Malwarebytes just found tons of PUPs what gives?


sdowney717

Active member
Member
Local time
9:05 PM
Posts
241
OS
windows 11
Are these really anything?
All sorts of things in App Data Local Google chrome user?
Never seen this before.
Seems like nonsense, makes me think if I quarantine them something will break?
Only thing I noticed was 'securysearch' extension was installed, and redirected my searches to using Yahoo instead of Bing, so I removed the extension, which I dont recall installing.


Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/27/22
Scan Time: 2:34 AM
Log File: ee47260c-ad97-11ec-a654-bcaec5c2a07b.json

-Software Information-
Version: 4.5.6.180
Components Version: 1.0.1634
Update Package Version: 1.0.52922
License: Trial

-System Information-
OS: Windows 11 (Build 22000.556)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 294091
Threats Detected: 29
Threats Quarantined: 0
Time Elapsed: 7 min, 55 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
PUP.Optional.SecurySearch, HKU\S-1-5-21-3995664575-3804192487-1385624515-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 6
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,

File: 22
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 423, 673794, , , , , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 423, 673794, , , , , 9EBA0E2997FB001A1A7995539503F95F, F108F32505FD0D47DB5178B2F11DE4847F02ECB6792860CEF137B27D8A70378C
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, No Action By User, 423, 673794, , , , , 422B6E24285FC73E70E1C16FDDB27A0A, 54E9B828C144342042D318D1A87F01B7514C5E077DEFC2A66FE87ED52532E173
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, No Action By User, 423, 673794, , , , , FFA9C11ECE699B31B483A31845FAC079, 9DD79F1E6FB276539B9C8D47A4DE8D8D92176903C10B7FBD2A550F8BE8B60540
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, No Action By User, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, No Action By User, 423, 673794, , , , , 00CCCAD494633AD7DFAE4D34711DA0F7, 28784D27046033A659E92A8E73B13550110D1DF301C4918C5895937D87DB0452
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, No Action By User, 423, 673794, , , , , 230E73D62DA56A2A2537C0A20BCA2E58, BBBD540FC4A0CF12BEF530C034225A33A1FCCBED5856A3413B2232794CAC0B27
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, No Action By User, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 423, 673794, , , , , 6DD2F33269315524A7E6B8582BB40940, F0B2ED76EDBAA5210CC4CED01AB99218223449828057506D254B795DFAA60C74
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004489.log, No Action By User, 423, 673794, , , , , 04C01CB214D8C02E111CA7DCF2D24D8E, 16E20BA2F3CFDE7B85ED4C99ADD955078AB582692BDC036F4BDFDDDDAEA6DD4F
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004491.ldb, No Action By User, 423, 673794, , , , , 98A2CDD44D2B0295E78868D469247899, 4EB5A2C96CD353411986B226400463AA7A8F55EE2ED6AC43D0AC83214957899B
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 423, 673794, , , , , DAC69ECB7792CAEE371CE3AC7FE1FD97, 704F648FBB60F794A584E6E700BBA5ABC64DE0A15C67CA6B899F1AFD44FAEDC8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 423, 673794, , , , , 252FBE93F254565569C6D4AFA58BC991, 7BE404A3D06C4F5BA2D3E8F57BCF5D0A23B1D2E20EEDA787B4F5FA8EFB001734
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 423, 673794, , , , , C106AAD088DF9105AE2DFF4EA64F9935, 105E24670F01295CDC214A034C9A76FBAD112A4406D1AD9828AC4AE0BBA2CD58
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb

The-Hive

The First Three Star Guru
Guru
VIP
Local time
2:05 AM
Posts
11,304
Location
Wiltshire UK
OS
Windows 11 Pro
The thing with a PUP is it potentially unwanted, on the other hand they may be wanted. A lot of programs these days do go a bit OTT with detections, You need to find the culprits and decide for yourself if they are wanted or not. I am not that good at reading those reports but it indicates to me possibly Chrome or extensions, any change with those? try clearing chrome data and trying again. We have seen a couple of instances on here of MB being a bit OTT
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen Core i9 10900K
    Memory
    32GB
    Graphics Card(s)
    Geforce RTX 2080 Super
    Sound Card
    Nvidia HD
    Screen Resolution
    1920x1080
    Hard Drives
    C: Samsung 2TB P981A
    D: Samsung 2TB 970 Evo
    Case
    Dark side of the moon
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer AX1650i Wi-Fi Network Adaptor
    Alienware Z01G Graphic Amplifier
    Tobii Eye Tracker
  • Operating System
    Dual Boot Windows 11 Pro / Windows 11 Pro Dev build
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 3501
    CPU
    11th Gen i-7 2.80 gb
    Memory
    16Gb
    Screen Resolution
    1920 x 1080
    Hard Drives
    512Gb SSD
    WD 2GB EXT
    Browser
    Chrome
    Antivirus
    Norton

