GoogleUpdateTaskMachineUAC detected as Virus

[MarcyUnchained]

At around 1:40 my kaspersky detected deleted some files (I was in the middle of the game), the things it detected were

 

C:\Users\heise\AppData\Roaming\d_temp\service.exe

C:\Users\heise\AppData\Roaming\Valve Software\service.tdi

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUAC (Apparently a Chrome service whose real name is GoogleUpdateTaskMachineUA, I don’t have Chrome installed)

It also deleted some Registry Entries belonging to simply game.exe (not belonging to the game I played)

I am at a loss where it could come from or if it was just a false positive, help would be appreciated.

 

EDIT: Kaspersky found another file, a xmrig-cuda.dll, apparently belonging to a crypto miner?

[Flood and Flood's wife]

Hello @MarcyUnchained,

Welcome!

1. Are the detected objects in Quarantine? 
2. Which supported browsers are installed and used: Firefox, IE, Edge Chromium? 
3.  Run the KAV Report, open KAV, select More tools, select Reports, select Detailed Reports, select All events, select 24hrs, select Export, save the report as a text file, attach📎 to your reply please? 

Post back please?

Thank you🙏

Flood🐳

[MarcyUnchained]

1. They were in Quarantine, Service.exe and Service.tdi that was, but I deleted them, don’t know if that was a mistake.
2. Only Firefox and Edge are installed. Edge only because of the new windows update
3.  Reports are attached

Thanks for the quick reply! I’m getting really worried now. Running Malwarebytes at the moment.

[Flood and Flood's wife]

Hello @MarcyUnchained,

You’re most welcome☺ !

Thank you for the report👌

• We’re looking at the report, itmt & regarding “ I’m getting really worried now”, please try not to: Kaspersky detected & quarantined the objects. 

1. Post the Malwarebytes report before taking any recommended actions please? 
2. Download CCleaner, run the Registry Scan, not the Fix, post the CCleaner Registry Scan report please?

Thank you🙏

Flood🐳

[MarcyUnchained]

1. Report is attached and I haven’t taken any action
2. Registry Scan Report attached, and here aswell, I haven’t fixed as you said.

[Flood and Flood's wife]

Hello @MarcyUnchained,

Thank you👌 !

Run the CCleaner Registry Fix, including backing up the Registry option, then re-scan, post the scan report please? 

Thank you🙏

Flood🐳

[MarcyUnchained]

done, and done, sadly I misclicked and didn’t backup the registry.

[Flood and Flood's wife]

Hello @MarcyUnchained,

Thank you👌 !

Run the CCleaner Registry Fix again, including backing up the Registry option, then re-scan, post the scan report please? 

Thank you🙏

Flood🐳

[MarcyUnchained]

done

[Flood and Flood's wife]

Hello @MarcyUnchained,

Thank you👌 !

• Again, run the CCleaner Registry Fix, including backing up the Registry option, then re-scan, post the scan report please? 

Thank you🙏

Flood🐳

[MarcyUnchained]

can’t save a report because there was nothing found

[Berny]

1. They were in Quarantine, Service.exe and Service.tdi that was, but I deleted them, don’t know if that was a mistake
    

Also,  please  run another Kaspersky scan with following option : https://help.kaspersky.com/KAV/2019/de-de/68189.htm

“Erkennung von anderen Programmen, mit denen ein Angreifer den Computer oder die Benutzerdaten beschädigen kann“

[Flood and Flood's wife]

Hello @MarcyUnchained,

Thank you👌

• Please run a GSI & Windows Logs & post back?

Thank you🙏

Flood🐳

[MarcyUnchained]

@Berny Will do.

[MarcyUnchained]

@FLOOD Here’s the report that came out of GSI

[MarcyUnchained]

@Berny The scan came back clean. I used the setting you mentioned.