HELP! Onboard virus!


RAMWolff

Member
VIP
Local time
11:29 PM
Posts
53
Location
RWC, CA USA
OS
Windows 11
Michael posted: This might help. https://support.microsoft.com/en-us/home/expcontact...
You can also use your Microsoft Account to sign-in and get support directly from Microsoft. They will help you get rid of the virus....


Me: Can't find anything with these scans so not sure what's going on. I've not had anything like this happen since Windows 98!

I'm typing in a text editor and copy and pasting as I can't even type into a reply box!

This thing just replicates things ALLOT and then freezes my system up so I have to do a cold boot down!

If I try to access my Start menu it freezes so I can't access the onboard virus app! This is crazy! Not how I wanted to spend my day!
 
Last edited:

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    CyberPower PC
    CPU
    RYZEN 7 5700G 3.8GHz
    Motherboard
    GIGABYTE B550 UD AC
    Memory
    ADATA 8GB DDR4-3200 XPG Z1 4
    Graphics Card(s)
    GIGABYTE GEFORCE RTX 3060 GAMING OC 12GB GDDR6 REV 2.1
    Sound Card
    HIGH DEFINITION ON-BOARD 7.1 AUDIO
    Monitor(s) Displays
    M1-Samsung Smart TV, M2- ViewSonic
    Screen Resolution
    M1-1920X1080 - M2-1920X1080
    Hard Drives
    1 Tb SSd (main Windows) 1 SSd external drives and two internal SATA HD's
    PSU
    APEVIA 800WATT GOLD 80 PLUS POWER SUPPLY
    Case
    In-Win G7 w/ USB 3.0, EZ Swap HDD Dock
    Cooling
    Liquid
    Keyboard
    Perixx PERIBOARD-331 Wired Backlit USB Keyboard
    Mouse
    Logitech MX Ergo Wireless Trackball Mouse
    Internet Speed
    WAVE, highest tier so FAST enough
    Browser
    Opera
    Antivirus
    MS

User1234

On the naughty step
Local time
7:29 AM
Posts
927
Hey, Id try and Run Rkill which should hopefully stop the malware at the time allowing you to run further scans.
I would then run AdwCleaner and then Malwarebytes as listed above by San Martino.
Let us know if this pulls anything up.
Edit: It may be worth booting into safe mode to do this.
If safe mode doesn't do the trick alone, Boot into it anyway and try the Command Line Version Of Rkill
 

My Computer

System One

  • Computer type
    PC/Desktop

RAMWolff

Member
VIP
Thread Starter
Local time
11:29 PM
Posts
53
Location
RWC, CA USA
OS
Windows 11
Little update. Seems that there is something strange going on with the Auto Play tool. It was causing all this. I've got 3 hours of the full scan to go, started it yesterday and it's now 8 in the AM here but it's going to finish as I hope that it will find any other strange things and fix or delete them.

In the mean time I disabled Auto Play completely and all the replication stuff and bogging down my system with all the extra being held in memory, eating it like french fries is all gone. Didn't know that Auto Play could go rouge like that. Very strange.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    CyberPower PC
    CPU
    RYZEN 7 5700G 3.8GHz
    Motherboard
    GIGABYTE B550 UD AC
    Memory
    ADATA 8GB DDR4-3200 XPG Z1 4
    Graphics Card(s)
    GIGABYTE GEFORCE RTX 3060 GAMING OC 12GB GDDR6 REV 2.1
    Sound Card
    HIGH DEFINITION ON-BOARD 7.1 AUDIO
    Monitor(s) Displays
    M1-Samsung Smart TV, M2- ViewSonic
    Screen Resolution
    M1-1920X1080 - M2-1920X1080
    Hard Drives
    1 Tb SSd (main Windows) 1 SSd external drives and two internal SATA HD's
    PSU
    APEVIA 800WATT GOLD 80 PLUS POWER SUPPLY
    Case
    In-Win G7 w/ USB 3.0, EZ Swap HDD Dock
    Cooling
    Liquid
    Keyboard
    Perixx PERIBOARD-331 Wired Backlit USB Keyboard
    Mouse
    Logitech MX Ergo Wireless Trackball Mouse
    Internet Speed
    WAVE, highest tier so FAST enough
    Browser
    Opera
    Antivirus
    MS