sdowney717

Active member
Member
Thread Starter
Local time
9:05 PM
Posts
241
OS
windows 11
The thing with a PUP is it potentially unwanted, on the other hand they may be wanted. A lot of programs these days do go a bit OTT with detections, You need to find the culprits and decide for yourself if they are wanted or not. I am not that good at reading those reports but it indicates to me possibly Chrome or extensions, any change with those? try clearing chrome data and trying again. We have seen a couple of instances on here of MB being a bit OTT
I decided to quarantine them, figure like you said, has to do with the securysearch extension.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/27/22
Scan Time: 2:34 AM
Log File: ee47260c-ad97-11ec-a654-bcaec5c2a07b.json

-Software Information-
Version: 4.5.6.180
Components Version: 1.0.1634
Update Package Version: 1.0.52922
License: Trial

-System Information-
OS: Windows 11 (Build 22000.556)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 294091
Threats Detected: 29
Threats Quarantined: 28
Time Elapsed: 7 min, 55 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
PUP.Optional.SecurySearch, HKU\S-1-5-21-3995664575-3804192487-1385624515-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 6
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Removal Failed, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 423, 673794, , , , , ,

File: 22
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 423, 673794, , , , , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, 423, 673794, , , , , 9EBA0E2997FB001A1A7995539503F95F, F108F32505FD0D47DB5178B2F11DE4847F02ECB6792860CEF137B27D8A70378C
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, Quarantined, 423, 673794, , , , , 422B6E24285FC73E70E1C16FDDB27A0A, 54E9B828C144342042D318D1A87F01B7514C5E077DEFC2A66FE87ED52532E173
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, Quarantined, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, Quarantined, 423, 673794, , , , , FFA9C11ECE699B31B483A31845FAC079, 9DD79F1E6FB276539B9C8D47A4DE8D8D92176903C10B7FBD2A550F8BE8B60540
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, Quarantined, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, Quarantined, 423, 673794, , , , , 00CCCAD494633AD7DFAE4D34711DA0F7, 28784D27046033A659E92A8E73B13550110D1DF301C4918C5895937D87DB0452
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, Quarantined, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, Quarantined, 423, 673794, , , , , 230E73D62DA56A2A2537C0A20BCA2E58, BBBD540FC4A0CF12BEF530C034225A33A1FCCBED5856A3413B2232794CAC0B27
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, Quarantined, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Quarantined, 423, 673794, , , , , 6DD2F33269315524A7E6B8582BB40940, F0B2ED76EDBAA5210CC4CED01AB99218223449828057506D254B795DFAA60C74
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004489.log, Quarantined, 423, 673794, , , , , 04C01CB214D8C02E111CA7DCF2D24D8E, 16E20BA2F3CFDE7B85ED4C99ADD955078AB582692BDC036F4BDFDDDDAEA6DD4F
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004491.ldb, Quarantined, 423, 673794, , , , , 98A2CDD44D2B0295E78868D469247899, 4EB5A2C96CD353411986B226400463AA7A8F55EE2ED6AC43D0AC83214957899B
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Quarantined, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Quarantined, 423, 673794, , , , , DAC69ECB7792CAEE371CE3AC7FE1FD97, 704F648FBB60F794A584E6E700BBA5ABC64DE0A15C67CA6B899F1AFD44FAEDC8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Quarantined, 423, 673794, , , , , 252FBE93F254565569C6D4AFA58BC991, 7BE404A3D06C4F5BA2D3E8F57BCF5D0A23B1D2E20EEDA787B4F5FA8EFB001734
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Quarantined, 423, 673794, , , , , C106AAD088DF9105AE2DFF4EA64F9935, 105E24670F01295CDC214A034C9A76FBAD112A4406D1AD9828AC4AE0BBA2CD58
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb

