So someone I know who is very knowledgeable with computers sent me a link to a Vista theme for Windows 7. I wasn't expecting it to be compatible with Windows 10 so I tried it in Hyper-V. It was not. (I was checking because this one modifies Windows and it tells you it is risky, so I didn't want to damage my actual PC.) So I Googled for a Vista theme for 10 and found this one. https://skinpacks.com/download/windows-7/vista-skin-pack/ VirusTotal reports the site clean. I appears to be the site of origin of the original theme I was told about.
I downloaded and ran it. McAfee blocked a portion of it near the end, but I assumed this was just because of the way it modifies Windows, and I was expecting it to be mistaken for a rootkit. I also saw a link on the site for info about virus detection, so assumed this was all fine. It looks very nice.
However, after running it, there was a new program on my desktop, which I uninstalled. (Some kind of news feed) Then Chrome started redirecting me every time I clicked a link. I ran MalwareBytes free and it found many PUPs. I have the log. Almost all of them SwiftSearch. All have been removed, and no more redirections.
I then uploaded the setup exe to VirusTotal and this was the result https://www.virustotal.com/en/file/33f0f7c762a93c7a10dfb47f51166dce3ce8764ac5b6fa8b9f7f0a81949cd48c/analysis/1449567707/ not sure if false detection, or if it's detecting the bundled PUPs.
The reason I think it's a false detection is because the FAQ on their site says that the additional programs are the cause of false detection and they can all be deselected. I was however relatively certain I deselected them all.
But they could be full of it, like LIGHTNING UK!
Should I uninstall the theme, or am I fine now that the PUPs are gone?
(Can I post the log here?)
Windows 10 Pro (x64)
Custom PC - MSI motherboard, AMD ATi PC
Edited by Karzahni, 08 December 2015 - 05:18 AM.