Jump to content

Update.exe inside my Windows Startup list


Recommended Posts

As the title suggest I have a VEGAS folder in my APPDATA Folder . every time I try to uninstall the files or the folder they reappear in minutes. I found these after scanning my user folder with MacAfee scan. Is there any way to remove this trojan? I tried to use shred on them but they cam back. I also went into safe mode but they came back. Does anyone know what to do it would be very much so appreciated if someone can.

image_2021-07-17_084618.png

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===


If you do not have Malwarebytes installed just run it as suggested, If not:

Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer
 

  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.


Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Malwarebytes your Desktop.
[*]Close all open programs and internet browsers.[/*]
[*]Double click on AdwCleaner.exe to run the tool.[/*]
[*]Click the Scan button and wait for the process to complete.[/*]
[*]Click the LogFile button and the report will open in Notepad.[/*]
[/LIST]
IMPORTANT

  • If you click the Clean button all items listed in the report will be removed.


If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
Link to post
Share on other sites

5 hours ago, nasdaq said:

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===


If you do not have Malwarebytes installed just run it as suggested, If not:

Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer
 

  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.

 


Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Malwarebytes your Desktop.
[*]Close all open programs and internet browsers.[/*]
[*]Double click on AdwCleaner.exe to run the tool.[/*]
[*]Click the Scan button and wait for the process to complete.[/*]
[*]Click the LogFile button and the report will open in Notepad.[/*]
[/LIST]
IMPORTANT

  • If you click the Clean button all items listed in the report will be removed.

 


If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

 

nasdaq.txt

Link to post
Share on other sites

I have a File called Update.exe in my C:\Users\Pimparoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup file location I saw other topics and it said it was a Microsoft teams update. Malware is detecting it a trojan i dont have a picture because malware keeps quarantining  it. if someone can help me Remove/ tell me if it a threat or not it would be greatly appreciated.

Link to post
Share on other sites

Hi,

I need additional information.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
L7kNU5y.jpg
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png

Attach the file(s). A 2 Steps process.
Reply to this topic.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach. <- Step 1.
Click Attach this file. <- Step 2.
Click the Add reply button.

Please post the logs  for my review.

Wait for further instructions

p.s.
The Farbar program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
====
 

Link to post
Share on other sites

( Needs to be pointed out, so that there is not unintended over-stepping).
@Luther2343


There are 2 separate Topic-cases for your same issue.
https://forums.malwarebytes.com/topic/276675-updateexe-inside-my-windows-startup-list/       with Nasdaq

+
https://forums.malwarebytes.com/topic/276676-updateexe-inside-my-windows-startup-list/       with Kevinf80

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.