How to remove win32 pup gen virus?
Solved
caroline
-
ChrisEpicKarma -
ChrisEpicKarma -
Hello,
This morning my Avast detected the win 32 pup gen virus, so I restarted the computer performing a startup scan and quarantined the virus in the infected files, then I "deleted" it. But can I be sure that the virus has really been removed? If not, how can I delete it?
Knowing that this virus installed two programs called GUPlayer and PepperZip that I tried to remove but again I'm not sure if I really got rid of them....
I'm not very good with computers... Thank you in advance for your reply.
This morning my Avast detected the win 32 pup gen virus, so I restarted the computer performing a startup scan and quarantined the virus in the infected files, then I "deleted" it. But can I be sure that the virus has really been removed? If not, how can I delete it?
Knowing that this virus installed two programs called GUPlayer and PepperZip that I tried to remove but again I'm not sure if I really got rid of them....
I'm not very good with computers... Thank you in advance for your reply.
4 réponses
Hello,
You have installed adware and potentially unwanted programs on your PC that open advertisements and slow down your computer and web browsers.
Here is the procedure to follow to remove them:
Start with this:
Follow the AdwCleaner tutorial (by Xplode)
This program allows you to remove adware and potentially unwanted programs:
If this does not work, use the site http://pjjoint.malekal.com to host the report, give the report link in a new message.
Note: The report is also saved under C:\AdwCleaner[S1].txt
--
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
You have installed adware and potentially unwanted programs on your PC that open advertisements and slow down your computer and web browsers.
Here is the procedure to follow to remove them:
Start with this:
Follow the AdwCleaner tutorial (by Xplode)
This program allows you to remove adware and potentially unwanted programs:
- Download it to your desktop or downloads folder.
- Run AdwCleaner, click on [Scan].
- The scan may take several minutes, please be patient.
- Once the scan is finished, do not uncheck anything, click on [Clean]
- Once the cleaning is completed, a report will open. Copy/paste the report content into your next response by copy/pasting.
If this does not work, use the site http://pjjoint.malekal.com to host the report, give the report link in a new message.
Note: The report is also saved under C:\AdwCleaner[S1].txt
--
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Malwarebytes (scan time: approximately 40 minutes):
==================================================
Download and install Malwarebytes.
There is a free version that allows you to clean your computer (make sure to uncheck the trial offer for the Premium version at the end of the installation):
Update Malwarebytes and then start a scan.
At the end of the scan, click on "Remove Selection" at the bottom left.
Restart the computer if necessary.
After restarting, relaunch Malwarebytes.
Look for the report in the History tab.
On the left, Analysis Log.
Double-click on the scan in the list.
Then at the bottom, Copy to clipboard
Go to http://pjjoint.malekal.com and at the bottom, right-click / paste to paste the Malwarebytes scan report.
Click send.
In a new message here in response, provide the pjjoint link so that the report can be viewed.
--
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
==================================================
Download and install Malwarebytes.
There is a free version that allows you to clean your computer (make sure to uncheck the trial offer for the Premium version at the end of the installation):
- Free version Malwarebytes tutorial
- Paid version Malwarebytes tutorial
Update Malwarebytes and then start a scan.
At the end of the scan, click on "Remove Selection" at the bottom left.
Restart the computer if necessary.
After restarting, relaunch Malwarebytes.
Look for the report in the History tab.
On the left, Analysis Log.
Double-click on the scan in the list.
Then at the bottom, Copy to clipboard
Go to http://pjjoint.malekal.com and at the bottom, right-click / paste to paste the Malwarebytes scan report.
Click send.
In a new message here in response, provide the pjjoint link so that the report can be viewed.
--
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
ok it's good =)
Here it is, it's finished, you can delete the programs used.
Some advice:
To prevent malicious sites, you can install Blockulicious: https://forum.malekal.com/viewtopic.php?t=46656&start=
To avoid being caught again.
To read - Unwanted programs / PUPs: https://www.malekal.com/adwares-pup-protection/
(Especially activate LPI detections to detect unwanted and advertising programs)
The rest of the security: http://forum.malekal.com/comment-securiser-son-ordinateur.html
--
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Here it is, it's finished, you can delete the programs used.
Some advice:
To prevent malicious sites, you can install Blockulicious: https://forum.malekal.com/viewtopic.php?t=46656&start=
To avoid being caught again.
To read - Unwanted programs / PUPs: https://www.malekal.com/adwares-pup-protection/
(Especially activate LPI detections to detect unwanted and advertising programs)
The rest of the security: http://forum.malekal.com/comment-securiser-son-ordinateur.html
--
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Sorry for the delay, the result of the Avast analysis didn't find anything either. Thanks for your help :). But I still have a small problem ... I think I'm starting to annoy you ... but Firefox and Adobe Reader are lagging, I don't know where it comes from since I don't have any viruses anymore, but I uninstalled and reinstalled them to see, but I'm still experiencing bugs ...
In fact, when I open one of the two programs, it stops responding, but not "normally."
In fact, when I open one of the two programs, it stops responding, but not "normally."
