Malwarebytes just found tons of PUPs what gives?


sdowney717

Well-known member
Member
VIP
Local time
11:39 PM
Posts
1,091
OS
windows 11
Are these really anything?
All sorts of things in App Data Local Google chrome user?
Never seen this before.
Seems like nonsense, makes me think if I quarantine them something will break?
Only thing I noticed was 'securysearch' extension was installed, and redirected my searches to using Yahoo instead of Bing, so I removed the extension, which I dont recall installing.


Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/27/22
Scan Time: 2:34 AM
Log File: ee47260c-ad97-11ec-a654-bcaec5c2a07b.json

-Software Information-
Version: 4.5.6.180
Components Version: 1.0.1634
Update Package Version: 1.0.52922
License: Trial

-System Information-
OS: Windows 11 (Build 22000.556)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 294091
Threats Detected: 29
Threats Quarantined: 0
Time Elapsed: 7 min, 55 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
PUP.Optional.SecurySearch, HKU\S-1-5-21-3995664575-3804192487-1385624515-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 6
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,

File: 22
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 423, 673794, , , , , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 423, 673794, , , , , 9EBA0E2997FB001A1A7995539503F95F, F108F32505FD0D47DB5178B2F11DE4847F02ECB6792860CEF137B27D8A70378C
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, No Action By User, 423, 673794, , , , , 422B6E24285FC73E70E1C16FDDB27A0A, 54E9B828C144342042D318D1A87F01B7514C5E077DEFC2A66FE87ED52532E173
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, No Action By User, 423, 673794, , , , , FFA9C11ECE699B31B483A31845FAC079, 9DD79F1E6FB276539B9C8D47A4DE8D8D92176903C10B7FBD2A550F8BE8B60540
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, No Action By User, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, No Action By User, 423, 673794, , , , , 00CCCAD494633AD7DFAE4D34711DA0F7, 28784D27046033A659E92A8E73B13550110D1DF301C4918C5895937D87DB0452
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, No Action By User, 423, 673794, , , , , 230E73D62DA56A2A2537C0A20BCA2E58, BBBD540FC4A0CF12BEF530C034225A33A1FCCBED5856A3413B2232794CAC0B27
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, No Action By User, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 423, 673794, , , , , 6DD2F33269315524A7E6B8582BB40940, F0B2ED76EDBAA5210CC4CED01AB99218223449828057506D254B795DFAA60C74
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004489.log, No Action By User, 423, 673794, , , , , 04C01CB214D8C02E111CA7DCF2D24D8E, 16E20BA2F3CFDE7B85ED4C99ADD955078AB582692BDC036F4BDFDDDDAEA6DD4F
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004491.ldb, No Action By User, 423, 673794, , , , , 98A2CDD44D2B0295E78868D469247899, 4EB5A2C96CD353411986B226400463AA7A8F55EE2ED6AC43D0AC83214957899B
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 423, 673794, , , , , DAC69ECB7792CAEE371CE3AC7FE1FD97, 704F648FBB60F794A584E6E700BBA5ABC64DE0A15C67CA6B899F1AFD44FAEDC8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 423, 673794, , , , , 252FBE93F254565569C6D4AFA58BC991, 7BE404A3D06C4F5BA2D3E8F57BCF5D0A23B1D2E20EEDA787B4F5FA8EFB001734
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 423, 673794, , , , , C106AAD088DF9105AE2DFF4EA64F9935, 105E24670F01295CDC214A034C9A76FBAD112A4406D1AD9828AC4AE0BBA2CD58
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb
The thing with a PUP is it potentially unwanted, on the other hand they may be wanted. A lot of programs these days do go a bit OTT with detections, You need to find the culprits and decide for yourself if they are wanted or not. I am not that good at reading those reports but it indicates to me possibly Chrome or extensions, any change with those? try clearing chrome data and trying again. We have seen a couple of instances on here of MB being a bit OTT
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware M18 R1
    CPU
    13th Gen Core i9 13900HX
    Memory
    32GB DDR5 @4800MHz 2x16GB
    Graphics Card(s)
    Geforce RTX 4090HX 16GB
    Sound Card
    Nvidia HD / Realtek ALC3254
    Monitor(s) Displays
    18" QHD+
    Screen Resolution
    25660 X 1600
    Hard Drives
    C: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    D: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    Case
    Dark Metallic Moon
    Keyboard
    Alienware M Series per-key AlienFX RGB
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer Killer AX1690 Wi-Fi Network Adaptor Wi-Fi 6E
    Bluetooth 5.2
    Alienware Z01G Graphic Amplifier
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen i-9 10900 K
    Memory
    32Gb Dual Channel DDR4 @ 8843MHz
    Graphics card(s)
    Nvidia RTX 2080 Super
    Sound Card
    Nvidia
    Screen Resolution
    1920 x 1080
    Hard Drives
    Hard Drive C: Samsung 2TB SSD PM981a NVMe
    Hard Drive D:Samsung 2TB SSD 970 EVO Plus
    Mouse
    Alienware 610M
    Browser
    Chrome
    Antivirus
    Norton
The thing with a PUP is it potentially unwanted, on the other hand they may be wanted. A lot of programs these days do go a bit OTT with detections, You need to find the culprits and decide for yourself if they are wanted or not. I am not that good at reading those reports but it indicates to me possibly Chrome or extensions, any change with those? try clearing chrome data and trying again. We have seen a couple of instances on here of MB being a bit OTT
I decided to quarantine them, figure like you said, has to do with the securysearch extension.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/27/22
Scan Time: 2:34 AM
Log File: ee47260c-ad97-11ec-a654-bcaec5c2a07b.json

