing that would be great too. Seems I'm at a point here where I can try this all again with some of your help. Thank you for your time, Ryan
  17. Hi, I am writing on behalf of a friend who asked me for help, but I don't know how to help him, in practice from today on his PC starts "sppsvc" and makes the cpu reach 30%, I suppose windows is cracked, but he the pc took it like this, so how could it be solved? Thank you
  18. is it a virus? print : https://i.imgur.com/jG1Q9tf.png Error Mensage : Acess to protected memory was blocked App or Windows process blocked : WinSat.exe Blocked by : controlled folders Can anyone help me?
  19. Hello, I made my first computer about 5 months ago, I activated the Windows with kmspico. For the first 2 weeks everything worked fine: Windows update, Windows defender etc. But then problems started to occur: I stopped getting the update, the Windows defender stopped working and the computer started acting strange, sometimes it would shut down or restart or lose the signal from gpu. I would just like to try to fix the windows update and the windows defender because I do not feel safe while using this computer. Even though I know reinstalling Windows will be the best option, I do not wont to lose all the data and files, first I want to try to fix it. I started looking at this post: https://forums.malwarebytes.com/topic/241381-kmspico-installed-problem-with-windows-10/ but i figured out the post was closed so i decided to open my topic. Thanks in advance.
  20. Hello, I had issues with my Malwarebytes updating. The error windows that pops up with, "An error has occurred." I uninstalled Malwarebytes and deleted the Malwarebytes folder under Programs. I downloaded and installed the mb.support tool and clicked "clean". After my my computer rebooted, I accepted the re-install for Malwarebytes. The install fails and the error windows that pops up with, "An error has occurred." and "Malwarebytes for Windows installation was aborted." I don't have a license, I use the free version for my pc. I have extracted and attached the logs. Please review the attached file and get back to me, thank you for your support. mbst-grab-results.zip
  21. An Unknown computer named TERRY-PC appeared on our Mbam device list. Neither my partner nor myself have given access to a third party. After searching the name it would appear to be in some way connected with Microsoft Win 10 admin operations. But how could it appear on my Mbam device list without being registered and obtaining access by password? Or are devices operating on the computer simply reflected in the Mbam device list? Unclear about that. Next question concerns security. Can a user on a shared Mbam account hack the online data of other users? Ty in advance.
  22. Please give us a dark theme in Windows. Mac has it why can't we have it. It doesn't make sense. When i launch Malwarebytes (4.0.4) it is really really bright and hurts my eyes. Please allow us to switch to dark mode (and please not for premium only). DARK THEME FOR MAC Example. Thanks.
  23. just downloaded this new version of malwarebytes for home use on windows on a HP laptop with windows 10 - on the new malwarebytes for windows the words are blocked out (see picture)
  24. Hello, It would be amazing if you could add a dark theme to malwarebytes 3 (Or 4 when it comes out). It is not necessary but would be very nice. I do sometimes monitor my scans and work with the app. It would be less blinding.
  25. Hello everyone, I am new here. I am using a HP pavilion DM4, with windows 7 home premium, and about 20 days ago (7/8/2019, I got a black screen with a cursor only after logging into my Admin Account, even on safemode. the day before this issue occurred (7/7/2019), I had turned off my AVG, while trying to run a malwarebytes scan, to do so, I changed its (AVGs) permissions to EVERYONE and I also set the AVG off, and restarted my computer, Lo and Behold, I couldn't get back on my ADMIN main user!, I am currently writing this on the same laptop, but on the account of a secondary user. I can only open a few Antivirus programs such as malwarebytes and AVG, however I cannot run Roguekiller or MSERT as they freeze. Ive done many test and NONE concluded malware, except a Malware bytes Anti Rootkit scan which detected 4 trojan files located in C:$\recyclebin (system recycle bin?). I've since removed them and I am currently attempting all my options. The crazy thing is, I actually fixed the problem, via system restore, and all was good! however I became stupid in thinking and decided to RE-RESTORE the system, because I was upset that my google chrome had updated!!!, and thus the problem had returned, and the old restore points have vanished since!. I would really love some help because I am sure something has taken over the admin privileges of the system, and is running SVCHOST.EXE and CONSENT.EXE upon start. Ive studied the strings and the threads and they run at 25% CPUs, jamming the system up. Ive also noticed something keeps closing antiviruses and services.exe when i try to open them. (I see all this via PROCESSEXPLORER from the second account with admin privileges). I cannot run SERVICES.EXE, but i can run regedit, msconfig, task manager, etc. Ive done SFC/scan as well as CHKDSK and it found some corrupt files and "fixed them", but the issue persist. Ive downloaded FRST, roguekiller, combofix, adwcleaner,. I have not run them, I am awaiting assistance (from you guys). please help me!!!! thank you in advance!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.