What is “PUP.Optional.4Shared”?

The PUP.Optional.4Shared is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What PUP.Optional.4Shared virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid

How to determine PUP.Optional.4Shared?


File Info:
name: DC2E8E04927B828D4CE3.mlw
path: /opt/CAPEv2/storage/binaries/c0b8536de12886a035f79bfc5e2acff939731fa7dbfac6659878da29291d85e2
crc32: 7CC8B05F
md5: dc2e8e04927b828d4ce34f34e28b118f
sha1: 596f1fcabbab3629315c8f28c57894edef26910b
sha256: c0b8536de12886a035f79bfc5e2acff939731fa7dbfac6659878da29291d85e2
sha512: 77f59ff0bc7719bd1105c27644d60515e36f4bc4984c3049bf06239a5d1de9c04fef57d3a1df261b73b67617a742c19f0d4980898ae45260309b8e89faf7592d
ssdeep: 98304:DwHIFTOLeID9OfFKRRrQmqTzUjjh3TPDiMqH:DwbLeUgf4LrQmSzUPhDPDiZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BF06331A1CC2C5DEEA2D52B63F245BE1D716EE84CB28CB8F1D031CE459643C5FE9219A
sha3_384: faeb09c5633adc1b2cda4400f395ad6ab7f5fc0eeb7e56ae493841b06d11f4bd030f1b0d0a28f44631b5f5834c83f35e
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:46

Version Info:
CompanyName: New IT Solutions
FileDescription: 4shared Desktop Setup
FileVersion: 3.2.2.1
LegalCopyright: New IT Solutions
ProductName: 4shared Desktop Setup
Translation: 0x0000 0x04e4

PUP.Optional.4Shared also known as:

Bkav	W32.AIDetectMalware
Lionic	Adware.Win32.Conduit.2!c
Cylance	unsafe
Sangfor	Adware.Win32.Conduit.V5o6
CrowdStrike	win/grayware_confidence_90% (D)
Alibaba	AdWare:Win32/Conduit.75d1e937
VirIT	PUP.Win32.Conduit.B
ESET-NOD32	a variant of Win32/Toolbar.Conduit.AU potentially unwanted
Cynet	Malicious (score: 100)
NANO-Antivirus	Riskware.Win32.Conduit.eqsuva
Emsisoft	Application.Toolbar (A)
F-Secure	PotentialRisk.PUA/SearchProtect.Gen
DrWeb	Adware.Conduit.299
Zillya	Adware.Conduit.Win32.4974
TrendMicro	PUA.Win32.4Shared.BIWY
Sophos	Generic Reputation PUA (PUA)
Ikarus	Trojan-PWS.Win32.VKont
GData	Win32.Adware.Conduit.B
Jiangmin	Downloader.Snojan.dr
Varist	W32/Conduit.I.gen!Eldorado
Antiy-AVL	RiskWare[WebToolbar]/Win32.Conduit.b
Xcitium	ApplicUnwnt@#2enz8hqbp7bye
ViRobot	Adware.Conduit.3938358
ZoneAlarm	not-a-virus:HEUR:Downloader.Win32.4Shared.gen
Microsoft	PUAAdvertising:Win32/Conduit
Google	Detected
VBA32	BScope.Adware.Downware
Malwarebytes	PUP.Optional.4Shared
Panda	PUP/Generic
TrendMicro-HouseCall	PUA.Win32.4Shared.BIWY
Rising	Adware.Conduit!1.E09C (CLASSIC)
MaxSecure	Trojan.Malware.121218.susgen
DeepInstinct	MALICIOUS

How to remove PUP.Optional.4Shared?

PUP.Optional.4Shared removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X