-Software Information-
Version: 4.5.6.180
Components Version: 1.0.1634
Update Package Version: 1.0.52922
License: Trial

-System Information-
OS: Windows 11 (Build 22000.556)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 294091
Threats Detected: 29
Threats Quarantined: 28
Time Elapsed: 7 min, 55 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
PUP.Optional.SecurySearch, HKU\S-1-5-21-3995664575-3804192487-1385624515-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 6
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Removal Failed, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 423, 673794, , , , , ,

File: 22
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 423, 673794, , , , , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, 423, 673794, , , , , 9EBA0E2997FB001A1A7995539503F95F, F108F32505FD0D47DB5178B2F11DE4847F02ECB6792860CEF137B27D8A70378C
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, Quarantined, 423, 673794, , , , , 422B6E24285FC73E70E1C16FDDB27A0A, 54E9B828C144342042D318D1A87F01B7514C5E077DEFC2A66FE87ED52532E173
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, Quarantined, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, Quarantined, 423, 673794, , , , , FFA9C11ECE699B31B483A31845FAC079, 9DD79F1E6FB276539B9C8D47A4DE8D8D92176903C10B7FBD2A550F8BE8B60540
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, Quarantined, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\000003.log, Quarantined, 423, 673794, , , , , 00CCCAD494633AD7DFAE4D34711DA0F7, 28784D27046033A659E92A8E73B13550110D1DF301C4918C5895937D87DB0452
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\CURRENT, Quarantined, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOCK, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\LOG, Quarantined, 423, 673794, , , , , 230E73D62DA56A2A2537C0A20BCA2E58, BBBD540FC4A0CF12BEF530C034225A33A1FCCBED5856A3413B2232794CAC0B27
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\omieocempinhilcpbmnfdaamgomapded\MANIFEST-000001, Quarantined, 423, 673794, , , , , 5AF87DFD673BA2115E2FCF5CFDB727AB, F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Quarantined, 423, 673794, , , , , 6DD2F33269315524A7E6B8582BB40940, F0B2ED76EDBAA5210CC4CED01AB99218223449828057506D254B795DFAA60C74
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004489.log, Quarantined, 423, 673794, , , , , 04C01CB214D8C02E111CA7DCF2D24D8E, 16E20BA2F3CFDE7B85ED4C99ADD955078AB582692BDC036F4BDFDDDDAEA6DD4F
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\004491.ldb, Quarantined, 423, 673794, , , , , 98A2CDD44D2B0295E78868D469247899, 4EB5A2C96CD353411986B226400463AA7A8F55EE2ED6AC43D0AC83214957899B
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Quarantined, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Quarantined, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Quarantined, 423, 673794, , , , , DAC69ECB7792CAEE371CE3AC7FE1FD97, 704F648FBB60F794A584E6E700BBA5ABC64DE0A15C67CA6B899F1AFD44FAEDC8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Quarantined, 423, 673794, , , , , 252FBE93F254565569C6D4AFA58BC991, 7BE404A3D06C4F5BA2D3E8F57BCF5D0A23B1D2E20EEDA787B4F5FA8EFB001734
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Quarantined, 423, 673794, , , , , C106AAD088DF9105AE2DFF4EA64F9935, 105E24670F01295CDC214A034C9A76FBAD112A4406D1AD9828AC4AE0BBA2CD58
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, 423, 673794, 1.0.52922, , ame, , 49E86B69EF79ACB24BFCC3F25718D866, D76E2E0D3506A91B870E272DEDD3F03A79C9F9E931172EE2FDB8E06A75C24471

