PUP.Legacy.Optional

Hello,

Windows10 Chrome -- month ago got a malware popup when on tunein radio. Along with the following popup, a voice came on and said "your pc is infected with Malware, do not ignore this, etc:

** Zeus Virus Detected  - Your Computer Has Been Blocked **

Error: Trojan Backdoor Hijack #365838d7f8a4fa5

---------------------------------------------------------------------

After running adwcl...

False Positive v7?

Today I stumbled upon this detection whilst using Adwcleaner 7.0.1.0:

***** [ Registry ] *****

PUP.Optional.YahooChrome, [Key] - HKLM\SOFTWARE\Yahoo\SS

Afterwards I scanned with other virusscanners (Malwarebytes, MBAR, and Roguekiller) and none of them detected aforementioned registery key. Thus, it seems like a false positive generated by adwcleaner. 

Can someone confirm this?

Kind regard...

My First Post: Are These Internet Explorer\ActiveX Compatibility Entries False Positives

# AdwCleaner 7.0.1.0 - Logfile created on Thu Aug 24 18:42:33 2017

# Updated on 2017/05/08 by Malwarebytes # Database: 08-22-2017.4 # Running on Windows 7 Professional (X64) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

...

Re: More false positives

Yesterday the Windows 10 machine from my wife was scanned by 7.0.1.0 and referred Zylom games and TryMedia as suspicious. Removal of it all led to no gaming anymore because these files (and dirs) are apearently necessary to run and check validation of the Zylom Games. Such a shame because a noob does not understand that.  

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 21 19:08:44 2017 # Up...

Re: More false positives

Hello,

The beta version tells me: PUP.Optional.DriverBooster


snabbeltax, 2017-08-07 10:15:05 (UTC)

Can you share a logfile showing this?


fr33tux, 2017-08-23 00:30:14 (UTC)

# AdwCleaner 7.0.2.0 - Logfile created on Mon Aug 07 10:03:39 2017 # Updated on 2017/29/08 by Malwarebytes  # Database: 08-06-2017.2 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes....

Re: More false positives

Hello. Sure.

# AdwCleaner 7.0.2.0 - Logfile created on Wed Aug 23 17:39:18 2017 # Updated on 2017/29/08 by Malwarebytes # Database: 08-22-2017.2 # Running on Windows 7 Ultimate (X64) # Mode: scan # Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files...

Re: More false positives

Try using the beta, see if that elevate the false positives. However, if your software is obtained in illegitimate ways (I know music software can get quite expensive), it might have some form of virus or malware attached to it. You can never discount the possibility.

Re: Launchpage infection

Hopefully, you can understand English or google translate this. I know this is an old forum, but since it doesn't have a definitive answer, I'd like to share my experience and a solution. My friend had a similar couple of weeks ago. You are dealing with a redirect virus or some form of adware. Quite annoying really. I have used Malwarebytes and Adwcleaner to elevate the issue alongside these in...

Re: Jaff virus?

Utilisez Data Recovery Pro ou Rakhni decryptor pour restaurer les fichiers cryptés par le rançongiciel Jaff. Data Recovery Pro est unun outil automatique qui peut effectuer ce travail à votre place. Vous pouvez il ou Rahini décrypteur conçu par Kaspersky Lab en cliquant ici: http://www.2-spyware.com/remove-jaff-ransomware-virus.html

N'oubliez d'exécuter une analyse supplémentaire de votre syst...

Re: Start\Windows icon

Have you noticed anything else weird/out of the ordinary on your PC? Can you try booting into Windows "Safe mode with networking" and see if you can do any of the actions through that. Otherwise, I would recommend doing a thorough malware check just in case.

Full and thorough malware check:

1. Restart your PC in “Safe mode with networking.” 2. Install and run RKill to kill malicious processes...