1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PUPs

Discussion in 'Malware Removal' started by peterr, Sep 17, 2013.

  1. peterr

    peterr MajorGeek

    I have Win 8 Pro -firewall enabled, Spyware Blaster, Defender, MBAM and a Gateway.
    Lately MBAM has found 15 PUPs which are quarantined and removed. When I use the machine and scan with MBAM if finds 15 PUPs.
    I can get Norton free as a Comcast user .
    What advice would you give me?
    Thank you
     
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Does it always find these PUPs even after removal?
    If so you need to attach the log showing me exactly what it is hitting on please.
     
  3. peterr

    peterr MajorGeek

    Hi Kestrell3
    Below is the log file I will send another day's one also in a moment.
    Peter

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.09.17.05

    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16688
    Peter :: DESKTOP [administrator]

    9/17/2013 10:09:38 AM
    mbam-log-2013-09-17 (10-09-38).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 242481
    Time elapsed: 2 minute(s), 27 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
    HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 6
    C:\Users\Peter\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\FF (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\IE (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.

    Files Detected: 7
    C:\Users\Peter\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\CR\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\FF\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\IE\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\Shared\BabyTBConf.ini (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\Peter\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.

    (end)
     
  4. peterr

    peterr MajorGeek

    >>Here is the previous day;

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.09.16.06

    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16688
    Peter :: DESKTOP [administrator]

    9/16/2013 3:11:21 PM
    mbam-log-2013-09-16 (15-11-21).txt

    Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 387720
    Time elapsed: 33 minute(s), 27 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> No action taken.
    HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 6
    C:\Users\Peter\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\FF (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\IE (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> No action taken.

    Files Detected: 7
    C:\Users\Peter\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\CR\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\FF\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\IE\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\Shared\BabyTBConf.ini (PUP.Optional.BabSolution.A) -> No action taken.
    C:\Users\Peter\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.

    (end)
     
  5. peterr

    peterr MajorGeek

    Uh,Oh. Could it be that I never checked the boxes on the 16th and did on the 17th. This getting old + meds isn't funny but it is the only way you can look at it.
    Very sorry if that is the case.
     
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

  7. peterr

    peterr MajorGeek

    I am not clear about this.
    I thought the way to post a log was to click edit, select all and copy and paste. At least that is what I was taught in another forum.
    Sorry if I did it wrong. I guess I could always use SkyDrive. I read both links which took some time. I had read the malware removal before.
    Some of it does not work like the video.
    Sorry to have bothered you with the log.
     
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Precisely. Another forum. :) We operate rather differently in the way that we prefer users to attach logs. (Soooo much more tidier!)

    Absolutely no problem.
    No. We want you to attach logs here please. Not at an external source.
     

Share This Page

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds