Jump to content

Lutzi54

Members
  • Content Count

    9
  • Joined

  • Last visited

About Lutzi54

  • Rank
    New Member
  1. To bring this to an end... All done - ok... But perhaps it is an idea to add a warning, that these procedures will trigger a shutdown immediately without warning or possibility to stop, so there is a danger to lost data from not saved progam-windows (like me...). Will send little tip - sorry: i'm pensioner with ill wife and long studying son... Best wishes (also for Brexit...)!
  2. Sorry for the waiting time. I tried to understand what the fix does exactly with my system ... mostly in vain... Here the requested two new logs. I hope, my system is now free of malware. I'm using Bitdefender and i wonder why this not find this. btw: Originally the problem was, that Firefox couldt not open some sides and start some downloads. I posted this in Firefox-Forum and they said to search for malware. So i tried Malwarebytes and come here... Now, after cleaning, i tried again. Nothing has changed: firefox blocked sides and downloads. In the meantime i found cause and solution: SSL-Scanning by Bitdefender... respectavely wrong zertifikates... Good, i cleaned windows from malware, of which i did not know... I think it is over now and i say Thank You. Fixlog.txt mrt.log
  3. Sorry, perhaps i've choosen wrong words - english is not my practiced language... I mean: Why to do further things with FRST and MS Removle Tool, if Malwarebytes does not find more entries? I thought Malwarebytes has solved problem. And this is Malwarebytes-forum - not FRST or MS. And what does FRST-Fix do?
  4. Sorry for engage you so much - but what is this expanse good for: Malwarebytes has not found any entries after cleaning...
  5. I've done so. Malwarebytes does not more find anything. FRST see attachments. Addition.txt FRST.txt
  6. AdwareCleaner does not report wow6432node\updater...
  7. Sorry: My comment slips... This is log from Malwareytes - pleas check before i start cleaning with the both other programs. Question is: Is wow...\updater malware or not?
  8. Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 16.01.19 Scan-Zeit: 14:03 Protokolldatei: 2c3a5150-198f-11e9-b7c3-00ffb381e24c.json -Softwaredaten- Version: 3.6.1.2711 Komponentenversion: 1.0.0 Version des Aktualisierungspakets: 1.0.8814 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: LK-PC\LK -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 263407 Erkannte Bedrohungen: 8 In die Quarantäne verschobene Bedrohungen: 8 Abgelaufene Zeit: 1 Min., 37 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) This is log from Malwareytes - pleas check before i start cleaning with the both other programs. Question is: Is wow...\updater malware or not? Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Updater, Löschen bei Neustart, [407], [541219],1.0.8814 Adware.KeenValue, HKLM\SOFTWARE\WOW6432NODE\Updater, Löschen bei Neustart, [7175], [212959],1.0.8814 Registrierungswert: 1 PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Updater, Löschen bei Neustart, [407], [541219],1.0.8814 Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 1 PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER, Löschen bei Neustart, [407], [541219],1.0.8814 Datei: 4 PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER\CHECK-UPDATE.EXE, Löschen bei Neustart, [407], [541219],1.0.8814 PUP.Optional.StartFenster, C:\ProgramData\Updater\setup.ico, Löschen bei Neustart, [407], [541219],1.0.8814 PUP.Optional.StartFenster, C:\ProgramData\Updater\uninstall.exe, Löschen bei Neustart, [407], [541219],1.0.8814 PUP.Optional.SlimCleanerPlus, C:\WINDOWS\INSTALLER\1214F6.MSI, Löschen bei Neustart, [1484], [472306],1.0.8814 Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end)
  9. Malwarebytes identifies HKLM\Software\wow6432node\updater as Malware. I thougt, this is an windows-subsystem, which is necessary to start 33bit-programs in 64bit-windows??? Whats right?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.