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb
Good plan, I reckon if they are need they may be recreated and if everything is running fine that is ok. It is easy to panic when you see those sort of popups
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware M18 R1
    CPU
    13th Gen Core i9 13900HX
    Memory
    32GB DDR5 @4800MHz 2x16GB
    Graphics Card(s)
    Geforce RTX 4090HX 16GB
    Sound Card
    Nvidia HD / Realtek ALC3254
    Monitor(s) Displays
    18" QHD+
    Screen Resolution
    25660 X 1600
    Hard Drives
    C: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    D: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    Case
    Dark Metallic Moon
    Keyboard
    Alienware M Series per-key AlienFX RGB
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer Killer AX1690 Wi-Fi Network Adaptor Wi-Fi 6E
    Bluetooth 5.2
    Alienware Z01G Graphic Amplifier
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen i-9 10900 K
    Memory
    32Gb Dual Channel DDR4 @ 8843MHz
    Graphics card(s)
    Nvidia RTX 2080 Super
    Sound Card
    Nvidia
    Screen Resolution
    1920 x 1080
    Hard Drives
    Hard Drive C: Samsung 2TB SSD PM981a NVMe
    Hard Drive D:Samsung 2TB SSD 970 EVO Plus
    Mouse
    Alienware 610M
    Browser
    Chrome
    Antivirus
    Norton
Yup i'd quarantine them and then delete them.
 

My Computer

System One

  • OS
    11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    10700k@5.2
    Motherboard
    Gigabyte Gaming X Z490
    Memory
    Viper Steelseries 32gb@ 3600mhz
    Graphics Card(s)
    Gigabyte 2070 Super 8GB, +200 core + 600 memory
    Monitor(s) Displays
    ASUS 4k HDR, Two 1080p Benq and Samsung
    Screen Resolution
    3840x2160/2560x1440/1920x1080
    Hard Drives
    Adata XPG SX8200 PRO 1tb
    Samsung EVO 870 500GB
    PSU
    Corsair RX 650
    Case
    NZXT h510
    Cooling
    CM HYPER 212 RGB
    Keyboard
    Razer Ornata Chroma
    Mouse
    Steelseries Rival 710
I read things about... if you have other devices synched, like phones, etc., unwanted stuff can come in through those devices. When there's a problem and cleaning up is required, all the devices should be cleaned. I, myself, don't synch anything to my pc's.
 

