Solved PUP.Optional in Registry Key will not go away

[angiesluck]

I have found on my husbands laptop a malware that is very persistant at staying on his computer even thou I have run several Malware removals....both in normal mode and in safe mode.....MalwarbytesAnti-Malware finds it...deletes it but it comes back.....I also downloaded in safe mode and tried SuperAntimalware but that does not find anything in registry.....Spybot search and destory finds 1 but it does not show up when you click on show details...nothing shows up! So why can I not get rid of it.......It says its in Registry Key...HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A)

 

[Kaktussoft]

I have found on my husbands laptop a malware that is very persistant at staying on his computer even thou I have run several Malware removals....both in normal mode and in safe mode.....MalwarbytesAnti-Malware finds it...deletes it but it comes back.....I also downloaded in safe mode and tried SuperAntimalware but that does not find anything in registry.....Spybot search and destory finds 1 but it does not show up when you click on show details...nothing shows up! So why can I not get rid of it.......It says its in Registry Key...HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A)

In command prompt:

reg  query  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}  /s

post output

 

[Kaktussoft]

It's just a PUP Remove PUP.Optional.Bandoo.A (Removal Guide)

 

[Kaktussoft]

In command prompt:

reg  delete  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}

It's safe to delete that key

 

[angiesluck]

It says unable to find registry key or value......have I written it down wrong perhaps! Oh I tried the Adwcleaner but to no avail

 

[Kaktussoft]

It says unable to find registry key or value......have I written it down wrong perhaps! Oh I tried the Adwcleaner but to no avail

Is this your thread https://forums.malwarebytes.org/index.php?showtopic=132533 ?
It lists the same key!

 

[Kaktussoft]

Is string 9D717F81-9148-4f12-8568-69135F087DB0 anywhere in registry (start at top and use search option)

 

[angiesluck]

how weird ...nope its not me can. someone have the same key if they too have the same PUP?

 

[angiesluck]

not sure what you mean by your last post

 

[Kaktussoft]

HKey_Current_User\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}

really doesn't exist? run regedit and check

 

[Kaktussoft]

some adware removal program still saying you have PUP.bandoo?

About the key https://www.google.nl/#q=9D717F81-9148-4f12-8568-69135F087DB0

 

[angiesluck]

yes its not there so why does it keep showing up in the malware check?

 

[angiesluck]

MalwareBytes show it up and spybot search and destroy says it has found one but does not show it up when I click on the show details!

 

[Kaktussoft]

yes its not there so why does it keep showing up in the malware check?

You look at wrong malware check log file(?)
You look not at the correct key(?)

You have to buy new spectacles:roflmao:

 

[angiesluck]

try Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully

Just checked log and this is was it always comes up with on checks

 

[Kaktussoft]

MalwareBytes show it up and spybot search and destroy says it has found one but does not show it up when I click on the show details!

Maybe the key is hidden by some virus?

 

[Layback Bear]

Sometime one security scan will show the infection if the other security scan still has the infection in its Logs or Quarantine sections.

 

[Kaktussoft]

try Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully

Just checked log and this is was it always comes up with on checks

Quarantined and deleted successfully

so the key has been deleted!! Just what you want. Message comes back everytime?

 

[UsernameIssues]

You can let us see what you see by posting a screenshot of Malwarebytes' scan.

Here is how to do that:
http://www.sevenforums.com/tutorials/9733-screenshots-files-upload-post-seven-forums.html

You could also attach the text log file that a Malwarebytes scan creates.

 

[angiesluck]

message always come back...i will check for it again in a few minutes and it should show