Jump to content

File I know has to be a virus not getting detected


Go to solution Solved by AdvancedSetup,

Recommended Posts

There is a file called "Tone" in my file explorer in c/users/tiki8672/appdata/roaming. I know it is a virus because ever since I installed a shady file from a shady website yesterday, a grey heart symbol has appeared in my background apps. A picture of it is here 

https://gyazo.com/2861f76426020f9a00d75b06e2c96ba0

 

Another piece of evidence it must be a virus is that I got a windows security alert about it today 

https://gyazo.com/2861f76426020f9a00d75b06e2c96ba0

 

And the last piece of evidence, I don't have a screenshot for this, but when I was using malwarebytes, it randomly blocked websites that had "Tone" in their name because it detected a trojan, which likely means that this tone virus was attempting to give me a popup. Yet when I do scans it doesn't detect any viruses, and when I scan the tone file itself, it detects nothing. Windows defender also detected nothing. What should I do to remove this virus?

image.png

image.png

Edited by AdvancedSetup
Disabled live hyperlink
Link to post
Share on other sites

Also, I'm not sure this post should have been moved to false positives. Tone is known by multiple websites such as 

https://malwaretips.com/blogs/remove-tone-adware/ and https://www.pcrisk.com/removal-guides/22894-tone-adware

 to be a virus

Edited by AdvancedSetup
Disabled live hyperlink
Link to post
Share on other sites

8 minutes ago, tiki8672 said:

Also, I'm not sure this post should have been moved to false positives.

I moved it temporarily to see if your version of Tone is bad. Trying to ease the work in the malware removal section.

Also I wanted it so it can be added to detection's if needed so Malwarebytes could remove it.

15 minutes ago, tiki8672 said:

Here it is, but since the file limit was a bit exceeded by it, one file was skipped.

All I was looking for is the Tone file you stated was  in c/users/tiki8672/appdata/roaming. Not the whole folder. You must zip it to attach here.

Edited by Porthos
Link to post
Share on other sites

@tiki8672

Frankly -- If it is too large to upload, it is NOT a "virus".

Computer viruses are malicious that self replicate.  That is a computer virus is able to spread autonomously and without assistance.

A file infecting virus will prepend, append or cavity inject malicious code into a legitimate file.  Once infected, that infected file can further the infection by infecting other legitimate files.
Computers worms are a sub-type of virus that uses uses computer constructs or Internet Protocols to spread such as using removable media and email.

Please note that you posted in;  False Positives  ---> File Detections

This sub-forum is for situations here Malwarebytes already detects a file that one may think is safe and not malicious or a PUP.  Ergo; a False Positive.

Additionally, this forum allow one to directly insert graphics so no third party site like gyazo.com is needed.

 

Edited by David H. Lipman
Edited for content, clarity, spelling and/or grammar
Link to post
Share on other sites

@Porthos The tone file in  c/users/tiki8672/appdata/roaming is the whole folder and I did zip it but it still was too big to attach. 

@David H. Lipman I personally think using gyazo is easier for me. Also, tone installed without me knowing and doesn't let me delete it or close it from the background, so regardless of the term you want to use, the file is at least malicious.

Edited by AdvancedSetup
Corrected font issue
Link to post
Share on other sites

Not sure why I didn't do this before, but the reason it wasn't letting me delete tone was because it was running in the background. So I went into task manager, ended all tasks of tone and managed to delete all of tone manually. Does me manually deleting it mean it's  gone for good or could there still be remnants of it on my device?

Link to post
Share on other sites

17 minutes ago, tiki8672 said:

Does me manually deleting it mean it's  gone for good or could there still be remnants of it on my device?

I was hoping it was in programs and features so you would have a chance of uninstalling it instead of deleting it manually.

  Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

After you post the logs I will move the post back to malware removal for an additional check of the machine.🙂

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.