Jump to content

Adwcleaner detection back


Recommended Posts

Hello.

I scanned my laptop with adwcleaner. It detected something like "HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}". I moved it to quarantine, then deleted it. I'm attaching logs of adwcleaner logs.

After deleting this, I scanned my laptop with Kaspersky (full scan with extreme settings) and Malwarebytes Anti-Rootkit/Malware. None of these AV detected anything.

I'm also attaching FRST and MBAM logs.

AdwCleaner[S07].txt mbam.txt Addition.txt FRST.txt

Link to post
Share on other sites

  • Root Admin

Let me get the following logs, please @Kamil_PL

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

  • Root Admin

The last 6 AdwCleaner logs do not show a detection or removal, so all should be okay at this point.

You're running Kaspersky Security Cloud which is an good antivirus product. Check for updates and do a full system scan again (you already said you did one) with Kaspersky and you should be good.

There does not appear to be any issues listed as far as malware in the logs

 

 

Edited by AdvancedSetup
Updated information
  • Thanks 1
Link to post
Share on other sites

  • Root Admin

Let's go ahead and do some clean-up work and remove the tools and logs we've run.

Please download KpRm by kernel-panik and save it to your desktop.

  • right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please attach that file to your next reply. (not compulsory)

 

  1. Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
    https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/
  2. Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/
  3. Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download
  4. Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2
  5. Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ 
  6. Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security

Malwarebytes Browser Guard

uBlock Origin

 

Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/

Hopefully, we've been able to assist you with correcting your system issues.

Thank you for using Malwarebytes

 

Link to post
Share on other sites

Hello.

I asked here about "HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}". It was some time ago. I deleted it and scanned with Kaspersky and Malwarebytes Anti-Malware/Rootkit. None of these AV detected anything.

I scanned laptop few times again after this. Everyhting was fine. I did adwcleaner scan today and it detected "HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}" again.

I think it happened after installing Steam Music Maker, but I'm not sure. I uninstalled and installed it again. I don't know why but adwcleaner always detect this after uninstalling or installing this Steam Music Maker. I checked it few times.

I downloaded it from Steam. Also i didn't installed any suspicious programs. I have kaspersky security cloud free version and it also didn't detected anything. I'm attaching some logs to this.

AdwCleaner[S38].txt mbam.txt Addition.txt FRST.txt mbst-grab-results.zip

Link to post
Share on other sites

Ok, thanks.

I said this showed again after installing Steam Music Maker. I think it showed after steam installed some additional thinghs for this. Idk why but this is showing after uninstlling too. Any other AV didn't detected anything again.

Now I scanned laptop few times with adwcleaner and it didn't detected anything again, so it could be caused by Steam Music Maker.

So this is false positive or something like this. Thanks again for help.

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.