If you do this, does it change anything?
Export your bookmarks: https://support.mozilla.org/fr/kb/exporter-marque-pages-firefox-fichier-html
Uninstall Mozilla Firefox, making sure to check the option to delete the profile.
Show hidden and system files: https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/
Delete the profile:
My Computer => C Drive => Users => Your user => AppData => Roaming
right-click on the Mozilla folder and rename it
rename it to Mozilla.old
My Computer => C Drive => Program Files => delete the Mozilla folder.
Reinstall Firefox from this link: https://telecharger.malekal.com/download/mozilla-firefox/
Import your bookmarks again.
Export your bookmarks: https://support.mozilla.org/fr/kb/exporter-marque-pages-firefox-fichier-html
Uninstall Mozilla Firefox, making sure to check the option to delete the profile.
Show hidden and system files: https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/
Delete the profile:
My Computer => C Drive => Users => Your user => AppData => Roaming
right-click on the Mozilla folder and rename it
rename it to Mozilla.old
My Computer => C Drive => Program Files => delete the Mozilla folder.
Reinstall Firefox from this link: https://telecharger.malekal.com/download/mozilla-firefox/
Import your bookmarks again.
I did what you told me but nothing changed. However, I'm thinking it might be related to 2 viruses that Avast found: Win32:Downloader-WAX and Win32:Amonetize-KV. Let me explain, my little sister tried to download The Sims illegally on this PC but she didn't pay attention and because of that I got viruses. So I ran a scan and deleted the infected files, but one virus kept coming back, the Win32 pup gen, so I asked for help given my level in computing... :)
Do you think it could be related?
Do you think it could be related?
What should I do? Please.
# AdwCleaner v5.005 - Report created on 09/01/2015 at 18:06:45
# Updated on 08/31/2015 by Xplode
# Database: 2015-08-31.2 [Server]
# Operating System: Windows 10 Home (x64)
# Username: Sekina - SEKINA-PC
# Executed from: C:\Users\Sekina\Downloads\AdwCleaner-5.005.exe
# Option: Scan
# Support: http://toolslib.net/forum
Service Found: IHProtect Service
Folder Found: C:\Program Files (x86)\MovieDea
Folder Found: C:\Program Files (x86)\Exploremedia
Folder Found: C:\Program Files (x86)\MiniLite
Folder Found: C:\ProgramData\MovieDeaConfig
Folder Found: C:\ProgramData\{d512680d-71c4-7f90-d512-2680d71ca035}
Folder Found: C:\Users\Sekina\AppData\Roaming\oursurfing
Task Found: Bidaily Synchronize Task
Key Found: HKCU\Software\Classes\PepperZip
Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PepperZip.exe
Key Found: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{00000000-BA82-4612-BE43-95B8B482C269}
Key Found: HKCU\Software\PepperZip
Key Found: HKCU\Software\Vittalia
Key Found: HKCU\Software\AppDataLow\Software\DynConIE
Key Found: HKLM\SOFTWARE\SupDp
Key Found: HKLM\SOFTWARE\mystartsearchSoftware
Key Found: HKLM\SOFTWARE\IHProtect
Key Found: HKLM\SOFTWARE\oursurfingSoftware
Key Found: HKLM\SOFTWARE\FFPluginHp
Key Found: HKLM\SOFTWARE\MovieDea
Key Found: [x64] HKCU\Software\PepperZip
Key Found: [x64] HKCU\Software\Vittalia
Key Found: HKU\S-1-5-21-2970663645-2655222345-2305418594-1002\Software\AppDataLow\Software\DynConIE
Data Found: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1440346319&z=db248f13a4115c51e7957cfg8z0z9efc2z5qaocg0c&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2Y4J9EF313711
[C:\Users\Sekina\AppData\Roaming\Mozilla\Firefox\Profiles\se7f4lid.default\prefs.js] [Preference] Found: user_pref("browser.search.searchengine.alias", "mystartsearch");
[C:\Users\Sekina\AppData\Roaming\Mozilla\Firefox\Profiles\se7f4lid.default\prefs.js] [Preference] Found: user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[C:\Users\Sekina\AppData\Roaming\Mozilla\Firefox\Profiles\se7f4lid.default\prefs.js] [Preference] Found: user_pref("browser.search.searchengine.name", "mystartsearch");
[C:\Users\Sekina\AppData\Roaming\Mozilla\Firefox\Profiles\se7f4lid.default\prefs.js] [Preference] Found: user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1440346319&z=db248f13a4115c51e7957cfg8z0z9efc2z5qaocg0c&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2Y4J9EF313711[...]
[C:\Users\Sekina\AppData\Roaming\Mozilla\Firefox\Profiles\se7f4lid.default\prefs.js] [Preference] Found: user_pref("extensions.quick_start.enable_search1", false);
[C:\Users\Sekina\AppData\Roaming\Mozilla\Firefox\Profiles\se7f4lid.default\prefs.js] [Preference] Found: user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3553 bytes] ##########
Thanks again for your help
Thank you!! :)