January 5, 2021

Dealing with PUP.Optional.StartPage.ShrtCln after installing wrong OpenOffice


I accidentally downloaded OpenOffice from the wrong website ([OpenOffice](https://OpenOffice.de) .de instead of the legit .org). After installing it I booted up my PC again (unrelated Win Update), and after booting Malwarebytes Premium quarantined the Malware PUP.Optional.StartPage.ShrtCln found under AppData/Roaming/OpenOffice Updater/Updater.exe. After that I got suspicious and made a full scan with Malwarebytes and it found 1 Registry Value and 1 Registry Key with the Malware PUP.Optional.OpenOfficeDE. They were quarantined and then deleted.

Then I searched for all files related to OpenOffice and deleted them + uninstalled the Program. I ran AdwCleaner 2x which found some unrelated Files, Preinstalled Software and Registries expect a PUP.Optional.Fake.OpenOfficeUpdater. It also deleted the IFEO keys and reset multiple policies and settings (eg. Winsock), I hope that was the right thing to do.

I can supply with further logs if needed.

My question is if I should look further for any rootkits, format this PC or work with FarbarRST (VirusTotal is showing me 2 Positives with the downloaded .exe?) since PUP.Optional.StartPage seems to be mainly a program that changes the start page of your browser (according to google).

Since I have a lot of important documents on this PC I am really worried about any keylogger, trojans etc..

I am grateful for any help (Y)

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.