GlockTalk.com
Home Forums Classifieds Blogs Today's Posts Search Social Groups



  
SIGN-UP
Notices

Glock Talk
Welcome To The Glock Talk Forums.
Reply
 
Thread Tools Display Modes
Old 09-17-2013, 06:18   #1
GLOCK30JOHN
Senior Member
 
Join Date: Jun 2005
Location: North Carolina
Posts: 766
PUP malware

I posted this over in the Tech forum also but hoping for quick replies and help with this so I can stop it before it causes damage to my system. I am running Windows XP.
Yesterday I noticed my computer running very slow and wouldn't connect to the internet. Im running Kaspersky AV 2013 and definitions are up to date. I ran a scan and it showed no threats.I did a system restore of a previous day (3 days back) and everything seemed ok. I have a free copy of Malwarebytes installed. I updated it and ran a quick scan. It found 789 threats of something called PUP was in my documents/settings. I deleted them out, reset my Firefox home page which had been changed to some blank AVG page. Overnight I ran the full scan(5 hrs) on Malwarebytes and it showed the same 789 objects PUP again. I deleted them again and ran a AV scan and the AV scan found nothing. What is this PUP malware? How harmful is this and why does Kaspersky not pick it up or block it? How do I get rid of it Hijackthis? Any useful programs to get rid of it?
GLOCK30JOHN is offline   Reply With Quote
Old 09-17-2013, 06:35   #2
Resqu2
Senior Member
 
Resqu2's Avatar
 
Join Date: Aug 2007
Location: SouthWest VA
Posts: 4,455
pup is potentially unwanted programs and Malwarebytes should get rid of them but make sure each one is checked or it wont remove them.

edit to add Malwarebytes just updated the way they handle pups, that's you so many are now showing up, they did this in July of this year.
__________________
A gun in the hand is better than a cop on the phone.

Last edited by Resqu2; 09-17-2013 at 06:38..
Resqu2 is offline   Reply With Quote
Old 09-17-2013, 06:40   #3
md2lgyk
Senior Member
 
Join Date: Mar 2001
Location: WV
Posts: 2,898
There are a couple of free programs that may help you. One is ADW Cleaner; the other is Junkware Removal Tool. I have used them both and they seem effective. My wife's laptop was pretty hosed up after our granddaughter borrowed it for a while and downloaded all manner of garbage. These two programs took care of everything.
__________________
"The great object is, that every man be armed. Everyone who is able may have a gun." - Patrick Henry
md2lgyk is offline   Reply With Quote
Old 09-17-2013, 06:45   #4
Never Nervous
Senior Member
 
Never Nervous's Avatar
 
Join Date: Aug 2009
Location: Metro ATL
Posts: 2,231
Quote:
Originally Posted by md2lgyk View Post
There are a couple of free programs that may help you. One is ADW Cleaner; the other is Junkware Removal Tool. I have used them both and they seem effective. My wife's laptop was pretty hosed up after our granddaughter borrowed it for a while and downloaded all manner of garbage. These two programs took care of everything.
Good info. I've got two granddaughters so I know what you mean.

NN
__________________
____________________________________________
"Religion is for people who are afraid to go to hell. Spiritually is for people who have already been there."
Never Nervous is offline   Reply With Quote
Old 09-17-2013, 07:29   #5
BigDog[RE]
NRA Member
 
BigDog[RE]'s Avatar
 
Join Date: Oct 2005
Location: Miami, FL
Posts: 1,500
More than likely you are not killing the virus itself because you have a root kit installed. One thing you can do is download tdsskiller from Kaspersky. This is a an anti root kit utility. basically run that first to see what it finds, and then run a full malwarebytes scan.

http://support.kaspersky.com/us/5350#block3

It sounds like you are infected with the pup whitesmoke malware. A lot of times this does come with a root kit, so run the app I mentioned above and it should get it.
BigDog[RE] is offline   Reply With Quote
Old 09-17-2013, 07:39   #6
GLOCK30JOHN
Senior Member
 
Join Date: Jun 2005
Location: North Carolina
Posts: 766
Quote:
Originally Posted by BigDog[RE] View Post
More than likely you are not killing the virus itself because you have a root kit installed. One thing you can do is download tdsskiller from Kaspersky. This is a an anti root kit utility. basically run that first to see what it finds, and then run a full malwarebytes scan.

http://support.kaspersky.com/us/5350#block3

It sounds like you are infected with the pup whitesmoke malware. A lot of times this does come with a root kit, so run the app I mentioned above and it should get it.

Ok I will give that a try also. I am running Super Antispyware now and so far this is what is telling me


no registry threats found
no memory items threats found

file items 917 threats that are as follows

trojan.dropper/win-nv 2 items
trojan.agent/gen 1 item
malware.installer-pkg/gen 15 items
adware,tracking cookie 899 items
GLOCK30JOHN is offline   Reply With Quote
Old 09-17-2013, 08:02   #7
GLOCK30JOHN
Senior Member
 
Join Date: Jun 2005
Location: North Carolina
Posts: 766
Quote:
Originally Posted by BigDog[RE] View Post
More than likely you are not killing the virus itself because you have a root kit installed. One thing you can do is download tdsskiller from Kaspersky. This is a an anti root kit utility. basically run that first to see what it finds, and then run a full malwarebytes scan.

http://support.kaspersky.com/us/5350#block3

It sounds like you are infected with the pup whitesmoke malware. A lot of times this does come with a root kit, so run the app I mentioned above and it should get it.
I just ran the tdsskiller and it found no threats, The Super Antispyware deleted the items it found, I am now running malwarebytes full scan. Thank you for your help.
GLOCK30JOHN is offline   Reply With Quote
Old 09-17-2013, 08:06   #8
smokeross
GTDS Member #49
 
smokeross's Avatar
 
Join Date: May 2011
Location: Alaska
Posts: 4,144
Quote:
Originally Posted by Never Nervous View Post
Good info. I've got two granddaughters so I know what you mean.

NN
I only have one, but when she gets a hold of my laptop.......
__________________
Originally Posted by GTFor died instantly because his lungs froze from breathing in Arctic air.
Shoot Low Boys, They're Riding Shetland Ponies.
smokeross is offline   Reply With Quote
Old 09-17-2013, 09:04   #9
IndyGunFreak
RIP My Friends
 
IndyGunFreak's Avatar
 
Join Date: Jan 2001
Location: Indiana
Posts: 29,697
Send a message via ICQ to IndyGunFreak Send a message via AIM to IndyGunFreak Send a message via MSN to IndyGunFreak Send a message via Yahoo to IndyGunFreak Send a message via Skype™ to IndyGunFreak


Quote:
Originally Posted by md2lgyk View Post
There are a couple of free programs that may help you.
I can think of one in particular..

http://www.ubuntu.com
__________________
Quote:
Originally Posted by GioaJack View Post
The fire is no longer my major concern since I am leaving immediately on an unexpected road trip to Indianapolis. Watch the national news over the next couple of days, I'll wave... well, only if I'm cuffed in the front.
RIP Jack
IndyGunFreak is offline   Reply With Quote
Old 09-17-2013, 09:51   #10
aircarver
Silver Membership
Ride Continues
 
aircarver's Avatar
 
Join Date: May 2002
Location: Ft. Worth TX
Posts: 24,318


Quote:
Originally Posted by IndyGunFreak View Post
I can think of one in particular..

http://www.ubuntu.com
...LOL ....

.
__________________
They'd created a vast, permanently unemployed underclass, dependent upon the Republic's stupendous welfare machine for its very existence, and in so doing, they'd sown the seeds of their own destruction. No one could place two-thirds of a world's population on the Dole and keep them there forever without the entire system crashing . . . but how in hell did one get them off the Dole? -David Weber, Flag in Exile
aircarver is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -6. The time now is 01:14.



Homepage
FAQ
Forums
Calendar
Advertise
Gallery
GT Wiki
GT Blogs
Social Groups
Classifieds


Users Currently Online: 758
192 Members
566 Guests

Most users ever online: 2,244
Nov 11, 2013 at 11:42