zinniaqueen

PUP.optional.CrossRider and more...really don't know what to do

31 posts in this topic

 Results of screen317's Security Check version 0.99.72  

 Windows XP Service Pack 3 x86   

 Internet Explorer 8  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

 AVG Free 9.0    

`````````Anti-malware/Other Utilities Check:````````` 

 MVPS Hosts File  

 Spybot - Search & Destroy 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 JavaFX 2.1.0    

 Java 7 Update 9  

 Java version out of Date! 

 Adobe Flash Player 11.7.700.224  

 Adobe Reader 8 Adobe Reader out of Date! 

 Adobe Reader XI (KB403742..) 

````````Process Check: objlist.exe by Laurent````````  

 AVG avgwdsvc.exe 

 AVG avgtray.exe 

 AVG avgrsx.exe 

 AVG avgnsx.exe 

 AVG avgemc.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:: 31% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 

Share this post


Link to post
Share on other sites

PUP means Potentially Unwanted Program:

http://searchsecurity.techtarget.com/definition/PUP

---------------------------------------------------------------------------

Malwarebytes just started aggressively detecting PUPs and that's why we are seeing a flood of people complaining about them.
http://blog.malwarebytes.org/news/2013/07/malwarebytes-adopts-aggressive-pup-policy/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Out dated programs on the system are vulnerable to malware.
Please update or uninstall them:


------------------------------

Uninstall any and all Java from your add/remove programs:
JavaFX 2.1.0
Java 7 Update 9

Java version out of Date!
<-------Download and install the latest version (Version 25) from Here
Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

----------------------------


Adobe Reader 8 Adobe Reader out of Date! <---uninstall from add/remove programs
Adobe Reader XI (KB403742..) <---------OK

-----------------------------

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

If you used DeFogger to disable your CD Emulation drivers, please re-enable them.

-------------------------------

Please download OTC to your desktop.
http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")
Click on the CleanUp! button and follow the prompts.
(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)
You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete.
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again. (may be down right now)
Cached version:
http://webcache.googleusercontent.com/search?q=cache:T4_y-D1qZAoJ:maddoktor2.com/forums/index.php%3Ftopic%3D46886.0+&cd=3&hl=en&ct=clnk&gl=us

Good Luck and Thanks for using the forum, MrC

Share this post


Link to post
Share on other sites

OK, I think I've done everything on the list. A few questions/comments:

 

Ran OTC and it left JRT and SecurityCheck on the desktop--I can just delete, as in hit the delete key and click yes when it asks if I really wanna delete them, right? (vs "uninstalling" them, right?)

 

Had to leave for a few hours, so ran MBAM on a complete scan. It found PUP.Optional.OpenCandy.  Can I just delete via MBAM or do I need to go through more elaborate process like we just did?

Share this post


Link to post
Share on other sites
Ran OTC and it left JRT and SecurityCheck on the desktop--I can just delete, as in hit the delete key and click yes when it asks if I really wanna delete them, right? (vs "uninstalling" them, right?)

 

Yes

 

Had to leave for a few hours, so ran MBAM on a complete scan. It found PUP.Optional.OpenCandy.  Can I just delete via MBAM or do I need to go through more elaborate process like we just did?

 

Just let MB delete it.

 

As the data base of Malwarebytes gets updated, you're going to find leftovers in the logs.

 

MrC

Share this post


Link to post
Share on other sites

My Preventive Maintenance

Now that the system is clean.

------------------------

 

Delete your system restore files and create a new restore point:(you may have already done this)

Create new system restore point for Vista and W7

Create new system restore point for Windows XP

Clear old system restore points except for the last one

------------------------

If you have used ComboFix and have the XP Recovery Console installed I suggest you keep it on your XP system.

Here's a Tweak so the computer boots up faster with it.

If you would like to uninstall the Recovery Console, please let me know and I'll give you instructions to do so.

-------------------

Install all critical Windows Updates:

Visit Windows Update and install all the lastest critical updates.

--------------------

Optional programs you may need:

Please note:  DON'T download and install any scanner listed on THIS LIST.

They're scanners that are blacklisted because of their questionable reputation.

Note: Please only install one anti-virus program, one firewall and one anti-malware program that provides real-time protection.

A good security plan:

An anti-virus program, a firewall (For XP) - (Vista and Windows 7 firewalls are OK), an anti-malware program that provides realtime protection, keep the registry backed up (mainly for XP), and install the Windows XP Recovery Console.

What do I use and recommend: (I'm using XP pro)

Malwarebytes Anti-Malware Pro (provides realtime protection)

Microsoft Security Essentials (anti-virus)

PC Tools firewall (for XP)... (Vista and W7 firewalls are OK)

Google Chrome

Keep the registry backed up

XP Recovery Console

WOT

OpenDNS

Malwarebytes Anti-Exploit

Links below:

Anti-Virus (free):

Avast Free

Microsoft Security Essentials

Ad-Aware

Anti-malware with "real-time protection" (free):

Microsoft Security Essentials

SuperAntiSpyware Pro and Malwarebytes Pro Anti-Malware

will provide "real time protection" only if you purchase the upgraded version.

