Jump to content

maxime3

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Everything posted by maxime3

  1. maxime3
    Goodmorning everyone. I run system scans regularly and no problems have ever been found. Yesterday I decided to remove the Freemake Video Converter application from my PC which was installed back in 2017 and almost never used. From the control panel then I clicked uninstall it, but Windows Defender detected PUABundler: Win32 / CandyOpen in the SetupUpdate.exe file, which I promptly removed. This is weird, as I tried to uninstall many times without success but also without warnings. Did they launch an automatic update yesterday? I also ran a full scan with Malwarebytes and Adwcleaner which removed the following entries. Here are the results (scan and clean). I’m almost sure some are related to Samsung pre-installed app, whereas Freemake should be:

 Quote PUP.Optional.FreeMakeConverter HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater PUP.Optional.FreeMakeConverter HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater 

Everything seems to be fine and the app itself (Freemake Converter) is now gone. Did a few scans with no issues, both with Malwarebytes and Windows Defender. My question is: Is it possible that the uninstall operation alerted Windows Defender, even if the CandyOpen adware was not actually installed on my system, but was simply contained within SetupUpdate.exe? I didn't notice any strange behavior/slowdown or ads in my browser (I do not use Edge/Internet Explorer).
 Thank you for your time and effort. # ------------------------------- # Malwarebytes AdwCleaner 8.3.1.0 # ------------------------------- # Build: 11-18-2021 # Database: 2021-12-02.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 12-12-2021 # Duration: 00:00:11 # OS: Windows 10 Pro # Scanned: 32011 # Detected: 15 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.Legacy C:\Users\Computer\AppData\Roaming\Tencent ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.FreeMakeConverter HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater PUP.Optional.FreeMakeConverter HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Search Page PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Start Page ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.SamsungSmartSwitch File C:\Users\Computer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk Preinstalled.SamsungSmartSwitch Folder C:\Program Files\SAMSUNG\SMART SWITCH PC Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC Preinstalled.SamsungSmartSwitch Folder C:\Users\Computer\AppData\Roaming\SAMSUNG\SMART SWITCH PC Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-...} Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-...} ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## # ------------------------------- # Malwarebytes AdwCleaner 8.3.1.0 # ------------------------------- # Build: 11-18-2021 # Database: 2021-12-02.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-12-2021 # Duration: 00:00:01 # OS: Windows 10 Pro # Cleaned: 9 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\Computer\AppData\Roaming\Tencent ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Search Page Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [2978 octets] - [12/12/2021 22:20:39] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.