RAMWolff

Member
VIP
Thread Starter
Local time
11:29 PM
Posts
53
Location
RWC, CA USA
OS
Windows 11
And thanks for the help folks. I've downloaded the two suggested apps from Bleeping Computer so I'll get those installed and see if these two finds other stuff that needs to go. I do have Malwarebytes installed and it's scan didn't turn up anything so again I think the Auto Run tool went rogue!
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    CyberPower PC
    CPU
    RYZEN 7 5700G 3.8GHz
    Motherboard
    GIGABYTE B550 UD AC
    Memory
    ADATA 8GB DDR4-3200 XPG Z1 4
    Graphics Card(s)
    GIGABYTE GEFORCE RTX 3060 GAMING OC 12GB GDDR6 REV 2.1
    Sound Card
    HIGH DEFINITION ON-BOARD 7.1 AUDIO
    Monitor(s) Displays
    M1-Samsung Smart TV, M2- ViewSonic
    Screen Resolution
    M1-1920X1080 - M2-1920X1080
    Hard Drives
    1 Tb SSd (main Windows) 1 SSd external drives and two internal SATA HD's
    PSU
    APEVIA 800WATT GOLD 80 PLUS POWER SUPPLY
    Case
    In-Win G7 w/ USB 3.0, EZ Swap HDD Dock
    Cooling
    Liquid
    Keyboard
    Perixx PERIBOARD-331 Wired Backlit USB Keyboard
    Mouse
    Logitech MX Ergo Wireless Trackball Mouse
    Internet Speed
    WAVE, highest tier so FAST enough
    Browser
    Opera
    Antivirus
    MS

The-Hive

The First Three Star Guru
Guru
VIP
Local time
7:29 AM
Posts
10,210
Location
Wiltshire UK
OS
Windows 11 Pro
Have you got an image you can go back to from before it happened
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen Core i9 10900K
    Memory
    32GB
    Graphics Card(s)
    Geforce RTX 2080 Super
    Sound Card
    Nvidia HD
    Screen Resolution
    1920x1080
    Hard Drives
    C: Samsung 2TB P981A
    D: Samsung 2TB 970 Evo
    Case
    Dark side of the moon
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer AX1650i Wi-Fi Network Adaptor
    Alienware Z01G Graphic Amplifier
    Tobii Eye Tracker
  • Operating System
    Dual Boot Windows 11 Pro / Windows 11 Pro Dev build
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 3501
    CPU
    11th Gen i-7 2.80 gb
    Memory
    16Gb
    Screen Resolution
    1920 x 1080
    Hard Drives
    512Gb SSD
    WD 2GB EXT
    Browser
    Chrome
    Antivirus
    Norton

RAMWolff

Member
VIP
Thread Starter
Local time
11:29 PM
Posts
53
Location
RWC, CA USA
OS
Windows 11
No, new system like less than a month old. Seems better now with the Auto Run tool disabled. Maybe MS knows about it and will fix it in an update.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    CyberPower PC
    CPU
    RYZEN 7 5700G 3.8GHz
    Motherboard
    GIGABYTE B550 UD AC
    Memory
    ADATA 8GB DDR4-3200 XPG Z1 4
    Graphics Card(s)
    GIGABYTE GEFORCE RTX 3060 GAMING OC 12GB GDDR6 REV 2.1
    Sound Card
    HIGH DEFINITION ON-BOARD 7.1 AUDIO
    Monitor(s) Displays
    M1-Samsung Smart TV, M2- ViewSonic
    Screen Resolution
    M1-1920X1080 - M2-1920X1080
    Hard Drives
    1 Tb SSd (main Windows) 1 SSd external drives and two internal SATA HD's
    PSU
    APEVIA 800WATT GOLD 80 PLUS POWER SUPPLY
    Case
    In-Win G7 w/ USB 3.0, EZ Swap HDD Dock
    Cooling
    Liquid
    Keyboard
    Perixx PERIBOARD-331 Wired Backlit USB Keyboard
    Mouse
    Logitech MX Ergo Wireless Trackball Mouse
    Internet Speed
    WAVE, highest tier so FAST enough
    Browser
    Opera
    Antivirus
    MS

The-Hive

The First Three Star Guru
Guru
VIP
Local time
7:29 AM
Posts
10,210
Location
Wiltshire UK
OS
Windows 11 Pro
A lot of people are using the tool and I haven't heard of any problems, could be your machine
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen Core i9 10900K
    Memory
    32GB
    Graphics Card(s)
    Geforce RTX 2080 Super
    Sound Card
    Nvidia HD
    Screen Resolution
    1920x1080
    Hard Drives
    C: Samsung 2TB P981A
    D: Samsung 2TB 970 Evo
    Case
    Dark side of the moon
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer AX1650i Wi-Fi Network Adaptor
    Alienware Z01G Graphic Amplifier
    Tobii Eye Tracker
  • Operating System
    Dual Boot Windows 11 Pro / Windows 11 Pro Dev build
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 3501
    CPU
    11th Gen i-7 2.80 gb
    Memory
    16Gb
    Screen Resolution
    1920 x 1080
    Hard Drives
    512Gb SSD
    WD 2GB EXT
    Browser
    Chrome
    Antivirus
    Norton

RAMWolff

Member
VIP
Thread Starter
Local time
11:29 PM
Posts
53
Location
RWC, CA USA
OS
Windows 11
Might be. Can't be sure yet. I don't tend to use Auto Play for most things except when I'm ripping CD's so not sure how it was enabled in the first place.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    CyberPower PC
    CPU
    RYZEN 7 5700G 3.8GHz
    Motherboard
    GIGABYTE B550 UD AC
    Memory
    ADATA 8GB DDR4-3200 XPG Z1 4
    Graphics Card(s)
    GIGABYTE GEFORCE RTX 3060 GAMING OC 12GB GDDR6 REV 2.1
    Sound Card
    HIGH DEFINITION ON-BOARD 7.1 AUDIO
    Monitor(s) Displays
    M1-Samsung Smart TV, M2- ViewSonic
    Screen Resolution
    M1-1920X1080 - M2-1920X1080
    Hard Drives
    1 Tb SSd (main Windows) 1 SSd external drives and two internal SATA HD's
    PSU
    APEVIA 800WATT GOLD 80 PLUS POWER SUPPLY
    Case
    In-Win G7 w/ USB 3.0, EZ Swap HDD Dock
    Cooling
    Liquid
    Keyboard
    Perixx PERIBOARD-331 Wired Backlit USB Keyboard
    Mouse
    Logitech MX Ergo Wireless Trackball Mouse
    Internet Speed
    WAVE, highest tier so FAST enough
    Browser
    Opera
    Antivirus
    MS

The-Hive

The First Three Star Guru
Guru
VIP
Local time
7:29 AM
Posts
10,210
Location
Wiltshire UK
OS
Windows 11 Pro
Thats the problem with PC's they all behave differently, just a small change on one or a different bit of kit inside can make the world of difference
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen Core i9 10900K
    Memory
    32GB
    Graphics Card(s)
    Geforce RTX 2080 Super
    Sound Card
    Nvidia HD
    Screen Resolution
    1920x1080
    Hard Drives
    C: Samsung 2TB P981A
    D: Samsung 2TB 970 Evo
    Case
    Dark side of the moon
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer AX1650i Wi-Fi Network Adaptor
    Alienware Z01G Graphic Amplifier
    Tobii Eye Tracker
  • Operating System
    Dual Boot Windows 11 Pro / Windows 11 Pro Dev build
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 3501
    CPU
    11th Gen i-7 2.80 gb
    Memory
    16Gb
    Screen Resolution
    1920 x 1080
    Hard Drives
    512Gb SSD
    WD 2GB EXT
    Browser
    Chrome
    Antivirus
    Norton

glasskuter

Well-known member
Pro User
VIP
Local time
1:29 AM
Posts
2,223
Location
The Lone Star State of Texas
OS
Windows 11 Pro 21H2 22000.832
The following method has been my tried and true way of removing malware for years.
Download the following tools to a folder on your desktop and have them available before you start.

In safe mode with networking

Step 1. Run tdsskiller Download Free TDSSKiller - Rootkit Removal | Kaspersky Lab US (if asked to restart do so back into safe mode)

Step 2. Run rkill.exe Download RKill (bleepingcomputer.com) When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that RKill is an infection, do not be concerned. This message is just a fake warning given by Malware Protection when it terminates programs that may potentially remove it. If you run into these infections warnings that close RKill, a trick is to leave the warning on the screen and then run RKill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that RKill can terminate Malware Protection . So, please try running RKill until the malware is no longer running. You will then be able to proceed with the rest of the guide. Do not reboot your computer after running RKill as the malware programs will start again.
(Note-eXplore.exe (download link on same page at the bottom- is just a renamed version of rkill. Depending on your infection, sometimes rkill won't run so it is necessary to run the alternate eXplore.exe as a workaround)

Step 4. Run trial version HitmanPro_x64.exe Download HitmanPro: Scan and Remove Malware

Step 5. Run free version Roguekiller.exe RogueKiller Anti Malware | Free Virus Cleaner Download • Adlice Software

Step 6. Run Adwcleaner.exe AdwCleaner - Free Adware Cleaner & Removal Tool

Step 7. Run Malwarebytes https://www.malwarebytes.com/solutions/free-antivirus
(scroll all way to bottom and click on free download link)

You should then be able to boot back into normal mode and be malware free.
Hope this helps.
 
