Go Back   Web User Forums > Security > Security & Privacy Help and Discussions

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 10-09-18, 20:28
beefy beefy is offline
Enthusiastic contributor
 
Join Date: Nov 2015
Posts: 297
Default malawarebytes scans

tonight i ran a scan with mb and it found:- PUP.Optional.Conduit in C:\Users|*****\AppData\Roaming\Mozilla\Firefox\Pro files\soo6qsq8.Default\prefs.js

rescanned and it found same plus C:\Users|*****\AppData\Roaming\Microsoft\Windows\R ecent\prefs.js
quarantined both rescanned later and it was back in same place.
scanned with adaware and it is clear,is this to be concerned about?
Reply With Quote
  #2  
Old 10-09-18, 21:00
Cantrel Cantrel is offline
Global Moderator
 
Join Date: Jul 2012
Location: UK
Posts: 11,201
Default Re: malawarebytes scans

Can you run the MBAM scan in Safe Mode with Networking and check to see if it comes back.

I don't know what it is but if it remains persistent then I would open a new thread in the Malware Removal section after reading the pre-posting requirements where Kevin will have a look at it.
Reply With Quote
  #3  
Old 11-09-18, 11:38
beefy beefy is offline
Enthusiastic contributor
 
Join Date: Nov 2015
Posts: 297
Default Re: malawarebytes scans

ran scan all clear this morning,all clear,adwcleaner was clear last night (i ignored the update as it was late)this morning i updated and scanned and it found 4,PUP.optional.advanced system care and PUP.optional .legacy (2 registry keys one scheduled task, which seem to relate to iobit driver booster. i do have driver booster but was careful not to install advanced system care.
should i let adwcleaner deal with this,would DB still work?
hitman pro was also clear.
Reply With Quote
  #4  
Old 11-09-18, 15:30
Cantrel Cantrel is offline
Global Moderator
 
Join Date: Jul 2012
Location: UK
Posts: 11,201
Default Re: malawarebytes scans

Driver Booster is a separate program to ASC - it looks like ASC has sneaked in as a PuP when you installed DB.

You could use AdwCleaner to get rid of it but when it has sneaked in on me, I've used IObit Uninstaller to get rid of it.

However, as ADW has found other bits then use it to clean out and then check if DB still works.
Reply With Quote
  #5  
Old 11-09-18, 20:28
Madeline's Avatar
Madeline Madeline is offline
Top contributor
 
Join Date: Jan 2004
Location: Cymru
Posts: 51,834
Default Re: malawarebytes scans

If you decide to use AdwCleaner, there have been a few problems with the current stable version ~ 7.2.3.1 ~ recently although it's perfectly safe to use as is the beta version ~ 7.2.4. Both can be downloaded here if necessary:

Downloads - AdwCleaner - ToolsLib
__________________
"I'm Irish. We think sideways." Spike Milligan. 1918 - 2002
Reply With Quote
  #6  
Old 12-09-18, 11:12
beefy beefy is offline
Enthusiastic contributor
 
Join Date: Nov 2015
Posts: 297
Default Re: malawarebytes scans

removed driver booster with revo uninstaller,but it still left some folders so deleted these as well and scanned with MB and ADW all was clear,reinstalled DB and avoided installing anything else saw no reference to ASC. rescanned and ADW found PUP.Optional.Legacy again same three items as above which appear to refer to scheduled tasks for DB.currently quarantined.
so do i remove DB again(it was recommended by a friend) do i need it? or just leave items quarantined. or use something else?
when first installed after i did the reinstall it found several outdated drivers,but on a recent scan when it updated a sound driver it lost all sound and i had to restore it,so that one is currently ignored.
Reply With Quote
  #7  
Old 12-09-18, 14:09
Cantrel Cantrel is offline
Global Moderator
 
Join Date: Jul 2012
Location: UK
Posts: 11,201
Default Re: malawarebytes scans

I tried DB once and it found my wireless driver to be out of date so had it update, but it downloaded/installed the wrong one which left me disconnected.

I lost faith in driver updater programs from using Slimdrivers.

It would give drivers that needed updating but after the so called update, I found I still had the same dated driver.

You only really need to update drivers when you have problems with the current one so a driver updater program is generally surplus to requirements.

