Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP quarantined not deleted, slow computer overheating


  • Please log in to reply
8 replies to this topic

#1 ruthere89

ruthere89

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 22 July 2010 - 08:34 AM

About three days ago McAfee found a PUP somewhere on my computer, it was quarantined, but never deleted. I tried to hunt it down but I never found it thanks to the new way that McAfee runs its program. Since I discovered the PUP my computer has had twice the pop ups, three times the lag, and it has been pushing out some heavy hot air. I use a wireless connection and have never had any connection issues since this PUP arrived. I have also used Malwarebytes, Noton Trial version, and Malicious Software Removal. I still have found nothing, but my computer is still acting quite strange. I couldn't find the PUP, what I do know is that is was generic. After going into unknown or red zone websites I will wipe what I can to get rid of tracking cookies that somehow evade me, and to try and deplete any of the attached files that can be left in my temp files. Is the PUP still there? Am I doing something wrong? Am I infected? Is there another program that may pick up what I cannot find? May I have more help with this issue?

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:50 AM

Posted 22 July 2010 - 11:11 AM

A Generic Potentially Unwanted Program (PUP) detection is a very broad threat category that can include any number of different programs to include those which are benign as well as malicious. Certain embedded files that are part of legitimate programs, may at times be detected by some anti-virus and anti-malware scanners as a "Risk Tool", "Hacking Tool", "Potentially Unwanted Program", or even "Malware" (virus/trojan) when that is not the case.

Some programs falling into the PUP category have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. These detections do not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. In many cases such detections can be a "False Positive". Since these detections do not necessarily mean the file is malware or a bad program, you need to investigate further if not familiar with them.

When an anti-virus or security program quarantines a file by renaming and moving it into a virus vault (chest) or a dedicated quarantine folder, that file is essentially disabled and prevented from causing any harm to your system. The quarantined file is safely held there and no longer a threat until you take action to delete it. One reason for doing this is to prevent deletion of a crucial file that may have been flagged as a "false positive" especially if the scanner uses heuristic analysis technology. Heuristics is the ability of a scanning program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list. Doing this also allows you to view and investigate the files while keeping them from harming your computer. Quarantine is just an added safety measure. When the quarantined file is known to be malicious, you can delete it at any time usually by launching the program which removed it, going to the Quarantine tab, and choosing the option to delete. If it was a false positive, then you can choose the option to restore the file.

Anytime you come across a suspicious file for which you cannot find any information about or you want a second opinion, submit it to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

You can also get a second opinion for your entire system by performing an Online Virus Scan like:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 ruthere89

ruthere89
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 22 July 2010 - 06:12 PM

Thank you kindly for these words of wisdom, I will reply with my findings.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:50 AM

Posted 22 July 2010 - 06:17 PM

Not a problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 ruthere89

ruthere89
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 22 July 2010 - 08:01 PM

The last scan F-Secure, took a long time to download and told me that my connection was disrupted or not allowed. However, it only found one file which was re-named and submitted? The file was a Virus: Exploit:W32/Exploit

Edited by ruthere89, 22 July 2010 - 09:25 PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:50 AM

Posted 22 July 2010 - 09:19 PM

Then it appears your ok. If you ever locate a log file or find the name of the actual file which McAfee flagged as a PUP, then you can probably get a better grasp as to what it was.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 ruthere89

ruthere89
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 22 July 2010 - 09:54 PM

I shall take this to the notepad, thank you for your help sir.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:50 AM

Posted 22 July 2010 - 09:59 PM

You're welcome. Safe surfing and have a malware free day.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 ruthere89

ruthere89
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 22 July 2010 - 10:07 PM

Haha, good one.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users