Jump to content
Alice22

PUP.Optional.Legacy persistent, will not go away

Recommended Posts

@AdvancedSetup - Edge has similar issues (slowness, freezing - I've described them in a post above) but I can't remove it from the system. I will create a system restore point and install chrome later during the day, and will let  you know what happened.

Share this post


Link to post
Share on other sites

Well, if there is still an issue then don't install Chrome yet. Let's look and see what's going on.

Please describe exactly what it is you're seeing or experiencing.

 

 

Share this post


Link to post
Share on other sites

Alright, so Edge - pages stop responding popping up with a message to recover the page (the message is at the lower part of the screen). Switching between tabs is slow, it often freezes for a few seconds before switching to the tab I've clicked. Often when I start typing in a field (for example the YouTube search bar/box/field) it has a typewriter effect - 0.5 to 2 second delays between my press on the keyboard and the letter appearing on the search field. The whole Edge freezes and I have to F5 a few times to make the page active/not frozen anymore. Many times I have to restart Edge because refreshing the page just won't work

Share this post


Link to post
Share on other sites

The fixes listed in the article does not help. However I had outdated drivers (since I re-installed windows) and now that everything is updated, it looks/feels normal. Edge is still slow, but normal slow, like it's supposed to work. Is it possible Edge slowness/freezing was just a driver issue?

Should I go ahead and install Chrome now?

Share this post


Link to post
Share on other sites

It's very possible. Driver updates are there to fix many different issues.

Yes, if you're comfortable with how Edge is working now. Though a new install of Windows being slow is pretty odd. I've been doing computer support for over 25 years now and a clean fresh install of Windows is the only thing that fully restores the normal speed and snappy response. Unless the computer got infected by something bad it's not normal behavior.

It looks like you installed Windows on 2018-07-07 how did you do the install? Was it an upgrade of Windows 7 or a fresh full install from a blank hard drive?

 

 

Share this post


Link to post
Share on other sites

I have a Windows 10 edition on a USB drive and I have a key. I plugged the usb and did a clean install of Windows 10, formatting my C:\ partition before the install. I just remembered that before the first re-install of Windows (I clean installed it twice) the virus changed my Windows computer password (not the Microsoft one, I don't have a Microsoft account) and I couldn't even get to my desktop. Just thought this might be extra informative for my case, so I'm sharing it.

Everything looks ok for now but I have the feeling that if I install Chrome and reset it's settings to default, the virus will be back.. because it happened over 100 times and I find it hard to believe it won't happen again.

Edge is running fine, scans from MB3 and AdwCleaner come out clean.

Should I go ahead and install Chrome again?

P.S. This might take some time for me because I'm moving to a new apartment right now (these days) and I'm going to have to get a new internet provider and get my PC setup going. Please do not delete or close the topic, because I'm here every day and I will definitely post feedback.

So just give me a green light to install Chrome again and I will do it. Also should I sync in my Google profile in Chrome, after I install it?

Share this post


Link to post
Share on other sites

Well I think you're okay to install Chrome again now, however, since you're moving you might just want to wait a couple days until you're more settled. Not like you need more headaches to deal with if you're moving. That's a lot of work on it's own.

Once you do install Chrome I would suggest adding just an Ad-Blocker and maybe a Script Blocker and no other plugins/add-ons until you test out Chrome and use it for a bit.

Good luck on your move. I'll keep the topic open for now

Ron

 

Share this post


Link to post
Share on other sites

Ok I installed Chrome and worked with it for about 15 minutes, no issues for now - no lag, freezing. Everything seems to be looking ok. 

Without syncing my Google account I scanned with AdwCleaner right after I installed and open Chrome. It shows the same result - PUP.Optional.Legacy 

pic.JPG.a6273f3cd56d8f0e4c3f0ba8f8f4c6f9.JPG

They persist in the search engines list again too:

pic2.JPG.a28bee6714b445427060da0012e76823.JPG

AdwCleaner logfile from the scan: AdwCleaner[S111].txt

So far although the AdwCleaner results aren't clean, Chrome works fine. I will remove the search engines Aol and Ask, add an AdBlock extension to Chrome and use it for a while and will post feedback on how it behaves.
 

Share this post


Link to post
Share on other sites

Ok after using Chrome for a while now I am certain that the problem is back - it takes up to 40 seconds to load a web page. In order to describe it better it goes like this: I enter for example http://youtube.com and hit enter. Loading wheel on the Chrome tab starts spinning. The page is not showing up, even though it's loading. Not partially, nothing at all is showing up, blank page remains, and the wheel keeps spinning like it's really loading something. I can just open Edge and load the page there, browse for a while and come back to Chrome and the page is still loading in it. If I go to  chrome://settings/ it's the same - starts loading, freezes a couple of times and after about 20-30 seconds the page with the settings finally shows up. I cleaned with AdwCleaner and removed the search engines from the list, but still it's not being resolved.

Computer is clean, no dust or anything, clean windows install (fully updated afterwards) was done recently and after that I was following everything in this thread and still it persists. Maybe Chrome requires some framework to be installed in order to be working properly? Should I remove Chrome again with the FRST fix and re-install windows? 

Share this post


Link to post
Share on other sites

Very odd issue for sure with Chrome. Maybe just a fluke? What if you clean all cookies in Chrome and reboot the computer and try again?

I'm sorry but I'm leaving on vacation for a week. Was hoping we'd be finished by now. I'll ping a couple other helpers and see if one of them can continue to assist you while I'm away.

@Aura  @kevinf80

Sorry about that

Ron

 

Share this post


Link to post
Share on other sites

Hello Alice22,

I`m taking over your thread whilst Ron is away on vacation. What is happening with your system now, any issues or concerns..?

Thankyou,

Kevin.

Share this post


Link to post
Share on other sites

Hello @kevinf80

Yes, unfortunately the issues with Chrome remain.. As I'm writing to you right now (from Edge), Chrome is in the background trying to load the chrome://settings/ page for over a minute.. I ran a full scan with MB3 and Norton last night while I slept, everything comes out clean. I don't know what to do anymore, I've tried all I know @AdvancedSetup tried to help too (thanks!), maybe I should just backup my important files and throw my SSD and hard drive in the trash (desperate times, desperate measures)

Edit: I will run another full scan while I sleep tonight and install Chrome on my laptop to see how it works there, I will post the feedback here again

Edited by Alice22

Share this post


Link to post
Share on other sites

Make a clean install of Chrome as follows:

If your Chrome Bookmarks are important do this first:

Go to this link: http://www.wikihow.com/Export-Bookmarks-from-Chrome follow the instructions and Export your Bookmarks from Chrome, save to your Desktop or similar. Note the instructions can also be used to Import the bookmarks.....

Continue for a clean install:

Download Chrome installer and save to install later: https://www.google.com/intl/en_uk/chrome/browser/desktop/index.html https://www.google.com/intl/en_usa/chrome/browser/desktop/index.html

Next,

Open Chrome and sign into your account, open a new tab and type or copy paste chrome://settings/syncSetup hit enter...

In the new window that opens "Sync everthing" will probably be selected, scroll down to and select "Managed sync data on Google Dashboard"

A new window will open, scroll down to and select "Reset Sync" that will clear synced data from Google Server...

Continue to next step to completely Uninstall Chrome....

Next.

Uninstall Chrome: https://support.google.com/chrome/answer/95319?hl=en-GB follow those instructions, ensure the option to "Also delete your browsing data" is selected. <<--- Very important!!

Navigate to C:\Users\Your user name\Appdata\Local from that folder delete the folder named Google (you will need to show hidden files/folders to see the folder Appdata)

For XP that will be My Computer > C:\ Documents and Settings\Your User Name\Application Data\Roaming

How to show hidden files and folders for windows: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Next,

Install Google Chrome :

Next,

Import your Bookmarks... (instructions in the first step)

Next,

Install uBlock Origin for Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

Does that help...?

Share this post


Link to post
Share on other sites

Hello, 

Sorry for the delayed answer but I'm working on shifts and it's tough o.O

I followed your instructions and I've been using Chrome for 20-30 minutes now, without any issues, however this has happened before, and a day later it starts freezing/lagging again. I think we should give it a little more time to see how it performs. 

The uBlock extensions shows that it blocked sites like doubleclick.net and yadro.ru and after a bit of reading up, it seems that this should not happen.

I will post again after a while, but after tomorrow I will be travelling for work for a few days. I hope we can communicate and keep the post alive until the problem is resolved or at least be able to re-create it when I'm back, if the issue still persists.

Thank you for sticking up with me so far.

Share this post


Link to post
Share on other sites

Hello Alice22,

Yes i`ll leave your thread open until you tell me otherwise, just post back whenever you have time...

Regards,

Kevin...

Share this post


Link to post
Share on other sites

Hi,

I had to travel on a short notice and I couldn't fully test out the performance of Chrome... I noticed something that I don't understand and I want to share it, maybe it's relevant.

I am playing a game (whenever I have time) called Lineage 2 and when I have 3 windows/instances of the game open Chrome starts to slow down. But when 4 windows of the game are open, the exact same symptoms as stated in this thread by me start to appear again (tabs freeze, even going to chrome:settings takes about 40 seconds/1minute, etc...) The game uses Frost Security and I'm thinking it may somehow affect Chrome's performance, but I'm no expert, so it's just a wild guess. This shouldn't happen though, since my computer is powerful enough to handle a year 2000 game with potato graphics and a web browser at the same time (from FRST you can see it's 16gb RAM, SSD, GTX 1060). 

I'm away from home for at least 5 more days, but I will try to re-create the scenario on my laptop later when I have time and post back here. I don't know if what I make say makes any sense and I hope you understand what I'm trying to explain, but after 2 clean windows installs, following every step from this thread, clean full scans from MB3 and Norton - it seems that the issue may not be adware/virus related anymore, but some conflict of Chrome and this game. FYI when the game is not running Chrome works perfectly.

Edit: Is it normal though, that these windows doubleclick.net and yadro.ru are trying to get opened, but are blocked by uBlock? Or is it an indication of infection?

Edited by Alice22

Share this post


Link to post
Share on other sites
Hello Alice22,
 
What is double click net?
Quote

doubleclick.net is a legitimate advertising service that website publishers use to generate revenue on their sites. ... This ad.doubleclick.net redirect is usually caused by adware installed on your computer. These adware programs are bundled with other free software that you download off of the Internet.

yadro.ru  is very similar adware that is usually bundled with free software, it is installed without your knowlegde...

Both may also come with rogue extensions installed to Chrome, again wiothout your knowledge. A clean install of Chrome after complete removal of Chrome and all synced backups removed does usually remove such extensions... I gave instructions for clean install, as those two still show we can assume they are the work of adware. To remove we need to run AdwCleaner, HitmanPro and Sophos AV. When you are back home and have time i`ll post those instructions for you.

Thank you,

Kevin

 

 

Share this post


Link to post
Share on other sites

Yes for sure, as follows:

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

Next,

user posted imageScan with HitmanPro

In any case don't remove on your own anything that Hitman Pro detects! This scanner is really good for checking, it has however been known for deleting files instead of curing them, in some cases this may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!

Please download HitmanPro by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 
  • Right-click on user posted image icon and select user posted imageRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button. You must agree with the terms of EULA (if asked).
  • Check the box beside No, I only want to perform a one-time scan to check this computer.
  • Click on the Next button.
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click Next
  • Click on the “Activate free license” button to begin the free 30 days trial, and remove all the malicious files from your computer.
  • Close Hitman Pro


Navigate to C:\ProgramData\HitmanPro\Logs, open the report and include it it your next reply.
 
  • Click on the Next button.
  • Click on the Save Log button.
  • Save that file to your desktop.


Please include that logfile in your next reply.

Don't forget to re-enable your security!

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....



The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.


Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Let me see those logs, also tell me if there are any remaining issues or concerns...

Thank you,

Kevin...

Share this post


Link to post
Share on other sites

Hello Alice22,

Thanks for those logs, how is your system behaving now, any remaining issues or concerns..?

Thank you,

Kevin.

Share this post


Link to post
Share on other sites

Hello Kevin,

Everything seems to be working fine so far. I just wanted to ask if I can use AdBlock Plus instead of uBlock? Thread can be closed afterwards.

Share this post


Link to post
Share on other sites

Hello Alice22,

Yes of course you can use Adblock Plus instead of uBlock, is always best to use what you are comfortable with. If you are satisfied your PC is now back to Normal we can clean up and close out...

Unless you prefer to keep them Uninstall Sophos AV and HitmanPro:

http://www.askvg.com/how-to-completely-uninstall-remove-a-software-program-in-windows-without-using-3rd-party-software/

Also delete this folder if still present: C:\ProgramData\Sophos

Next,

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools <----- this will remove tools we may have used.
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.