Generic PUP.z removal

[Deak689]

First of all, thank you to all of the people associated with creating and maintaining this web resource site... I have truely found it valuable since only registering yesterday!

Started out by seeking how to remove "Generic PUP.z" which my McAfee would attemt to remove, but could only partially remove and continued to show up in every scan while posting a directory path in the results which I could not manually locate.

Have follow all of the steps for "Vista Cleaning Procedure"

Also, DVD writer and cdrom device drivers have become corrupted, which may or may not be due to "Generic PUP.z?"

[chaslang]

Welcome to Major Geeks!

Please attach the requested C:\ComboFix.txt log.

Quote:

Originally Posted by Deak689

Started out by seeking how to remove "Generic PUP.z" which my McAfee would attemt to remove, but could only partially remove and continued to show up in every scan while posting a directory path in the results which I could not manually locate.

You need to tell us exactly where it is being found. What file and what folder?

Your logs are clean.

[Deak689]

Here is the filepath that McAfee is detecting the pup in:

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1XHZX0B\upgrade[1].cab


Thank you!

[chaslang]

Quote:

Originally Posted by Deak689

Here is the filepath that McAfee is detecting the pup in:

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1XHZX0B\upgrade[1].cab

It is just a temporary internet file from browsing. You can easily just delete it yourself or you can empty your browser cache.

To flush your Internet Explorer Cache:

• click Tools
• Internet Options
• Now on the General tab and click Delete Files and select Delete all Offline content too
• Click OK.
• When it finishes Click OK.

Your logs are basically clean. We just have some minor details to take care of.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

After clicking Fix, exit HJT.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below log:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

[Deak689]

System appears to be performing normal except for the continued detection of "generic pup.z" by McAfee scan at the exact same previously posted filepath.

[chaslang]

You did not allow the GetLogs.bat program to run thru to completion or you allowed McAfee to get in the way of it running. Disable McAfee and do all of the below.


Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

Quote:

Folders to delete:
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1XHZX0B

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

[Deak689]

System is running fine.

Running manual scan with McAfee to see if "Generic Pup.z" is still detected.

Will post McAfee scan results.

TY

[chaslang]

Your MGlogs.zip file is still not updated properly. You need to stop McAfee as it is probably getting in the way. The delete the current C:\MGlogs.zip file. Now download the current version of MGtools from here MGtools.exe Then make sure that you have UAC disabled as mentioned in the READ & RUN ME. If it is not disabled, you will have to disable it and then you must reboot. Now right click on the MGtools.exe that you just downloaded and select Run As Administrator. Make sure you let it finish running and do not let McAfee block anything from running. Then attach the new C:\MGlogs.zip file.