The-Hive

The First Three Star Guru
Guru
VIP
Local time
2:05 AM
Posts
11,304
Location
Wiltshire UK
OS
Windows 11 Pro
Good plan, I reckon if they are need they may be recreated and if everything is running fine that is ok. It is easy to panic when you see those sort of popups
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen Core i9 10900K
    Memory
    32GB
    Graphics Card(s)
    Geforce RTX 2080 Super
    Sound Card
    Nvidia HD
    Screen Resolution
    1920x1080
    Hard Drives
    C: Samsung 2TB P981A
    D: Samsung 2TB 970 Evo
    Case
    Dark side of the moon
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer AX1650i Wi-Fi Network Adaptor
    Alienware Z01G Graphic Amplifier
    Tobii Eye Tracker
  • Operating System
    Dual Boot Windows 11 Pro / Windows 11 Pro Dev build
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 3501
    CPU
    11th Gen i-7 2.80 gb
    Memory
    16Gb
    Screen Resolution
    1920 x 1080
    Hard Drives
    512Gb SSD
    WD 2GB EXT
    Browser
    Chrome
    Antivirus
    Norton

mackie

Active member
Member
Local time
9:05 PM
Posts
110
Location
Maryland U.S.
OS
Windows 11/Linux Mint
I read things about... if you have other devices synched, like phones, etc., unwanted stuff can come in through those devices. When there's a problem and cleaning up is required, all the devices should be cleaned. I, myself, don't synch anything to my pc's.
 

My Computer

System One

  • OS
    Windows 11/Linux Mint
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 960
    CPU
    Intel Core 2 Duo CPU E8400 @ 3.00 GHz x 2
    Memory
    8 GB
    Graphics Card(s)
    Intel 4 Series Chipset Integrated Graphics Controller
    Monitor(s) Displays
    HP x22LED
    Hard Drives
    Crucial 250 GB SSD

sdowney717

Active member
Member
Thread Starter
Local time
9:05 PM
Posts
241
OS
windows 11
I read things about... if you have other devices synched, like phones, etc., unwanted stuff can come in through those devices. When there's a problem and cleaning up is required, all the devices should be cleaned. I, myself, don't synch anything to my pc's.
yes, seen that too, extensions get synced onto other PC
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb

sdowney717

Active member
Member
Thread Starter
Local time
9:05 PM
Posts
241
OS
windows 11
This AM, scanning. MBytes found 12 more pups related to securysearch, so I quarantined them.
Whatever securysearch is, seems a persistent issue.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/28/22
Scan Time: 4:30 AM
Log File: 58742910-ae71-11ec-b5b8-bcaec5c2a07b.json

-Software Information-
Version: 4.5.6.180
Components Version: 1.0.1634
Update Package Version: 1.0.52950
License: Trial

-System Information-
OS: Windows 11 (Build 22000.556)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 293694
Threats Detected: 12
Threats Quarantined: 0
Time Elapsed: 8 min, 31 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 1
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,

File: 11
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 423, 673794, , , , , 5E4541B6A8DC363259495B27B005F40F, E37A177786916561BE2799EE60AC6D4C622F31614D7FE49C07709886D1BDA6D8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000036.ldb, No Action By User, 423, 673794, , , , , 9B76760781BD6BD6C12DF00FF91B5F8D, EA1A064B7CC0B2C6BA2280FDE8992162A4F22B58BFC477FE8ADD2E32573F45F8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000037.log, No Action By User, 423, 673794, , , , , 1A2D6CB7500E5A3CD669FCE8FD778292, 98A1677505E598811792A9745F3BE2F59FB98689C03723E032A3A88D5A206A7D
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000038.ldb, No Action By User, 423, 673794, , , , , 1177EF77792843574154D5C53562FA10, 06CF24D8F1C5E30CFD0454EDF37930CAA59D61A4E5CB26383B65754F6590C442
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 423, 673794, , , , , BB877BAD3EFB05A7BA31BF3875E8C58B, F8C27C70D0F827C539F1B28DA5D4982C4F2B389290865EAEE551ADA070FE7DA6
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 423, 673794, , , , , 9DDACDF38D1BB6700D6690D87277A3CE, 794BBE5E06C88F9300D7B611F7AB126B61C8712892B114BF35D11C20C649BBA1
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 423, 673794, , , , , BB398885E6B14D5A00A9BE17E87B5EAF, 0A01E221C5F3C6BFBF0A91D75466946463EFD282792290C6E571B09484D3F34C
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 423, 673794, , , , , 5EF9B87E2421904398840897A43B4586, BEAE925148FC9D3A79D2B89B6A1D6521021A9B14CF9A2CB0BB8621E6463C7F20
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 423, 673794, 1.0.52950, , ame, , 459269F799B994481206B370F2674152, B9B218C8462213970FF2812864B5FBC229B5BD9ADDF1F9896A3FB1C836402AEB

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb

Fabler2

Well-known member
Power User
VIP
Local time
2:05 AM
Posts
1,869
OS
Win 11 Pro & Dev.
Have you tried Malwarebytes AdwCleaner ? Check what it selects before quarantining and removing. These three apps I want to keep.

