PUA

PUP.Optional.PriceFountain removal instruction

Malware Removal

The PUP.Optional.PriceFountain is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUP.Optional.PriceFountain virus can do?

  • Unconventionial language used in binary resources: Hebrew
  • Authenticode signature is invalid
  • Checks the version of Bios, possibly for anti-virtualization
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Collects information to fingerprint the system

How to determine PUP.Optional.PriceFountain?



File Info:

name: 3C483EA96DEA0E71A692.mlw
path: /opt/CAPEv2/storage/binaries/cfaf43242052ca0ef9cbb3f726e807538d21744662d1544bfa961cb0d9fbb742
crc32: 7EA0648E
md5: 3c483ea96dea0e71a6923bc401e2d481
sha1: 175455bf9c0e5b2f476d517f522e3ad92dbfa52a
sha256: cfaf43242052ca0ef9cbb3f726e807538d21744662d1544bfa961cb0d9fbb742
sha512: ad36837584e67ce4ef004d401794bb817bd701bed00f517515eff6c14f881ec0e9772b51b73aad4b4bd5aa0305bcdf88db5b7418bd2a5f2f020d3258824a8cd0
ssdeep: 6144:iDf2chcZv/WeOpgdOfiST82lievWlDzi5RRieAkwAjFM54oJ:guchkWgdOfiSTXlievGKieASO54oJ
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1AC745A01B285E071D4BE01B96A38AB67153EBE508BE6C9D7E3C448AE4D700D19FB3763
sha3_384: 98a527167f6037dc6c10c95937aa366441b2d0986f3f2c01e0a580cfaa42764b9d3f0477701e4ef133953fed266021f0
ep_bytes: 558bec837d0c017505e8cd9e0000ff75
timestamp: 2015-12-11 14:45:34


Version Info:

FileVersion: 1.1.0.9
InternalName: prfo.dll
LegalCopyright: Copyright (C) 2014
OriginalFilename: prfo.dll
ProductVersion: 1.1.0.9
Translation: 0x0009 0x04b0

PUP.Optional.PriceFountain also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Adware.PriceFountain.1
CAT-QuickHealPUP.PriceFountain.D5
SkyhighPUP-FGA
ALYacGen:Variant.Adware.PriceFountain.1
SangforTrojan.Win32.Save.a
CrowdStrikewin/grayware_confidence_100% (D)
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderThetaGen:NN.ZedlaF.36680.vu8@aiAujwbO
SymantecAdware.DealPly
ESET-NOD32a variant of Win32/DealPly.CI potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:UDS:AdWare.Win32.DealPly.heur
BitDefenderGen:Variant.Adware.PriceFountain.1
NANO-AntivirusVirus.Win32.Gen.ccmw
SUPERAntiSpywarePUP.PriceFountain/Variant
AvastWin32:BrowseFox-AIE [Adw]
TencentMalware.Win32.Gencirc.10b0e710
SophosPriceFountain (PUA)
F-SecureHeuristic.HEUR/AGEN.1302012
DrWebAdware.DealPly.260
VIPREGen:Variant.Adware.PriceFountain.1
TrendMicroADW_DEALPLY.SMCI
EmsisoftGen:Variant.Adware.PriceFountain.1 (B)
WebrootPua.Adware.Pricefountain
GoogleDetected
AviraHEUR/AGEN.1302012
Antiy-AVLGrayWare[AdWare]/Win32.DealPly.ci
MicrosoftBrowserModifier:Win32/Prifou
XcitiumApplication.Win32.DealPly.E@6765lz
ArcabitTrojan.Adware.PriceFountain.1
ZoneAlarmnot-a-virus:UDS:AdWare.Win32.DealPly.heur
GDataWin32.Adware.DealPly.S
VaristW32/S-ed781133!Eldorado
AhnLab-V3PUP/Win32.Dealply.R174855
McAfeePUP-FGA
VBA32BScope.Adware.DealPly
MalwarebytesPUP.Optional.PriceFountain
TrendMicro-HouseCallADW_DEALPLY.SMCI
RisingAdware.DealPly!1.A3EF (CLASSIC)
YandexTrojan.GenAsa!xcoWdO98RL4
IkarusPUA.DealPly
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/DealPly
AVGWin32:BrowseFox-AIE [Adw]
DeepInstinctMALICIOUS

How to remove PUP.Optional.PriceFountain?

PUP.Optional.PriceFountain removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment