Poll

dog?

4 legs
2 (66.7%)
brown
1 (33.3%)

Total Members Voted: 0

Author Topic: Win32:Pup-gen (Pup)  (Read 53282 times)

0 Members and 1 Guest are viewing this topic.

qim

  • Guest
Win32:Pup-gen (Pup)
« on: January 28, 2012, 02:35:22 PM »
I've had continuous rproblems with a Toshiba P100 and always felt there was avirus lurking somewhere even if all scans shoed a clean computer. Around last November I started getting blue secreens pointing to the NVidia driver. After a few days I was unable to strat the system anylonger, so I took it to the shop where I bought and they reckoned it was the graphics chip. It is true that over the last few months before the computer gave up it was very hot. I phoned theToshiba appointed technical workshop that told me the problem that I described was well known to them in the P100 and there was nothing they could do; better to use while I could and then throw it away...

Anyway, I left the laptop with the original shop and was told that it needed a new motherboard. I refused and took it home. I tried the Recovery disk but the blue screen came up again referring to the NVIdia driver. I kept trying with the same results until at the forth try I managed to get the Windows Desktop, but various MS boxes came up telling me that there were seriuos errors and I should send info to MS. I did. Amazingly, gradully the messages diasappeared and the computer settled down to complete normality. I started to assume that the problem had to do with the unavailibility of a Toshiba graphics driver for the XP SP3. So, I refused the SP3 and carried on with SP2.

All was fine until now. I decided to a boot scan (an earlier sacn showed no problems) and I got 3 files infected with Win32:Pup-gen (PuP). How can that be? I have not copied any old files to the computer. The only thing I did since the recovery was to download Avast and Poppeeper, apart from Office 2003. I hve not been on any funny webpages. So my questions are

a) is it possible that the virus infected the recovery disk when I put it in, or that the virus was somewhere that stays from the original instalation (menory, bios, etc)?

b) what should I do now to make sure this virus goes away for ever? I chose to send it to the Chest.

Thank you very much for your help on this.

qim

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89328
  • No support PMs thanks
Re: Win32:Pup-gen (Pup)
« Reply #1 on: January 28, 2012, 04:09:37 PM »
To start with in normal mode avast doesn't scan for pups (Potentially Unwanted Program) so you are unlikely to see such detections.

- See http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1066761,00.html. Not included in this definition are tools which can be used for good or evil, some have been legitimately installed for a specifically good purpose, but could have been unknowing installed for a malicious purpose.
Not all antivirus programs scan for PUPs and avast has it turned of by default (an exception being the boot-time scan).

The above are I believe why PUPs aren't scanned for by default as most people haven't a clue what the term is and then if what has been detected is legit or its actions could also be used for malicious purposes.

Since you didn't give any information on the files detected (file name and location), I can't answer any of your questions.

####
Whilst the play on words and creating a new Poll (dog - pup) might be funny, it nearly had me pass this topic straight by (without a response) as I hate meaningless polls.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

qim

  • Guest
Re: Win32:Pup-gen (Pup)
« Reply #2 on: January 28, 2012, 04:26:37 PM »
Hi, thank you very much for the response

two of the files were at

c:\prog files\ Toshiba\ConfigFree\NDSTray.exe
c:\Toolscd\Package\NDSTray.exe

the other was in systemRestore. If you tell me how to find the Avast Chest I can send you the info.

Thank you again

qim

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Pup-gen (Pup)
« Reply #3 on: January 28, 2012, 04:31:07 PM »
If you tell me how to find the Avast Chest I can send you the info.

avast! GUI -> Maintenance
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

ady4um

  • Guest
Re: Win32:Pup-gen (Pup)
« Reply #4 on: January 28, 2012, 05:31:44 PM »
In any case, PUP is not the same as "virus".

In addition, I don't see why XP SP2/3 should be an issue. You should go to the manufacturer's website, check the specific model information. If there is an update for SP3, or for your drivers, apply the updates. If there is no information recommending against SP3, that's one important item. But if there is no such recommendation, then SP3 (and updated drivers) is a good idea for XP. All this is a separate issue (more important IMHO than 3 "unknown" PUPs).

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Pup-gen (Pup)
« Reply #5 on: January 28, 2012, 05:37:18 PM »
In addition, I don't see why XP SP2/3 should be an issue.

It isn't. ;)
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37608
  • Not a avast user
Re: Win32:Pup-gen (Pup)
« Reply #6 on: January 28, 2012, 06:28:03 PM »

qim

  • Guest
Re: Win32:Pup-gen (Pup)
« Reply #7 on: January 28, 2012, 07:20:03 PM »
Thak you all

I followed Pondus' link and decided to restore the items flagged as viruses, as it appears that they are not.

As for the SP2/SP3 what I have heard and seems to agree with my problems is that Toshiba abandoned looking after Satellite P100 and there is no good graphics driver for the XP SP3. I intend to carry on for a while on SP2 which is working fine and then see what happens if I install SP3.

The question at the moment is why did the laptop recover, after so many failures before and after the fresh installation of the Toshiba Recovery disc. It does not make any sense to me.

Thanks

qim

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Pup-gen (Pup)
« Reply #8 on: January 28, 2012, 07:23:28 PM »
I intend to carry on for a while on SP2 which is working fine and then see what happens if I install SP3.

Well, it's your decision, but be aware that SP2 doesn't get any security updates anymore..!!
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

qim

  • Guest
Re: Win32:Pup-gen (Pup)
« Reply #9 on: January 28, 2012, 07:46:26 PM »
Thank Asyn, but I am in test mode only. I am not using the computer for any serious work. I will in a ew days install SP3 only to find blue screens again, I guess. The important thing now id to try and discover if I have a hardware problem or not.

If you can throw some light on the reasons why the computer seems to be working fine now, I would be grateful

tehanks again

qim

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Win32:Pup-gen (Pup)
« Reply #10 on: January 28, 2012, 08:17:33 PM »
Thank Asyn, but I am in test mode only.

Even in "test mode" you should update to SP3 ASAP.
Doesn't make much sense to troubleshoot an outdated OS. ;)
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

YoKenny

  • Guest
Re: Win32:Pup-gen (Pup)
« Reply #11 on: January 28, 2012, 08:19:41 PM »
If you can throw some light on the reasons why the computer seems to be working fine now, I would be grateful
I can not throw some light on this but I do know when I installed XP SP3 many of the BSODs stopped on my XP system.

Please read this:
Support for Windows XP Service Pack 2 ends on July 13, 2010
http://support.microsoft.com/gp/lifean31

qim

  • Guest
Re: Win32:Pup-gen (Pup)
« Reply #12 on: January 28, 2012, 08:40:59 PM »
Thanks

But as I said before I am not rying to get a working computer. I am slowly installing programme after programme, and eventually SP3, to see where and when it goes wrong. It is suprprising that a computer that "needed" a motherboard and was ready for the rubbish bin is now working perfectly under SP2 and hopefully later under SP3. But what I want to knwo was why it did not start working properly immediately after reinstalling the Toshiba Recvery disc, as I wrote above.

Thanks again

qim

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37608
  • Not a avast user
Re: Win32:Pup-gen (Pup)
« Reply #13 on: January 28, 2012, 10:16:10 PM »

qim

  • Guest
Re: Win32:Pup-gen (Pup)
« Reply #14 on: January 29, 2012, 11:20:39 AM »
One more question, please:
When you reinstall the manufacturer's Recovery disc, does anything remain from before in the system? For example, does the bios go back to the original version, or does it remain as per the last update?

Thank you

qim