Jump to content

what is Hijack.WindowsUpdates and why does it persist?


Recommended Posts

Hello,

First, thanks for making a great product - its saved my system at least a couple times when nothing else would work

Second, what is the Hijack.WindowsUpdates malware? Since the beginning of September, scans of my computer have been showing two instances of this item. If I try to remove it, it always comes back. Clicking on the "vendor info" button reveals nothing, just a generic description of malware. It is not listed in either the Symantec or McAfee threat lists. Searching the MB forums, I see it come up in conjunction with other problems, and have noticed several other people inquiring about this, but nothing other than the standard "download hijack this and post your logs" response by way of explanation.

I dont seem to have any problems on my machine. Is this really malware or could MB generating a false positive? If malware, what is it and why does only MB detect it? Is a fix going to be incorporated into the baseline MB scan anytime soon?

Thanks - Kevin

Link to post
Share on other sites

Greetings and welcome :P .

That detection means that Windows Update has been disabled. This is sometimes done by malicious software to prevent your machine from being patched by Microsoft. If you have set Windows Update not to check for updates and not to alert you when they are available then you can safely have MBAM ignore them. If you have not, then open Windows Update by clicking Start>All Programs>Windows Update and change the settings accordingly.

If you have any further questions or issues please post.

Thanks ;) .

Link to post
Share on other sites

Thanks for the quick response!

Yep, I have turned off the automatic Windows updates, so this makes sense. However I did this back in April, when I reinstalled my OS after a disk crash. It only showed up on the MB scan a few weeks ago. Did MB just start checking for this recently?

Kevin

Link to post
Share on other sites

I have mine set to "Alert me if there are MS Windows updtaes, but do not download them" (I like to see whats comming down the pipe) Unless I missed something, Since I'm working on 2 pc's .... I would consider the setting I use... but I must confess exile360 has a great deal more knowledge that I do. Plus I just had time to glance over the posts...regards...

Link to post
Share on other sites

Thanks for the quick response!

Yep, I have turned off the automatic Windows updates, so this makes sense. However I did this back in April, when I reinstalled my OS after a disk crash. It only showed up on the MB scan a few weeks ago. Did MB just start checking for this recently?

Kevin

I don't know why it didn't detect it before, but if you'd really like to test and make sure that everything is OK, just reenable updates in the settings, reboot, then do another Quick Scan with MBAM to see if it still finds it. If it doesn't then you know that you're alright and that MBAM is working as it should :P .

Please post back with the results.

Thanks ;) .

Link to post
Share on other sites

Good idea - I re-enabled automatic updates and rebooted, but I still get the two registry key infection reports. Hmm, so it looks like maybe I did get some sort of infection that crippled a part of the OS that I wasnt using. Any idea why MB isnt able to clean this up? The log says that the keys were successfully quarantined and deleted, but if I re-run the scan, the infection reports appear again - even after rebooting.

Link to post
Share on other sites

We can have the experts in the HiJackLog Forum look at your pc? If you want instructions, let me know?

EDIT: Follow these instructions please, they will get you fixed up!:

follow these instructions & post it in the HiJackLog Forum please

Scan and post logs - read note at bottom in green

If you're having Malware related issues with your computer that you're unable to resolve.

  1. Please read and follow the instructions provided here: I'm infected - What do I do now?
  2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
  3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.

  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  • Using these other tools often makes the cleanup task more difficult and time consuming.
  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review

NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Link to post
Share on other sites

Your Welcome! Please Let us know if theres anything else we can do?

I too am experiencing the same 2 instances of Hijack.WindowsUpdate. I've installed "Hijack This" but the software doesn't detect it. Malwarebytes detects it and says that it has quarantined and deleted the 2 entries, but, if I run the scan immediately after - it still finds the offending 2 entries...

Link to post
Share on other sites

@ WB3

We can have the experts in the HiJackLog Forum look at your pc? If you want instructions, let me know? Follow the instructions below please:

follow these instructions & post it in the HiJackLog Forum please

Scan and post logs - read note at bottom in green

If you're having Malware related issues with your computer that you're unable to resolve.

  1. Please read and follow the instructions provided here: I'm infected - What do I do now?
  2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
  3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.

  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  • Using these other tools often makes the cleanup task more difficult and time consuming.
  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review

NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.