Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: PUP detections from MalwareBytes

17 Jul 2016   #1
LevelBest

Windows 7 Home Premium 64 Bit (Service Pack 1)
 
 
PUP detections from MalwareBytes

Hi

I regularly scan with MalwareBytes (alongside my existing AV). MW usually reports back as no issues but today it reported 5 PUPs namely Optional Optimizer Elite Max (screenshots below). I'm struggling to think how I could have picked these up. Yesterday, I installed an update for Adobe Flash but am always mindful to de-select any optionals.

Any ideas as to how I could have picked these up? I got MW to delete them all and re-ran the programme and it reports all clear.

LevelBest




Attached Thumbnails
PUP detections from MalwareBytes-malwarebytes-pup-det3ections-17-july-2016-delete.gif   PUP detections from MalwareBytes-malwarebytes-pup-det3ections-17-july-2016.gif  
My System SpecsSystem Spec
.
17 Jul 2016   #2
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

It comes bundled with other software that you must have installed. Review installed software sorted by install date using:
GeekUninstaller
Also see:

https://www.malwarebytes.com/pup/
My System SpecsSystem Spec
17 Jul 2016   #3
HAVOC

Windows 7 Professional 64bit
 
 

Have you installed any "free" programs recently? Did you restart your computer after removal of the PUP's and do another scan with Malwarebytes?
My System SpecsSystem Spec
.

17 Jul 2016   #4
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

RE: FlashPlayer. I always get the clean downloads as it's often bundled with unwanted extras:

For Internet Explorer :
http://fpdownload.macromedia.com/pub..._player_ax.exe

For Mozilla Firefox & Chrome :
http://fpdownload.macromedia.com/pub...ash_player.exe

Plus I always do a clean install of flashplayer each time it is updated. (Fully remove old version first)
My System SpecsSystem Spec
17 Jul 2016   #5
LevelBest

Windows 7 Home Premium 64 Bit (Service Pack 1)
 
 

Quote   Quote: Originally Posted by [URL
https://www.malwarebytes.com/pup/[/URL]
That info is interesting. I was on a couple of websites this morning where I had to click the 'x' to close down. I haven't installed any programmes of late, nothing new shows in programmes. The most recent update was the Adobe Flash yesterday. My feeling is it was the closing down of pop ups with the 'x' - I must remember to use Alt, Control and Delete which I usually do (too much of the falling down water last night, I reckon ).

Yes, I did another scan with MalwareBytes and no problem this time and I also did a full scan with my usual AV - again no issues.

I'm pretty confident all is well I was just surprised as MW normally reports back with no issues.

LevelBest
My System SpecsSystem Spec
17 Jul 2016   #6
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

The date on your screenshot would appear to indicate that Optimizer Elite Max installed on 17 July at 13.10 so check if you installed anything else at that time.

RE: MBAM. It will render the Optimizer Elite Max program ineffective but will not remove it.
My System SpecsSystem Spec
17 Jul 2016   #7
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Quote   Quote: Originally Posted by Callender View Post

RE: MBAM. It will render the Optimizer Elite Max program ineffective but will not remove it.
Are you sure about that?
Normally, if MBAM detects the PUP, it more than likely can and will remove it, IF the user's settings are properly configured.

@LevelBest, please open the MBAM GUI > Settings > Detection and Protection > Non-Malware Protection and make sure that both PUPs and PUMs are set to "Treat Detections as Malware".
You may need to rescan and then reboot for full removal.

Having said that, some PUPs can be tricky to fully remove (requiring a custom script by a trained expert).
Others can respawn e.g. from Google sync or other places, and/or the user may inadvertently reinstall the PUP by failing to opt out during installation of wanted, legitimate software (#1 way that PUPs get on to the system).

If there is any question, @LevelBest, it would help if you could please attach the latest MBAM SCAN log as a *.txt file to your next reply here. Let us know if you need help locating, exporting or attaching it.

