Results 1 to 8 of 8

Thread: PUP malware

  1. #1
    Star Lounger
    Join Date
    Apr 2003
    Posts
    84
    Thanks
    3
    Thanked 0 Times in 0 Posts

    PUP malware

    Every morning I run Malwarebytes. Every morning I find at least 1 infection that begins with "PUP." I delete it and follow Malwarebytes instructions to restart my computer. When I run Malwarebytes a second time, all is clear, until the next morning. It tells me the problem is located in the registry at:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run lBackgroundContainer. When I go to the registry however, it isn't there. I am puzzled by all this. Any suggestions?

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Hi.

    The reason you can't find it is that MBam has already removed it, what you need to find is the trigger that recreates it at boot (Autoruns will help with that - but don't use it yet).

    It reads like a Conduit software at the root of this, which Windows version do you have?

  4. #3
    Star Lounger
    Join Date
    Apr 2003
    Posts
    84
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Windows 8 Pro 64 Bit

  5. #4
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Ok, so you should be safe to uninstall any Conduit software, after a reboot, try using AdwCleaner to remove any residues: http://www.bleepingcomputer.com/download/adwcleaner/

  6. #5
    Star Lounger
    Join Date
    Apr 2003
    Posts
    84
    Thanks
    3
    Thanked 0 Times in 0 Posts
    I've used AdwCleaner, but not sure what to leave the check mark on.

  7. #6
    Star Lounger
    Join Date
    Apr 2003
    Posts
    84
    Thanks
    3
    Thanked 0 Times in 0 Posts
    The Autoruns program found it. I unchecked it. That stopped the error message showing up when I started Windows. Thanks.

  8. #7
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Edit: Great, I'm pleased that Autoruns worked for you - it's one of the "must have's" for anyone that needs to troubleshoot Windows issues.
    Last edited by satrow; 2014-01-29 at 09:29.

  9. #8
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    4,619
    Thanks
    66
    Thanked 526 Times in 475 Posts
    If things are running properly and you want to remove the item from the registry permanently, start Autoruns with "run as administrator", right click on the item and select delete.

    Jerry

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •