Jump to content

Search the Community

Showing results for tags 'potentially unwanted programs'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 2 results

  1. I have a Toshiba P850 with Windows 8 loaded with Norton 360.. which is why I'm baffled how MBAM found a list of PUP.Optional.PassShow.A's and PUP.Optional.NextLive.A's particularly attached to Registry keys. (My subscription to System Mechanic Pro expired yesterday.) I'm not a techie or even well read in computers but know enough to realize 'you' don't mess with the registry. Here's the latest log, from the Pro trial as I don't have the money to pay for a subscription.: Malwarebytes Anti-Malware (Trial) 1.75.0.1300www.malwarebytes.org Database version: v2013.12.29.02 Windows 8 x64 NTFSInternet Explorer 11.0.9600.16476JC :: 1PREMIER-PC [administrator] Protection: Enabled 12/29/2013 7:12:37 AMMBAM-log-2013-12-29 (11-59-51).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 413231Time elapsed: 56 minute(s), 23 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 7HKCR\CLSID\{2d661e5b-7d7a-417c-b5b5-6479017bb314} (PUP.Optional.PassShow.A) -> No action taken.HKCR\TypeLib\{b8c3b958-ec6a-4d2f-bf2d-c7906acd3da0} (PUP.Optional.PassShow.A) -> No action taken.HKCR\Interface\{88f2ef1e-a38b-44dd-ae7c-57dfa28ba40f} (PUP.Optional.PassShow.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D661E5B-7D7A-417C-B5B5-6479017BB314} (PUP.Optional.PassShow.A) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2D661E5B-7D7A-417C-B5B5-6479017BB314} (PUP.Optional.PassShow.A) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D661E5B-7D7A-417C-B5B5-6479017BB314} (PUP.Optional.PassShow.A) -> No action taken.HKLM\SOFTWARE\Google\Chrome\Extensions\dhogjnnleghndloamdkljhnhdchpcijl (PUP.Optional.PassShow.A) -> No action taken. Registry Values Detected: 2HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\JC\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> No action taken.HKCU\Software\Mozilla\Firefox\Extensions|{57c20073-e24b-4b2a-aa91-70d1ad526cbf} (PUP.Optional.PassShow.A) -> Data: C:\Program Files (x86)\PassShow\150.xpi -> No action taken. Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 2C:\Users\JC\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> No action taken.C:\Users\JC\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken. Files Detected: 0(No malicious items detected) (end) There are fairly recent oddities in performance such as Chrome refusing to load and the indication of the button on the taskbar fading as though it wasn't pressed at all. Sometimes I click it multiple times to load. Another recent oddity is my connection drops a lot and it's not due to a lack of provision from the providing company. I get the impression that someone is somewhere just flipping a switch to my connection and toying with me cuz it'll disconnect several times in succession. I deleted some other files it found and I get boxes (f.e. loading Sims 3) that reference the missing file once found in the pup list. "There was a problem startingC:\Users\JC\AppData\Roaming\newnext.me\nengine.dll The specified module could not be found." I appreciate any and all help possibly offered.
  2. Hi! I'm new to the forums but have been using Malwarebytes for some time now. I have a powershell script that I use to run automated scans of remote machines. It also has the ability to remove whatever it finds. I'm using MBAMAPI.EXE at the core of the script. Now this may be a long shot, but are there any switches that I can use with MBAMAPI that will allow me to remove PUPs as well? I know there has been a change (probably not so recent at this point) and Malwarebytes as a whole is taking a more agressive stance against PUPs, which I'm on board for. I just can't seem to find a way to remotely remove them, which means things just keep coming back. Asking my end users to do this themselves is pretty much out of the question (Unix to Windows users here, GUI is new and foreign). If there isn't a way to have MBAMAPI.EXE do this, is there possibly another approach or has anyone else tackled this same issue? Thanks in advance for any help/insight! C.Reeves
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.