I'd get rid.
Reply With Quote
  #8  
Old 12-09-18, 15:08
John-McKenna's Avatar
John-McKenna John-McKenna is offline
Global Moderator
 
Join Date: May 2016
Location: England
Posts: 125
Default Re: malawarebytes scans

You're going to have to completely remove Firefox and reinstall it to rid yourself of that harmless detection.

Follow the instructions in post 8 by Kevinf80 from this link to backup your preferences and reinstall Firefox.
__________________
Street Epistemology
Reply With Quote
  #9  
Old 12-09-18, 19:53
Madeline's Avatar
Madeline Madeline is offline
Top contributor
 
Join Date: Jan 2004
Location: Cymru
Posts: 51,834
Default Re: malawarebytes scans

Just to clarify, presumably, where Kevinf80 says
Quote:
Next,

Go here: http://www.mozilla.org/en-US/ download save the latest version of Firefox...
it would be OK to get the English (British) version of Firefox if preferred, rather than downloading the English (US) version?

Mozilla Firefox Web Browser Download Firefox in your language Mozilla
__________________
"I'm Irish. We think sideways." Spike Milligan. 1918 - 2002
Reply With Quote
  #10  
Old 17-09-18, 12:04
beefy beefy is offline
Enthusiastic contributor
 
Join Date: Nov 2015
Posts: 297
Default Re: malawarebytes scans

Quote:
Originally Posted by John-McKenna View Post
You're going to have to completely remove Firefox and reinstall it to rid yourself of that harmless detection.

Follow the instructions in post 8 by Kevinf80 from this link to backup your preferences and reinstall Firefox.

have done that though the last few scans had been clear,and avast flashed up a problem with Browser plug ins (firefox monitor, which does not show in FF but does in CCleaner but is disabled,Logitech setpoint which i do have and been using for years, and HP smartprint which is supposed to be in IE)all IE plug ins are now disabled as i don't use it.below is text file from FF.


No Extension Activity Stream 2018.08.22.1219-93becf29 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi
Yes Extension Adblock Plus 3.3.1 eyeo GmbH default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Yes Extension Application Update Service Helper 2.0 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Yes Extension Facebook Container 1.3.1 Mozilla default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\@contain-facebook.xpi
No Extension Firefox Monitor 2.2 default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\features\{d88b8ae0-9bf3-4905-ad39-c03877f65827}\fxmonitor@mozilla.org.xpi
No Extension Firefox Screenshots 33.0.0 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.x pi
Yes Extension Form Autofill 1.0 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org. xpi
Yes Extension HTTPS Everywhere 2018.8.22 extension-devs@eff.org default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\https-everywhere@eff.org.xpi
Yes Extension LastPass: Free Password Manager 4.17.1.7 LastPass default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\support@lastpass .com.xpi
Yes Extension Logitech SetPoint 6.60.90 Logitech default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi
Yes Extension Malwarebytes Browser Extension 1.0.27 Malwarebytes default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi
No Extension Photon onboarding 1.0 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\onboarding@mozilla.org.xp i
Yes Extension Pocket 1.0.5 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
No Extension Simple YouTube MP3 Button 1.2.1 default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi
Yes Extension SimpleFill 2.0.5 ram swaroop default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\jid1-D8dVug3d0bbing@jetpack.xpi
Yes Extension VTZilla 2.1.1 VirusTotal Team default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\extensions\info@virustotal. com.xpi
No Extension Web Compat 2.0 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
No Extension WebCompat Reporter 1.0.0 default Firefox 62.0 C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi
Yes Plugin 1.4.9.1088 Google Inc. default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\gmp-widevinecdm\1.4.9.1088\widevinecdm.dll
Yes Plugin OpenH264 Video Codec 1.7.1 Mozilla Corporation default Firefox 62.0 C:\Users\keith\AppData\Roaming\Mozilla\Firefox\Pro files\hd1ow94x.default\gmp-gmpopenh264\1.7.1\gmpopenh264.dll


why does Avast show plug ins that are disabled as a security risk (so you buy the Premium)if anything is dodgy in above list,either i disabled something i shouldn't or enabled something i should delete let me know.
Reply With Quote
Reply

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Search the forum

Search

© Dennis Publishing Limited Licensed by Felden





All times are GMT. The time now is 06:07.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright Dennis Publishing 2010, All rights reserved