Thanks,
MM
My System SpecsSystem Spec
17 Jul 2016   #8
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

I'm not entirely sure but it will not stop any Optimizer Elite Max running processes and Optimizer Elite Max scheduled tasks before running the uninstaller. Maybe MBAM deletes everything on boot?

I'm just going on past experience as I don't have MBAM installed currently so can't test.
My System SpecsSystem Spec
17 Jul 2016   #9
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Quote   Quote: Originally Posted by Callender View Post
I'm not entirely sure but it will not stop any Optimizer Elite Max running processes and Optimizer Elite Max scheduled tasks before running the uninstaller. Maybe MBAM deletes everything on boot?

I'm just going on past experience as I don't have MBAM installed currently so can't test.
The PUP database changes -- new PUPs are added, and others may be removed. So your past experience may not reflect the current status.

If you have a potential PUP sample that may not be detected by MBAM, I'm sure that the Research Team would welcome the sample for analysis.
They have a rigorous process for evaluating such files for inclusion in the database.
But if the file is coming up in scans (as shown by the GUI snippet provided by the OP), then, chances are, it *will* remove it.
But, yes, some PUPs and malware need a reboot for full removal.
And some malware and even PUPs require the use of multiple tools and/or custom scripts for complete removal.

Until then, it would greatly help at least to see @LevelBest's MBAM scan log -- without it, we are only speculating.
@LevelBest, this tutorial HERE shows how to locate, export to a *******.txt******* (not *.xml) file; you can then please ATTACH it to your next reply here in this thread.

We can go from there.

Cheers,
MM
My System SpecsSystem Spec
18 Jul 2016   #10
LevelBest

Windows 7 Home Premium 64 Bit (Service Pack 1)
 
 

Hi All

I was downloading Youtube videos yesterday at 1 pm ish, so that's where the malware came from. I did have Adblock for IE11 installed but due to having a few issues with IE11, I had disabled it. I have enabled it again but I have a shrewd suspicion that adblock keeps the comments from being show. I know this is the case with Chrome where I have adblock (which is why I was viewing via IE11).

I've attached the files. All is well with the computer. MW gave me the option to delete the malware and then asked me to re-start to complete the process. I've since run 2 MW scans and my usual AV and all is well.

LevelBest


Attached Files
File Type: txt Scan log MWB 18 07 2016.txt (1.8 KB, 4 views)
My System SpecsSystem Spec
Reply

 PUP detections from MalwareBytes




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
MSE and Malwarebytes
Hi, I would like to know if MSE and Malwarebytes will have no conflict if run together. Thank you
System Security
Malwarebytes has a new software- Malwarebytes Anti Exploit
has anyone installed this? https://www.malwarebytes.org/antiexploit/ I got an email from Malwarebytes about it I just installed the free version on my windows 8 and windows 7 test machines so far I am not seeing any problems but then again I just installed it :P anyone else try it?
System Security
How to report ADWcleaner false positive detections?
Hi, Does anyone know how to report ADWcleaner false positive detections without signing up to the ADWcleaner help forum? I've noticed a couple of problems recently. "Self Destructing Cookies" add on for Cyberfox (Firefox 64bit) was recently being detected but that seems to have been resolved....
General Discussion
is this normal firewall detections?
When using comando and just browsing the internet I get up to 200+ out going connections. I use there DNS and stuff... so maybe thats why but is that alot? 0 incoming.. which I know is the big one... but I also get 225 intrusions blocked... again none are active like getting through but im very...
System Security
malwarebytes?
i have installed malwarebytes, anti malware for a while ago. how often do u use this and scan?
System Security
Malwarebytes Pro
So i just borught and downloaded Malwarebytes pro. When i choose when to do an update and schudle scan it never lets me edit the time, it just stay at 2.12pm and i cant change it. Maybe because i dont know how to use it? Im running AVG internet security with it Edit:
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:54.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App