Adlice forum

General Category => Malware removal help => Topic started by: loki125 on August 30, 2019, 11:42:38 am

Title: PUP.Gen1 "Search" folder C:\Program Files (x86)\Search\Data\Temp\usgthrsvc
Post by: loki125 on August 30, 2019, 11:42:38 am
After many months of this malware returning I just reset Windows with "Clean Start" and the adware is there again, in all its glory.

For me the path is C:\Program Files (x86)\Search

I check it manually every day and it is reapearing after I manualy delete it or after I scan with Rougekiller and adwcleaner.
I thought the "windows clean start" would fix it but it seems i have to format my discs to get rid of it :(

If someone could point me to an easier solution, I am forever grateful.

edit:To clarify the clean start does only reset Windows and all installed programs. My other drives were uneffected. Maybe the malware has nested on these drives, although it is always detected on C: ?

edit2: For the last several days I had trouble with windows updates where i couldnt update. I suspected the malware to be the cause. The update problem is fixed.

-----


Modus : Standard-Scan, Scannen -- Datum : 2019/08/30 11:09:40 (Dauer : 00:04:08)

いいいいいいいいいいいい Prozesse いいいいいいいいいいいい

いいいいいいいいいいいい Prozessmodule いいいいいいいいいいいい

いいいいいいいいいいいい Dienste いいいいいいいいいいいい

いいいいいいいいいいいい Tasks いいいいいいいいいいいい

いいいいいいいいいいいい Registry いいいいいいいいいいいい

いいいいいいいいいいいい WMI いいいいいいいいいいいい

いいいいいいいいいいいい Hosts-Datei いいいいいいいいいいいい

いいいいいいいいいいいい Dateien いいいいいいいいいいいい
[PUP.Gen1 (Potenziell bsartig)] (folder) Search -- C:\Program Files (x86)\Search -> Gefunden

いいいいいいいいいいいい Webbrowser いいいいいいいいいいいい
Title: Re: PUP.Gen1 "Search" folder C:\Program Files (x86)\Search\Data\Temp\usgthrsvc
Post by: Curson on August 31, 2019, 02:13:03 am
Hi loki125,

Welcome to Adlice.com forum.
Could you please make an archive of the "Search" folder including all its content (files and subfolders) and attach it with your next reply ?

Regards.
Title: Re: PUP.Gen1 "Search" folder C:\Program Files (x86)\Search\Data\Temp\usgthrsvc
Post by: loki125 on August 31, 2019, 02:57:57 am
here you go
Title: Re: PUP.Gen1 "Search" folder C:\Program Files (x86)\Search\Data\Temp\usgthrsvc
Post by: Curson on August 31, 2019, 04:11:17 am
Hi loki125,

Thanks for your feedback. Just a bunch of empty folders.
This means no harm but just to make sure, we will be doing a full system investigation.

Please download Farbar Recovery Scan Tool (x64) (https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/) and save it to your Desktop.
Regards.