I highly recommend that you purchase MalwareBytes Anti-Malware, it's a one time fee, provides excellent protection and you won't regret it.          Read more HERE

Firewalls:

PC Tools Firewall Plus

Comodo Free Firewall w/anti-virus

ZoneAlarm*free

Free malware removal programs:

Malwarebytes' Anti-Malware

SUPERAntiSpyware (free edition)

Dr.Web CureIt!® Utility (Free)

VIPRE Rescue Program

SUPERAntiSpyware Portable Scanner

Microsoft Security Essentials

Free ESET Online Scanner

Microsoft Safety Scanner

Malwarebytes Anti-Exploit

It protects all major browsers (IE, Firefox, Chrome, Opera) and all browser components such as Java, Adobe Reader, Flash, and Shockwave. It blocks standard exploit kits like Blackhole, Sakura, Phoenix, Incognito without requiring signature updates.

AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer.

SpywareBlaster Prevent the installation of spyware and other potentially unwanted software! Simple, effective, trusted.

Windows XP Recovery Console:

If a Windows XP-based computer does not start correctly or if it does not start at all, you may be able to use the Windows XP Recovery Console to help you recover the system software.

Recovery Console Tweak if you do have it installed

Back-up the registry: (everyday > important on XP)

ERUNT tutorial

Keep those temp files off your system:

Use CCleaner (Stay away from the registry cleaner and any other registry cleaner as they do no good!)

Here's a Tutorial if needed.

or

try ATF Cleaner - hit "select all" then just uncheck "cookies" (uncheck cookies is optional - leave it checked if you want to delete all cookies) then "empty selected"

Sun Java:

Keep your Sun Java up-to-date  JRE Version **

Older versions are vulnerable to malware!

Delete ALL old versions from add/remove programs if listed first!

Most people have older versions installed on their system, once you get them cleared off > install the newest version and from then on all you have to do is go to Java in your control panel and click on update or just set Java to automatically check for updates.

Check HERE

Please consider using Foxit Reader instead of  Adobe Reader. Foxit Reader is less vulnerable to malware.

Latest versions of Adobe Flash Player and Adobe Reader

Please consider using Google Chrome or FireFox  instead of Internet Explorer. They're more secure browsers!

Use OpenDNS, a very valuable feature that gives your PC the benefit of extra safety and increased browser speed.

OpenDNS – What is OpenDNS and Why You Absolutely Need It

OpenDNS Start Here

Easy set-upHere

Confirm you're using OpenDNS

Install WOT (Web of Trust)

The WOT add-on shows you which websites you can trust based on millions of users' experiences.

Our safe surfing browser tool is easy-to-use, fast and completely free. Install it now!

Blocking Unwanted Parasites with a Hosts File "MVPS HOSTS"

Do Not Track Plus

Blocks tracking cookies

Removes those tracking cookies > Cookienator, run it once a week.

Panda USB and AutoRun Vaccine

Useful information:

Reduce Online Fraud

Slow Computer - Check Here

and HERE

Microsoft Fix it Center Fix those annoying Windows problems

How to Prevent the Online Invasion of Spyware and Adware

Miekiemoes Prevention Tips

Three more sites to check: How did I get infected??

G2G

BleepingComputer

Tony Klein

Some of  My Tips

Don't open e-mail attachments without first scanning them with an up-to-date anti virus program, even after doing that I would be very careful.

Don't click on any executables in e-mails or any other links that you're not sure of.

Don't believe e-mails from your bank, financial institution, etc asking for personal informations - they're most likely fraudulent no matter how authentic they look.

Don't download any  kind of Video Codec when prompted to while watching a movie...it's most likely malware.

Watch your surfing habits, don't click on or download anything you're not sure of.

Don't install a program that hasn't been recommended by a reputable organization.

Don't install toolbars.

If you suddenly get a pop-up or notice that you need to update a program > don't believe it > it may be malware attempting to gain access to your computer. If you what to check for an update , use the program itself > there should be an update tab or button to click on.

Stay away from Peer-to-Peer (P2P) Programs----> Read HERE

Peer-to-peer programs/cracks/keygens/warez warning:

Downloading cracks and keygens from p2p programs ( Limewire, eMule, uTorrent ) is the most common way computers get infected.

They are a security risk which can make your computer susceptible to a variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.

Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.

The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

Malware Fighter:

If you would like to become a malware fighter, there are schools offering free training and you are welcome to sign up. (it's not easy though!)

WhatTheTech Classroom

Malware Removal University

GeeksToGo University

Also Check Here

----------------------

Good luck and thanks for using the forum -  MrC

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.