My Computer

System One

  • OS
    Windows 11/Linux Mint
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 960
    CPU
    Intel Core 2 Duo CPU E8400 @ 3.00 GHz x 2
    Memory
    8 GB
    Graphics Card(s)
    Intel 4 Series Chipset Integrated Graphics Controller
    Monitor(s) Displays
    HP x22LED
    Hard Drives
    Crucial 250 GB SSD, HD 1Tb
I read things about... if you have other devices synched, like phones, etc., unwanted stuff can come in through those devices. When there's a problem and cleaning up is required, all the devices should be cleaned. I, myself, don't synch anything to my pc's.
yes, seen that too, extensions get synced onto other PC
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb
This AM, scanning. MBytes found 12 more pups related to securysearch, so I quarantined them.
Whatever securysearch is, seems a persistent issue.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/28/22
Scan Time: 4:30 AM
Log File: 58742910-ae71-11ec-b5b8-bcaec5c2a07b.json

-Software Information-
Version: 4.5.6.180
Components Version: 1.0.1634
Update Package Version: 1.0.52950
License: Trial

-System Information-
OS: Windows 11 (Build 22000.556)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 293694
Threats Detected: 12
Threats Quarantined: 0
Time Elapsed: 8 min, 31 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 1
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 423, 673794, , , , , ,

File: 11
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 423, 673794, , , , , 5E4541B6A8DC363259495B27B005F40F, E37A177786916561BE2799EE60AC6D4C622F31614D7FE49C07709886D1BDA6D8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000036.ldb, No Action By User, 423, 673794, , , , , 9B76760781BD6BD6C12DF00FF91B5F8D, EA1A064B7CC0B2C6BA2280FDE8992162A4F22B58BFC477FE8ADD2E32573F45F8
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000037.log, No Action By User, 423, 673794, , , , , 1A2D6CB7500E5A3CD669FCE8FD778292, 98A1677505E598811792A9745F3BE2F59FB98689C03723E032A3A88D5A206A7D
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000038.ldb, No Action By User, 423, 673794, , , , , 1177EF77792843574154D5C53562FA10, 06CF24D8F1C5E30CFD0454EDF37930CAA59D61A4E5CB26383B65754F6590C442
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 423, 673794, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 423, 673794, , , , , ,
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 423, 673794, , , , , BB877BAD3EFB05A7BA31BF3875E8C58B, F8C27C70D0F827C539F1B28DA5D4982C4F2B389290865EAEE551ADA070FE7DA6
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 423, 673794, , , , , 9DDACDF38D1BB6700D6690D87277A3CE, 794BBE5E06C88F9300D7B611F7AB126B61C8712892B114BF35D11C20C649BBA1
PUP.Optional.SecurySearch, C:\Users\sdown\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 423, 673794, , , , , BB398885E6B14D5A00A9BE17E87B5EAF, 0A01E221C5F3C6BFBF0A91D75466946463EFD282792290C6E571B09484D3F34C
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 423, 673794, , , , , 5EF9B87E2421904398840897A43B4586, BEAE925148FC9D3A79D2B89B6A1D6521021A9B14CF9A2CB0BB8621E6463C7F20
PUP.Optional.SecurySearch, C:\USERS\SDOWN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 423, 673794, 1.0.52950, , ame, , 459269F799B994481206B370F2674152, B9B218C8462213970FF2812864B5FBC229B5BD9ADDF1F9896A3FB1C836402AEB

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb
Have you tried Malwarebytes AdwCleaner ? Check what it selects before quarantining and removing. These three apps I want to keep.

