Jump to content

Recommended Posts

So I've recently decided to install Malwarebytes to scan my computer for threats after being an idiot and not having it installed in the first place years ago. It quarantined/removed a lot of malware that I wasn't aware I had, with the exception of one labelled "PUP.Optional.SearchManager.BITSRST" which is located in my Secure Preferences folder for Google Chrome. When I repeatedly scanned my computer to try to quarantine it, it keeps telling me I have 12 threats labelled "PUP.Optional.SearchManager.BITSRST", and keeps saying that all of them are removed except for the same one that Malwarebytes kept failing to remove.

However despite all this and even prior to installing Malwarebytes, I have not noticed anything unusual going on my computer and I do not see the Search Manager extension in Chrome as I removed it years ago from Chrome. Should I be concerned these threats as I otherwise use my computer just fine? If so, what steps should I take to ensure that I am completely FREE of any threats? Thanks in advance for answering my questions.

The images attached to this post are my first and latest reports.

reportlast.PNG

report1.PNG

Link to post
Share on other sites

Hi,

My name is Maurice.  I will be helping you on this case.

Chrome browser is the hardest to clean.   A lot of times, the Google sync feature makes it harder to clean.  Lets get the Sync option turned off.

I need you to go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".

[ 2 ]

Scan reports and actual logs from Malwarebytes itself are much more useful, rather than screen grabs.

Lets start by getting a good report set.

We need to get information from this machine in order to have the proper detail to help you forward.
 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

    Download Malwarebytes Support Tool
    
    
    Once the file is downloaded, open your Downloads folder/location of the downloaded file
    Double-click mb-support-1.4.0.615.exe to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !
    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Thank you.


Link to post
Share on other sites

Hi Jesse_C,

Thanks for the report.

The first thing I would suggest to be done is to turn off the Chrome browser "sync" feature.

I need you to go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".

[ 2 ]

I am sending a   custom Fix script which is going to be used by the FRSTENGLISH tool. They will both work together as a pair.

Please RIGHT-click the (attached file named) FIXLIST and select SAVE AS and save it directly ( as is) in the Downloads folder 

The tool named FRSTENGLISH is already on the Downloads folder.

Start the Windows Explorer and then, open the Downloads folder.


Double click FRSTENGLISH to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
Click the Fix button just once, and wait.

 

FRST_Fixl.png.c4c1c0dddcc49b11fa400590f070bd5e.png

 

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. Some machines take longer than others.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

[ 3 ]

I would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome browser and or any open web browser after you have saved the Adwcleaner and before you start Adwcleaner.

Please download the current release for Malwarebytes AdwCleaner from here:
https://downloads.malwarebytes.com/file/adwcleaner

 

Go to the folder where you saved Adwcleaner. Double click Adwcleaner to start it.

At the prompt for license agreement, review and then click on I agree.

 

You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

 

Click the blue button "Scan Now".

 

allow it a few minutes to finish the Scan.

{ If the scan results in a display "No threats were detected on your system", then just click on Skip basic repair.}

 

 

You should then see a screen showing "Scan results".

Review what is listed. If something is listed that you know for sure is safe, then for that line, click the check-box on the left so that it is un-checked.

(NOTE, clicking the small right pointed little arrow, will cause the screen to refresh & show all line items . )

 

When ready, click on the button "Clean and repair".

If prompted to restart then click on "Clean & Restart Now".

 

When You see screen with "Your cleanup is complete", click on the View Log file button.

It should then show as a open window in your text editor ( normally Notepad).

Do a File >> Save As, given it a unique name and Save to your Desktop or some other permanent folder.

 

Kindly provide a copy of that run report. Attach it with reply.

Also, attach the log file named Fixlog.txt

Let me know how it goes.

Sincerely,

fixlist.txt

Edited by Maurice Naggar
Link to post
Share on other sites

I'll get to doing this in a few days. Unfortunately, I picked a bad time to try to fix this as I have a small family vacation coming up tomorrow, haha.

Also, I did turn off the "sync" feature for Chrome. Apologies as I forgot to mention that in my last reply.

Link to post
Share on other sites

Okay... That's weird. I scanned my computer again for good measure, and this time it was able to remove all of the threats and prompted me to restart my computer. I guess my case here is closed then? Anyway, thank you so much for taking your time to assist me.

Link to post
Share on other sites

OK.  That is good news.

I just need to ask, whether or not your ran the Fix run  like I had listed on June 13  & also the run with Adwcleaner ?

 

Bottom line......  Is there any help that you need at this point?

Link to post
Share on other sites

I did not run the Fix run, nor used Adwcleaner. I only compiled my report and turned off the sync option for Google Chrome.

If there is nothing else to worry about, then I believe I do not need anymore help. Again, thank you so much for assisting me!

Link to post
Share on other sites

OK.  That is fine.  I am glad to have helped.  I will mark this case for Closure.

Suggestion:

get & install the Malwarebytes beta Chrome extension,

Open this link in your Chrome browser: https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee

Then proceed with the setup.

.

See this article on our Malwarebytes Blog
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

 

You want to disable the ability of each web browser on this machine from being able to allow "push ads". That means Chrome, Firefox, or Edge browser (on Windows 10), or on Opera.

Scroll down to the tips section "How do I disable them".

 

All best wishes to you.

Maurice

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.