2022-03-28 11_56_11-2022-03-28 11_54_11-AdwCleaner - Free Adware Cleaner & Removal Tool _ Malw...png
 

My Computers

System One System Two

  • OS
    Win 11 Pro & Dev.
    Computer type
    Laptop
    Manufacturer/Model
    ASUS VivoBook
    CPU
    AMD Ryzen 7 3700U with Radeon Vega Mobile Gfx
    Motherboard
    ASUSTeK COMPUTER INC. X509DA (FP5)
    Memory
    12GB
    Graphics Card(s)
    RX Vega 10 Graphics
    Monitor(s) Displays
    Generic PnP Monitor (1920x1080@60Hz)
    Screen Resolution
    1920x1080@60Hz
    Hard Drives
    INTEL SSD 660p 512GB NVMe
    Internet Speed
    25 Mbps
    Browser
    Edge
    Antivirus
    Defender
  • Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    ACER
    CPU
    AMD Ryzen 7 5800H / 3.2 GHz
    Motherboard
    CZ Scala_CAS (FP6)
    Memory
    16 GB (2 x 8 GB) DDR4 SDRAM 3200 MHz
    Graphics card(s)
    NVIDIA GeForce RTX 3060 6 GB GDDR6 SDRAM
    Sound Card
    Realtek Audio. NVIDIA High Definition Audio
    Monitor(s) Displays
    15.6" LED backlight 1920 x 1080 (Full HD) 144 Hz
    Screen Resolution
    1920 x 1080 (Full HD)
    Hard Drives
    1.024 TB SSD M.2 2280 - Samsung
    PSU
    180 Watt, 19.5 V
    Mouse
    Logitech
    Internet Speed
    25 Mbps
    Browser
    Edge
    Antivirus
    Defender

torchwood

Member
VIP
Local time
2:05 AM
Posts
54
OS
w7/10/11ip
Have a read

 

My Computer

System One

  • OS
    w7/10/11ip
    Computer type
    Laptop
    Manufacturer/Model
    hp probook 450 g8
    CPU
    i5 11th gen

sdowney717

Active member
Member
Thread Starter
Local time
9:05 PM
Posts
241
OS
windows 11
Have a read

Yesterday I uninstalled the extension and ran MBytes, so you would think it gone.
But then this AM a Mbytes scan shows it is there again, but no securysearch extension is installed.
Maybe some leftovers from yesterday still hanging around this am??

You know I did not install the extension, it just showed up on its own.
Maybe it installed with me installing some sketchy program?

This am I ran HitmanPro, and it cleared off thousands of tracking cookies, plus a downloaded 'malware program' called peace from 2021, dont think any of that is related to securysearch
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb

User1234

On the naughty step
Local time
2:05 AM
Posts
926
Yesterday I uninstalled the extension and ran MBytes, so you would think it gone.
But then this AM a Mbytes scan shows it is there again, but no securysearch extension is installed.
Maybe some leftovers from yesterday still hanging around this am??

You know I did not install the extension, it just showed up on its own.
Maybe it installed with me installing some sketchy program?

This am I ran HitmanPro, and it cleared off thousands of tracking cookies, plus a downloaded 'malware program' called peace from 2021, dont think any of that is related to securysearch
Quarantine doesn't mean it deletes them, It makes them safe and stores them there, Always delete them. Id run Adwcleaner as suggested above for sure, Quarantine them then delete them. I should have said yesterday but i was busier than i'd like to have been sorry!
 

My Computer

System One

  • Computer type
    PC/Desktop

TraderGary

Stock Market Wizard
Power User
VIP
Local time
9:05 PM
Posts
567
Location
Atlanta, GA, USA
OS
Windows 11 Pro
When I suspect problems, I simply do a factory reset. As soon as I log in to Windows, all my data on OneDrive is there and my Microsoft 365 is there. I reinstall my apps and I'm back with a completely clean system again.
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell XPS 15 9510 OLED
    CPU
    11th Gen i9 -11900H
    Memory
    32 GB 3200 MHz DDR4
    Graphics Card(s)
    NVIDIA® GeForce® RTX 3050Ti
    Monitor(s) Displays
    15.6" OLED Infinity Edge Touch
    Screen Resolution
    16:10 Aspect Ratio (3456 x 2160)
    Hard Drives
    1 Terabyte M.2 PCIe NVMe SSD
    2 Thunderbolt™ 4 (USB Type-C™)
    1 USB 3.2 Gen 2 (USB Type-C™)
    SD Card Reader (SD, SDHC, SDXC)
    Internet Speed
    700 Mbps, 24 Mbps
    Browser
    Microsoft Edge (Chromium) + Bing
    Antivirus
    Microsoft Windows Security (Defender)
    Other Info
    Microsoft 365 subscription (Office)
    Microsoft OneDrive 1TB Cloud
    Microsoft File History
    Microsoft Outlook
    Microsoft OneNote