2022-03-28 11_56_11-2022-03-28 11_54_11-AdwCleaner - Free Adware Cleaner & Removal Tool _ Malw...png
 

My Computers

System One System Two

  • OS
    Win 11 Home & 🐥.
    Computer type
    Laptop
    Manufacturer/Model
    ACER Nitro AN16-41
    CPU
    AMD Ryzen™ 7 7735HS Processor 3.2Ghz
    Motherboard
    RB Sierra_PEH (FP7)
    Memory
    32 GB DDR5 4800MHz
    Graphics Card(s)
    NVIDIA GeForce RTX 4060 8GB GDDR6
    Monitor(s) Displays
    16" QHD+ 165Hz 16:10 IPS Technology
    Screen Resolution
    1920 X 1200
    Hard Drives
    Samsung 990 PRO 2TB
    PSU
    330 Watts
    Mouse
    Lenovo Bluetooth.
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
  • Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    ACER NITRO
    CPU
    AMD Ryzen 7 5800H / 3.2 GHz
    Motherboard
    CZ Scala_CAS (FP6)
    Memory
    32 GB DDR4 SDRAM 3200 MHz
    Graphics card(s)
    NVIDIA GeForce RTX 3060 6 GB GDDR6 SDRAM
    Sound Card
    Realtek Audio. NVIDIA High Definition Audio
    Monitor(s) Displays
    15.6" LED backlight 1920 x 1080 (Full HD) 144 Hz
    Screen Resolution
    1920 x 1080 (Full HD)
    Hard Drives
    Samsung 970 Evo Plus 2TB NVMe M.2
    PSU
    180 Watt, 19.5 V
    Mouse
    Lenovo Bluetooth
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
Have a read

 

My Computer

System One

  • OS
    w7/10/11ip
    Computer type
    Laptop
    Manufacturer/Model
    hp probook 450 g8
    CPU
    i5 11th gen
Have a read

Yesterday I uninstalled the extension and ran MBytes, so you would think it gone.
But then this AM a Mbytes scan shows it is there again, but no securysearch extension is installed.
Maybe some leftovers from yesterday still hanging around this am??

You know I did not install the extension, it just showed up on its own.
Maybe it installed with me installing some sketchy program?

This am I ran HitmanPro, and it cleared off thousands of tracking cookies, plus a downloaded 'malware program' called peace from 2021, dont think any of that is related to securysearch
 

My Computer

System One

  • OS
    windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    some kind of old ASUS MB
    CPU
    old AMD B95
    Motherboard
    ASUS
    Memory
    8gb
    Hard Drives
    ssd WD 500 gb
Yesterday I uninstalled the extension and ran MBytes, so you would think it gone.
But then this AM a Mbytes scan shows it is there again, but no securysearch extension is installed.
Maybe some leftovers from yesterday still hanging around this am??

You know I did not install the extension, it just showed up on its own.
Maybe it installed with me installing some sketchy program?

This am I ran HitmanPro, and it cleared off thousands of tracking cookies, plus a downloaded 'malware program' called peace from 2021, dont think any of that is related to securysearch
Quarantine doesn't mean it deletes them, It makes them safe and stores them there, Always delete them. Id run Adwcleaner as suggested above for sure, Quarantine them then delete them. I should have said yesterday but i was busier than i'd like to have been sorry!
 

My Computer

System One

  • OS
    11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    10700k@5.2
    Motherboard
    Gigabyte Gaming X Z490
    Memory
    Viper Steelseries 32gb@ 3600mhz
    Graphics Card(s)
    Gigabyte 2070 Super 8GB, +200 core + 600 memory
    Monitor(s) Displays
    ASUS 4k HDR, Two 1080p Benq and Samsung
    Screen Resolution
    3840x2160/2560x1440/1920x1080
    Hard Drives
    Adata XPG SX8200 PRO 1tb
    Samsung EVO 870 500GB
    PSU
    Corsair RX 650
    Case
    NZXT h510
    Cooling
    CM HYPER 212 RGB
    Keyboard
    Razer Ornata Chroma
    Mouse
    Steelseries Rival 710
When I suspect problems, I simply do a factory reset. As soon as I log in to Windows, all my data on OneDrive is there and my Microsoft 365 is there. I reinstall my apps and I'm back with a completely clean system again.
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell XPS 16 9640
    CPU
    Intel Core Ultra 9 185H 45W
    Memory
    32GB LPDDR5x 7467 MT/s
    Graphics Card(s)
    NVIDIA GeForce RTX 4070 8GB GDDR6
    Monitor(s) Displays
    16.3 inch 4K+ OLED Infinity Edge Touch
    Screen Resolution
    3840 x 2400
    Hard Drives
    1 Terabyte M.2 PCIe NVMe SSD
    Cooling
    Vapor Chamber Cooling
    Internet Speed
    960 Mbps Netgear Mesh + 2 Satellites
    Browser
    Microsoft Edge (Chromium) + Bing
    Antivirus
    Microsoft Windows Security (Defender)
    Other Info
    Microsoft 365 subscription
    Microsoft OneDrive 1TB Cloud
    Microsoft Visual Studio
    Microsoft Visual Studio Code
    Microsoft PowerToys
    Macrium Reflect
    Dell Support Assist
    Dell Command | Update
    LastPass Password Manager
    Amazon Kindle for PC
    Interactive Brokers Trader Workstation
    Lightroom/Photoshop subscription
    BitLocker
    CoPilot
When I suspect problems, I simply do a factory reset. As soon as I log in to Windows, all my data on OneDrive is there and my Microsoft 365 is there. I reinstall my apps and I'm back with a completely clean system again.
A bit OTT but sure 😂
 

My Computer

System One

  • OS
    11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    10700k@5.2
    Motherboard
    Gigabyte Gaming X Z490
    Memory
    Viper Steelseries 32gb@ 3600mhz
    Graphics Card(s)
    Gigabyte 2070 Super 8GB, +200 core + 600 memory
    Monitor(s) Displays
    ASUS 4k HDR, Two 1080p Benq and Samsung
    Screen Resolution
    3840x2160/2560x1440/1920x1080
    Hard Drives
    Adata XPG SX8200 PRO 1tb
    Samsung EVO 870 500GB
    PSU
    Corsair RX 650
    Case
    NZXT h510
    Cooling
    CM HYPER 212 RGB
    Keyboard
    Razer Ornata Chroma
    Mouse
    Steelseries Rival 710
It always does mate from the first days of Malwarebytes and did my computing head in and now I use Bitdefender.......
 

My Computer

System One

  • OS
    Windows 11
It always does mate from the first days of Malwarebytes and did my computing head in and now I use Bitdefender.......
It always does what?
 

My Computer

System One

  • OS
    11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    10700k@5.2
    Motherboard
    Gigabyte Gaming X Z490
    Memory
    Viper Steelseries 32gb@ 3600mhz
    Graphics Card(s)
    Gigabyte 2070 Super 8GB, +200 core + 600 memory
    Monitor(s) Displays
    ASUS 4k HDR, Two 1080p Benq and Samsung
    Screen Resolution
    3840x2160/2560x1440/1920x1080
    Hard Drives
    Adata XPG SX8200 PRO 1tb
    Samsung EVO 870 500GB
    PSU
    Corsair RX 650
    Case
    NZXT h510
    Cooling
    CM HYPER 212 RGB
    Keyboard
    Razer Ornata Chroma
    Mouse
    Steelseries Rival 710
Looks like a Hijacker, look at these sites



