Possibly Open Software Updater malware

Status
Not open for further replies.
G

gybots

New Member
Thread author
Dec 13, 2019
2
I downloaded the wrong files accidentally while trying to download minecraft resource packs. I think I have an open software updater malware but I am not 100% sure. I do not know what to do and it doesn't help that I have a project due. Let me know if there are more things I need to upload.
 

Attachments

  • Addition.txt
    71.9 KB · Views: 2
  • FRST.txt
    266.4 KB · Views: 2
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists and Chrome is Synced with other Devices check this out.

forums.malwarebytes.com

Chrome Secure Preferences detection always comes back

When Malwarebytes finds some malicious (mostly adware or PUP) settings/startpages/searchengines in your Chrome, it will address this. (Note, Malwarebytes doesnt really delete the Chrome Secure Preferences file when a detection occurs) However, some of you may notice it will always come back after...
forums.malwarebytes.com forums.malwarebytes.com

Execute the suggested fix.

Restart the computer normally.
===========

The popups may be generated by a PUSH Notification.
Check it out for the compromised browser.
blog.malwarebytes.com

Browser push notifications: a feature asking to be abused | Malwarebytes Labs

“I’m seeing a lot of ads popping up in the corner of my screen, and the Malwarebytes scan does not show...
blog.malwarebytes.com blog.malwarebytes.com
---

If the problem persists run this tool.
--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller[/*]
  • Quit all programs that you may have started.[/*]
  • Please disconnect any USB or external drives from the computer before you run this scan![/*]
  • For Vista or above, right-click the program file and select "Run as Administrator"[/*]
  • Accept the user agreements.[/*]
  • Execute the scan and wait until it has finished.[/*]
  • If a Windows opens to explain what [PUM's] are, read about it.[/*]
  • Click the RoguKiller icon on your taksbar to return to the report.[/*]
  • Click open the Report[/*]
  • Click Export TXT button[/*]
  • Save the file as ReportRogue.txt[/*]
  • Click the Remove button to delete the items in RED[/*]
  • Click Finish and close the program.[/*]
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.[/*]
=======

Please post the logs and let me know if your problem is solved.
 

Attachments

  • fixlist.txt
    4.4 KB · Views: 1
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hi Icotonev I was there just one minute ago.
There are tww other open topics. They are yours.
 
  • Like
Reactions: icotonev
G

gybots

New Member
Thread author
Dec 13, 2019
2
nasdaq said:
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists and Chrome is Synced with other Devices check this out.

forums.malwarebytes.com

Chrome Secure Preferences detection always comes back

When Malwarebytes finds some malicious (mostly adware or PUP) settings/startpages/searchengines in your Chrome, it will address this. (Note, Malwarebytes doesnt really delete the Chrome Secure Preferences file when a detection occurs) However, some of you may notice it will always come back after...
forums.malwarebytes.com forums.malwarebytes.com

Execute the suggested fix.

Restart the computer normally.
===========

The popups may be generated by a PUSH Notification.
Check it out for the compromised browser.
blog.malwarebytes.com

Browser push notifications: a feature asking to be abused | Malwarebytes Labs

“I’m seeing a lot of ads popping up in the corner of my screen, and the Malwarebytes scan does not show...
blog.malwarebytes.com blog.malwarebytes.com
---

If the problem persists run this tool.
--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller[/*]
  • Quit all programs that you may have started.[/*]
  • Please disconnect any USB or external drives from the computer before you run this scan![/*]
  • For Vista or above, right-click the program file and select "Run as Administrator"[/*]
  • Accept the user agreements.[/*]
  • Execute the scan and wait until it has finished.[/*]
  • If a Windows opens to explain what [PUM's] are, read about it.[/*]
  • Click the RoguKiller icon on your taksbar to return to the report.[/*]
  • Click open the Report[/*]
  • Click Export TXT button[/*]
  • Save the file as ReportRogue.txt[/*]
  • Click the Remove button to delete the items in RED[/*]
  • Click Finish and close the program.[/*]
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.[/*]
=======

Please post the logs and let me know if your problem is solved.
Click to expand...
Hi, actually roguekiller could not find anything when I used it. I was not able to get rid of whatever was on my computer but I did find out that one was the winyahoopup that was infecting my browser. Normally I wouldve waited and gone through more steps, but I just did not have time and I just did a factory reset and it is all good now, I always have backups so it's okay. Thank you for responding to me and trying to help me :)
 
  • Like
Reactions: upnorth
Status
Not open for further replies.

Similar threads

Xeno1234
  • Locked
Was infected, want to reverse damage caused.
Replies
1
Views
549
Windows Malware Removal Help & Support
nasdaq
nasdaq
rashmi
Serious Discussion RustDesk or HopToDesk Remote Control Software
Replies
10
Views
430
VM and Remote Access
rashmi
rashmi
nicolaasjan
    • Like
    • Wow
    • Sad
Malware News GitHub Notification Emails Hijacked to Send Malware
Replies
0
Views
1,557
Security News
nicolaasjan
nicolaasjan

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top