    Interactive Brokers Trader Workstation
    Lightroom/Photoshop subscription
    DaVinci Resolve Studio

User1234

On the naughty step
Local time
2:05 AM
Posts
926
When I suspect problems, I simply do a factory reset. As soon as I log in to Windows, all my data on OneDrive is there and my Microsoft 365 is there. I reinstall my apps and I'm back with a completely clean system again.
A bit OTT but sure 😂
 

My Computer

System One

  • Computer type
    PC/Desktop

paulhatton

Member
Local time
2:05 AM
Posts
52
OS
Windows 11
It always does mate from the first days of Malwarebytes and did my computing head in and now I use Bitdefender.......
 

My Computer

System One

  • OS
    Windows 11

The-Hive

The First Three Star Guru
Guru
VIP
Local time
2:05 AM
Posts
11,304
Location
Wiltshire UK
OS
Windows 11 Pro
Looks like a Hijacker, look at these sites



Can you restore from an image created before this happened?
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen Core i9 10900K
    Memory
    32GB
    Graphics Card(s)
    Geforce RTX 2080 Super
    Sound Card
    Nvidia HD
    Screen Resolution
    1920x1080
    Hard Drives
    C: Samsung 2TB P981A
    D: Samsung 2TB 970 Evo
    Case
    Dark side of the moon
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer AX1650i Wi-Fi Network Adaptor
    Alienware Z01G Graphic Amplifier
    Tobii Eye Tracker
  • Operating System
    Dual Boot Windows 11 Pro / Windows 11 Pro Dev build
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 3501
    CPU
    11th Gen i-7 2.80 gb
    Memory
    16Gb
    Screen Resolution
    1920 x 1080
    Hard Drives
    512Gb SSD
    WD 2GB EXT
    Browser
    Chrome
    Antivirus
    Norton

paulhatton

Member
Local time
2:05 AM
Posts
52
OS
Windows 11
Devlin1888 since the first time I've used Malwarebytes which was initially offered by a UK bank for free the software has always been excessive over PUP's and most of these PUP's have supposedly been attached to bona fide software like Reg Organiser and Ashampoo WInoptimizer.
 

My Computer

System One

  • OS
    Windows 11

User1234

On the naughty step
Local time
2:05 AM
Posts
926
Devlin1888 since the first time I've used Malwarebytes which was initially offered by a UK bank for free the software has always been excessive over PUP's and most of these PUP's have supposedly been attached to bona fide software like Reg Organiser and Ashampoo WInoptimizer.
I guess that's why it's called a potentially unwanted program. It's on the user to know whether it's wanted or not. A Pup isn't a virus or necessarily something bad.
 

My Computer

System One

  • Computer type
    PC/Desktop

The-Hive

The First Three Star Guru
Guru
VIP
Local time
2:05 AM
Posts
11,304
Location
Wiltshire UK
OS
Windows 11 Pro
Well done @Devlin1888 I have been telling people that for years, and it falls on deaf ears as people always fear the worst, not helped by some of the software which flags up big red boxes and crosses which scan start a panic for some people
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen Core i9 10900K
    Memory
    32GB
    Graphics Card(s)
    Geforce RTX 2080 Super
    Sound Card
    Nvidia HD
    Screen Resolution
    1920x1080
    Hard Drives
    C: Samsung 2TB P981A
    D: Samsung 2TB 970 Evo
    Case
    Dark side of the moon
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer AX1650i Wi-Fi Network Adaptor
    Alienware Z01G Graphic Amplifier
    Tobii Eye Tracker
  • Operating System
    Dual Boot Windows 11 Pro / Windows 11 Pro Dev build
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 3501
    CPU
    11th Gen i-7 2.80 gb
    Memory
    16Gb
    Screen Resolution
    1920 x 1080
    Hard Drives
    512Gb SSD
    WD 2GB EXT
    Browser
    Chrome
    Antivirus
    Norton
Top Bottom