Can you restore from an image created before this happened?
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware M18 R1
    CPU
    13th Gen Core i9 13900HX
    Memory
    32GB DDR5 @4800MHz 2x16GB
    Graphics Card(s)
    Geforce RTX 4090HX 16GB
    Sound Card
    Nvidia HD / Realtek ALC3254
    Monitor(s) Displays
    18" QHD+
    Screen Resolution
    25660 X 1600
    Hard Drives
    C: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    D: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    Case
    Dark Metallic Moon
    Keyboard
    Alienware M Series per-key AlienFX RGB
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer Killer AX1690 Wi-Fi Network Adaptor Wi-Fi 6E
    Bluetooth 5.2
    Alienware Z01G Graphic Amplifier
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen i-9 10900 K
    Memory
    32Gb Dual Channel DDR4 @ 8843MHz
    Graphics card(s)
    Nvidia RTX 2080 Super
    Sound Card
    Nvidia
    Screen Resolution
    1920 x 1080
    Hard Drives
    Hard Drive C: Samsung 2TB SSD PM981a NVMe
    Hard Drive D:Samsung 2TB SSD 970 EVO Plus
    Mouse
    Alienware 610M
    Browser
    Chrome
    Antivirus
    Norton
Devlin1888 since the first time I've used Malwarebytes which was initially offered by a UK bank for free the software has always been excessive over PUP's and most of these PUP's have supposedly been attached to bona fide software like Reg Organiser and Ashampoo WInoptimizer.
 

My Computer

System One

  • OS
    Windows 11
Devlin1888 since the first time I've used Malwarebytes which was initially offered by a UK bank for free the software has always been excessive over PUP's and most of these PUP's have supposedly been attached to bona fide software like Reg Organiser and Ashampoo WInoptimizer.
I guess that's why it's called a potentially unwanted program. It's on the user to know whether it's wanted or not. A Pup isn't a virus or necessarily something bad.
 

My Computer

System One

  • OS
    11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    10700k@5.2
    Motherboard
    Gigabyte Gaming X Z490
    Memory
    Viper Steelseries 32gb@ 3600mhz
    Graphics Card(s)
    Gigabyte 2070 Super 8GB, +200 core + 600 memory
    Monitor(s) Displays
    ASUS 4k HDR, Two 1080p Benq and Samsung
    Screen Resolution
    3840x2160/2560x1440/1920x1080
    Hard Drives
    Adata XPG SX8200 PRO 1tb
    Samsung EVO 870 500GB
    PSU
    Corsair RX 650
    Case
    NZXT h510
    Cooling
    CM HYPER 212 RGB
    Keyboard
    Razer Ornata Chroma
    Mouse
    Steelseries Rival 710
Well done @Devlin1888 I have been telling people that for years, and it falls on deaf ears as people always fear the worst, not helped by some of the software which flags up big red boxes and crosses which scan start a panic for some people
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware M18 R1
    CPU
    13th Gen Core i9 13900HX
    Memory
    32GB DDR5 @4800MHz 2x16GB
    Graphics Card(s)
    Geforce RTX 4090HX 16GB
    Sound Card
    Nvidia HD / Realtek ALC3254
    Monitor(s) Displays
    18" QHD+
    Screen Resolution
    25660 X 1600
    Hard Drives
    C: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    D: KIOXIA (Toshiba) 2TB KXG80ZNV2T04 NVMe PCIe M.2 SSD
    Case
    Dark Metallic Moon
    Keyboard
    Alienware M Series per-key AlienFX RGB
    Mouse
    Alienware AW610M
    Browser
    Chrome and Firefox
    Antivirus
    Norton
    Other Info
    Killer E3000 Ethernet Controller
    Killer Killer AX1690 Wi-Fi Network Adaptor Wi-Fi 6E
    Bluetooth 5.2
    Alienware Z01G Graphic Amplifier
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Alienware Area 51m R2
    CPU
    10th Gen i-9 10900 K
    Memory
    32Gb Dual Channel DDR4 @ 8843MHz
    Graphics card(s)
    Nvidia RTX 2080 Super
    Sound Card
    Nvidia
    Screen Resolution
    1920 x 1080
    Hard Drives
    Hard Drive C: Samsung 2TB SSD PM981a NVMe
    Hard Drive D:Samsung 2TB SSD 970 EVO Plus
    Mouse
    Alienware 610M
    Browser
    Chrome
    Antivirus
    Norton

Latest Support Threads

Back
Top Bottom