Jump to content

AntiMalware Service took over

Recommended Posts

 It looks like an anti-malware service that pretends to be like Malwarebytes took over my computer. Malwarebytes has not detected it. I've already deleted some of the files off the machine which looks like I've hurt the virus, but it's not dead yet. I see I've lost administrative access over it. See the screen shots for details, has anyone in the community already faced this bug? I'm looking for a procedure that somebody could recommend that could help me, or anyone else in the community after.







Link to post
Share on other sites

Hey Kevin,

I appreciate your quick response and your conclusion is fair based on what I provided. Let me start from the absolute beginning as I gave my hypothesis after many hours of troubleshooting. 

When I turn on my computer and leave it idle for only a few mins. A new browser will automatically open from www.antivirusapplove.com onto its download page. I can tell things are happening in the background before I unplug it from the network. If I leave the computer on the network, it will actually open more browser windows to this download page and I hear the system fans working hard, for no reasons, while its on the network. They stop when I unplug the ethernet cord. Any new backups I try to perform are also getting corrupted on the restore. I also noticed while on the web, my book marks are getting redirected to bad sites when I try to use the links in my fav bar for this computer. Bank websites and another secure platforms block my connection during login. These are all red flags to me that something is wrong.

Now I might be facing independent issues with my backups, and I'm happy to focus on that issue after I assure the system is not affected. I for sure know something's wrong, I just have not figured out exactly what. I'm trying to find the root cause and solution without performing a reformat and fresh install of Windows. See more screenshots of the site. Is there any diagnostic tools you would recommend or like me to run on my machine?



Link to post
Share on other sites

Hello JohnEliopoulos,

That url you post gets a clean bill of health from VirusTotal...


Run the following;

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...

  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.



Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.