Results 1 to 8 of 8

Thread: PUP malware

  1. #1
    Star Lounger
    Join Date
    Apr 2003
    Posts
    86
    Thanks
    3
    Thanked 0 Times in 0 Posts

    PUP malware

    Every morning I run Malwarebytes. Every morning I find at least 1 infection that begins with "PUP." I delete it and follow Malwarebytes instructions to restart my computer. When I run Malwarebytes a second time, all is clear, until the next morning. It tells me the problem is located in the registry at:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run lBackgroundContainer. When I go to the registry however, it isn't there. I am puzzled by all this. Any suggestions?

  2. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 208 Times in 181 Posts
    Hi.

    The reason you can't find it is that MBam has already removed it, what you need to find is the trigger that recreates it at boot (Autoruns will help with that - but don't use it yet).

    It reads like a Conduit software at the root of this, which Windows version do you have?

  3. #3
    Star Lounger
    Join Date
    Apr 2003
    Posts
    86
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Windows 8 Pro 64 Bit

  4. #4
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 208 Times in 181 Posts
    Ok, so you should be safe to uninstall any Conduit software, after a reboot, try using AdwCleaner to remove any residues: http://www.bleepingcomputer.com/download/adwcleaner/

  5. #5
    Star Lounger
    Join Date
    Apr 2003
    Posts
    86
    Thanks
    3
    Thanked 0 Times in 0 Posts
    I've used AdwCleaner, but not sure what to leave the check mark on.

  6. #6
    Star Lounger
    Join Date
    Apr 2003
    Posts
    86
    Thanks
    3
    Thanked 0 Times in 0 Posts
    The Autoruns program found it. I unchecked it. That stopped the error message showing up when I started Windows. Thanks.

  7. #7
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 208 Times in 181 Posts
    Edit: Great, I'm pleased that Autoruns worked for you - it's one of the "must have's" for anyone that needs to troubleshoot Windows issues.
    Last edited by satrow; 2014-01-29 at 10:29.

  8. #8
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    4,999
    Thanks
    71
    Thanked 574 Times in 520 Posts
    If things are running properly and you want to remove the item from the registry permanently, start Autoruns with "run as administrator", right click on the item and select delete.

    Jerry

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •