Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: item found in Malwarebytes (from udemy.com?)

05 Jun 2016   #11
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Thanks for the updates.

I mean no disrespect, but I think we might be veering a bit off-topic?

@Havoc originally reported the same PUP file detection on both MBAM and AdwCleaner scans.
As I mentioned, a VT scan of the file may or may not be entirely insightful, as some of the VT scanners do not target PUPs.
In order to determine if that PUP detection may or may not be a F/P for those 2 scanners, MBAM and AdwCleaner, one would need to follow the steps I already suggested to submit at least an MBAM scan log (or, preferably, the zipped file itself) in the F/P forum section at Malwarebytes forum.
(There is a similar process for AdwCleaner HERE.)

AFAIK, @Havoc reported a file detection, NOT an IP/website block, from MBAM for udemy.com.
There's no harm submitting that URL to VT or another site for analysis, of course.
But even if the site scans clean at VT, there still might be PUPs associated with the software available at that site. Checking the site, rather than the software itself, will yield different results.
If the vendor bundles their software with PUPs, then the site may well be clean, even if the software is not.

If, in fact, it is a legitimate PUP detection, and if it is being regenerated from your sync'd Chrome data, then getting rid of it will likely entail the steps I already mentioned. If it's coming from something on your system, then a bit of junkware/adware/malware cleanup may be needed.

In order to reduce the guesswork and to have a bit of real data with which to work, @Havoc, perhaps you might please ATTACH to your next reply here in this thread both the MBAM scan log and the AdwCleaner scan logs. (Let us know if you need help finding and exporting those logs.)

Just a suggestion,
MM


My System SpecsSystem Spec
.
05 Jun 2016   #12
DavidE

Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
 
 

I was just replying to "I thought it was related to udemy because of the ability to comment on videos that you watch"
so the OP knows a URL can be scanned at VT.

I'll drop off and watch.
My System SpecsSystem Spec
05 Jun 2016   #13
HAVOC

Windows 7 Professional 64bit
 
 

I followed the directions in post #4 for resetting Chrome. I'm going to do some more browsing with Chrome tonight and see if the PUP returns. I'm able to find the logs and upload them if need be.

I ran a full scan with MSE, and a scan with Malwarebytes and AdwCleaner, all three found nothing so far.
My System SpecsSystem Spec
.

06 Jun 2016   #14
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi, @Havoc:

OK, sounds good.
If it returns, seeing some scan logs and a bit of deeper digging may be needed.

Cheers,
MM

{P.S. @DavidE: no offense intended. VT suggestions were excellent. Was just trying to keep the thread on-topic re: PUP file detection in MBAM and AdwCleaner scans, the most definitive means of ruling out a possible F/P, and likely explanations for the reappearance of the detection in multiple scans.}
My System SpecsSystem Spec
07 Jun 2016   #15
HAVOC

Windows 7 Professional 64bit
 
 

I ran Malwarebytes and it isn't finding anything. I ran AdwCleaner and it found a couple items related to google.


Attached Images
item found in Malwarebytes (from udemy.com?)-chatango.png item found in Malwarebytes (from udemy.com?)-aol-ask.png 
My System SpecsSystem Spec
07 Jun 2016   #16
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi, @Havoc:

I lack the official training to guide you through malware removal. That is best left to someone with more formal expertise in the matter. And I do not personally use Chrome, so I lack first-hand knowledge of the program.

Unless you disabled Chrome sync before you reset it, you may be getting reinfected.

However, the AdwCleaner detections you show seem to be different from the one originally reported in your original post about the PUP in MBAM. And AdwCleaner can have false positives.
But it's hard to say for sure what is going on without seeing the LOGS, rather than a screenshot snippet.

Until someone more expert comes along here at sevenforums, I suggest the following:
  • You may wish to report the AdwCleaner findings HERE. They will help you to determine if the AdwCleaner detections might be a false positive -- if they are not, they will direct you to the proper sub-forum for some guided malware cleanup.
  • Or, you may wish to post directly in one of several, reputable, dedicated computer disinfection fora (G2G, bleepingcomputer, Malwarebytes, etc.) and likewise get some guided help with cleanup. The expert help there is free. They will walk you through the proper scans in the correct sequence in order to find and remove malware and to help harden your defenses to prevent reinfections.
Please let us know how it goes, so that we can all learn.


Thank you,
MM
My System SpecsSystem Spec
07 Jun 2016   #17
ThrashZone

Win-7-Pro64bit 7-H-Prem-64bit
 
 

Hi,
Yep you did pick up some extra search engines
They should show up as extensions I believe.
Also review you're uninstall a program section for the listings.
My System SpecsSystem Spec
07 Jun 2016   #18
HAVOC

Windows 7 Professional 64bit
 
 

Nothing in my add/remove programs for anything shown in the previous post.

The computer isn't doing anything weird. I just did a scan last Sunday and that's when I saw the items in Malwarebytes, they haven't returned but I found these in AdwCleaner.
My System SpecsSystem Spec
07 Jun 2016   #19
ThrashZone

Win-7-Pro64bit 7-H-Prem-64bit
 
 

Hi,
Go to Chrome settings and on the left column go to extensions see what is in there.
My System SpecsSystem Spec
08 Jun 2016   #20
HAVOC

Windows 7 Professional 64bit
 
 

Just the default ones that come with Chrome.


Attached Thumbnails
item found in Malwarebytes (from udemy.com?)-extensions.png  
My System SpecsSystem Spec
Reply

 item found in Malwarebytes (from udemy.com?)




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Can't Delete Folder - Item Not Found
I have tried searching for a solution but nothing works. I have this empty .ini file with no name in this folder I want to delete that is located on a memory card. Everytime I try to delete I get an error saying that it could not find this item. I tried using a program that another topic on this...
General Discussion
Item Not Found: Could Not Find This Item
Hello! I've had a problem with a particular folder on my desktop for a while now and have finally decided to fix it. There is a folder that has some thing to do with Camtasia 7 (Software for screen recording and video editing) stuck on my desktop that I can't delete/rename. ...
General Discussion
Malwarebytes found some things, now what?
I've just run malwarebytes and it found 34 Spyware.OnlineGames. They are quarantined but what should I do now? If I delete them will it have any negative effects on the computer? What the hell is Spyware.OnlineGames? I do play games on this computer and I have downloaded Half Life 2: Lost Coast off...
System Security
Cut/paste folder problem : Item Not Found
nvm
General Discussion
Item Not Found - Can't Delete ... Files
Hi everyone, I've been trying for hours to move everything from my old external hard drive to my new larger one (in Windows 7). Unfortunately, it always stops with errors. It keeps giving me the message "Item Not Found - Could not find this item. This is no longer located in..." It seems...
General Discussion
Restoring item from quarantine in Malwarebytes?
I think I accidentally restored some malware from quarantine so I need to know if I did or not. So there is only one way I can find out on if I clicked on restore or delete- by having this question answered: Do you get some kind of warning message if you click on restore like you do in...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:15.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App