Last edited:

My Computers

System One System Two

  • OS
    Windows 11 Pro 21H2 22000.832
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 7080
    CPU
    i9-10900 10 core 20 threads
    Motherboard
    DELL 0J37VM
    Memory
    32 gb
    Graphics Card(s)
    none-Intel UHD Graphics 630
    Sound Card
    Integrated Realtek
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 m.2 2230-256+1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell Premium
    Keyboard
    Logitech wired
    Mouse
    Logitech wireless
    Internet Speed
    so slow I'm too embarrassed to tell
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
  • Operating System
    Windows 10 Pro 21H2
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 9020
    CPU
    i7-4770
    Memory
    24 gb
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 gb Toshiba BG4 M.2 NVE SSB and 1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell factory
    Mouse
    Logitech wireless
    Keyboard
    Logitech wired
    Internet Speed
    still not telling
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium

AdvancedSetup

Malwarebytes Staff
Member
VIP
Local time
11:29 PM
Posts
112
Location
USA
OS
Windows 10
I don't want to step on any toes as I don't know the rules here on this forum about doing malware removal, etc. As long as it's not against any rules then post the logs from the Farbar program. FRST.txt and Addition.txt and I will review them for possible issues.

Again, if this is against the rules though please let me know someone. Thanks
 

My Computer

System One

  • OS
    Windows 10
    Computer type
    PC/Desktop
    Manufacturer/Model
    MSI Custom build
    CPU
    Intel i9-9900K
    Motherboard
    MSI MPG Z390 Gaming Edge AC
    Memory
    64GB
    Graphics Card(s)
    EVGA GeForce GTX 1070 TI
    Internet Speed
    1 Gbps
    Browser
    Firefox
    Antivirus
    Malwarebytes

cereberus

Well-known member
Pro User
VIP
Local time
7:29 AM
Posts
2,241
OS
Windows 10 Pro + others in VHDs
No, new system like less than a month old. Seems better now with the Auto Run tool disabled. Maybe MS knows about it and will fix it in an update.
Frankly if that new, I would just clean install from scratch if you suspect you have a virus.
 

My Computer

System One

  • OS
    Windows 10 Pro + others in VHDs
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Vivobook 14
    CPU
    I7
    Motherboard
    Yep, Laptop has one.
    Memory
    16 GB
    Graphics Card(s)
    Integrated Intel Iris XE
    Sound Card
    Realtek built in
    Monitor(s) Displays
    N/A
    Screen Resolution
    1920x1080
    Hard Drives
    1 TB Optane NVME SSD, 1 TB NVME SSD
    PSU
    Yep, got one
    Case
    Yep, got one
    Cooling
    Stella Artois
    Keyboard
    Built in
    Mouse
    Bluetooth , wired
    Internet Speed
    72 Mb/s :-(
    Browser
    Edge mostly
    Antivirus
    Defender
    Other Info
    TPM 2.0

glasskuter

Well-known member
Pro User
VIP
Local time
1:29 AM
Posts
2,223
Location
The Lone Star State of Texas
OS
Windows 11 Pro 21H2 22000.832

My Computers

System One System Two

  • OS
    Windows 11 Pro 21H2 22000.832
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 7080
    CPU
    i9-10900 10 core 20 threads
    Motherboard
    DELL 0J37VM
    Memory
    32 gb
    Graphics Card(s)
    none-Intel UHD Graphics 630
    Sound Card
    Integrated Realtek
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 m.2 2230-256+1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell Premium
    Keyboard
    Logitech wired
    Mouse
    Logitech wireless
    Internet Speed
    so slow I'm too embarrassed to tell
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
  • Operating System
    Windows 10 Pro 21H2
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 9020
    CPU
    i7-4770
    Memory
    24 gb
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 gb Toshiba BG4 M.2 NVE SSB and 1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell factory
    Mouse
    Logitech wireless
    Keyboard
    Logitech wired
    Internet Speed
    still not telling
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
Top Bottom