Change
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Change
-
-
Attached the Logfiles.
Please note, that i replaced all Profile-Names with "XXXXXX" cause of privacy.
Thank you very much for your help
Addition.txt AdwCleaner[C04].txt AdwCleaner[S04].txt FRST.txt MWB Scan Log 25.03.2020.txt
-
Ok, i will do that.
btw. its not justv that game, there are several programs which i cant start
-
Just to go sure, i have to redo all the steps?
Like i wrote in first post i already did this steps.
So you want me to repeat it?
-
EDIT: Java is uninstalled and System Restore Point is activated
-
Thank you very much.
Fixlog.txt is attached.
After doing this steps i have problems with starting a game from steam. You think it could caused by the changes?
Many greets
-
Hello,
in the last days i noticed sometimes a command-window opened up and closes immediately.
I was not able to see the content and since now i was not able to reproduce.Because of that i ran MWB and it found a WOW6432Updater.
By searching for that i found the post of a user with the same problem.
https://forums.malwarebytes.com/topic/241531-wow6432node-updater/
I did the workaround from kevinf80's first answer and hope anybody can help me now, that im safe for now.
I hope its not a problem, that my programs run on german.
MWB ScanSpoilerMalwarebytes
www.malwarebytes.com-Protokolldetails-
Scan-Datum: 23.03.20
Scan-Zeit: 01:42
Protokolldatei: 3675e47c-6c9f-11ea-81ff-fcaa1431cd6f.json-Softwaredaten-
Version: 4.1.0.56
Komponentenversion: 1.0.854
Version des Aktualisierungspakets: 1.0.21204
Lizenz: Testversion-Systemdaten-
Betriebssystem: Windows 10 (Build 18362.720)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-L2UNOPE\Jonas-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 312872
Erkannte Bedrohungen: 6
In die Quarantäne verschobene Bedrohungen: 6
Abgelaufene Zeit: 1 Min., 49 Sek.-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)Modul: 0
(keine bösartigen Elemente erkannt)Registrierungsschlüssel: 2
Adware.KeenValue, HKLM\SOFTWARE\WOW6432NODE\Updater, Löschen bei Neustart, 6965, 212959, 1.0.21204, , ame,
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Updater, Löschen bei Neustart, 481, 541219, , , ,Registrierungswert: 0
(keine bösartigen Elemente erkannt)Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)Daten-Stream: 0
(keine bösartigen Elemente erkannt)Ordner: 1
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER, Löschen bei Neustart, 481, 541219, 1.0.21204, , ame,Datei: 3
PUP.Optional.StartFenster, C:\PROGRAMDATA\UPDATER\CHECK-UPDATE.EXE, Löschen bei Neustart, 481, 541219, 1.0.21204, , ame,
PUP.Optional.StartFenster, C:\ProgramData\Updater\setup.ico, Löschen bei Neustart, 481, 541219, , , ,
PUP.Optional.StartFenster, C:\ProgramData\Updater\uninstall.exe, Löschen bei Neustart, 481, 541219, , , ,Physischer Sektor: 0
(keine bösartigen Elemente erkannt)WMI: 0
(keine bösartigen Elemente erkannt)
(end)AdwCleaner Scan
Spoiler# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-23-2020
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0
***** [ Services ] *****No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************[+] Delete Tracing Keys
[+] Reset Winsock*************************
AdwCleaner[S02].txt - [1588 octets] - [23/03/2020 01:51:02]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Thank you very much in advance!
Found Maleware? WOW6432Updater
in Resolved Malware Removal Logs
Posted
So in the last fixlist there was no Profile-Name needed.
If its needed now i can replace it after downloading.
So i ran KVRT, it only fount a file in the Quarantine-Folder of Adware.