PlurPush Description

PlurPush is a legitimate program developed by Super Web LLC, which can be installed and work in Internet Explorer, Mozilla Firefox and Google Chrome web browsers. However, despite that PlurPush is not a malware threat, this application may perform various annoying activities on the computer. Therefore, PlurPush is considered to be a potentially unwanted program/adware. PlurPush may display repeated pop-up messages and ads on the screen of the PC, initiate browser redirects to doubtful websites or slow down the computer system. According to the publisher of PlurPush, this program is created to help save the money for web users, because it delivers alerts informing about discounts, coupons and offers once the computer user accesses any online shopping website.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

Web users should not rely on these advertisements because mostly they may make the PC user visit affiliated commercial websites. PlurPush can be downloaded from numerous download websites. However, it may also enter the vulnerable computer without the PC owner knowing about it. PlurPush may come bundled with freeware and shareware applications, and invade the computers as a free addition. In order to evade PlurPush, computer users should pay more attention to the installation process of freeware and shareware programs. Usually, PC users should choose a ‘Custom’ or ‘Advanced’ installation method and uncheck the option, which agrees with the installation of PlurPush. No matter that PlurPush conceals itself from the PC user when it strives to invade the computer, it starts occurring as soon as it enters the PC.

PlurPush Automatic Detection Tool (Recommended)

Is your PC infected with PlurPush? To safely & quickly detect PlurPush we highly recommend you run the malware scanner listed below.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %WINDIR%\ System32\ drivers\ wStLibG64.sys 6,305
    2 %WINDIR%\ System32\ drivers\ wStLib64.sys 553
    3 %PROGRAMFILES%\PlurPush 228
    4 %PROGRAMFILES(x86)%\PlurPush 225
    5 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\mambbckbipmmmckhbkncgobpackhkkhd 222
    6 %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mambbckbipmmmckhbkncgobpackhkkhd 219
    7 chrome-extension_mambbckbipmmmckhbkncgobpackhkkhd_0.localstorage-journal 206

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}PlurPushHKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Tracing\PlurPush_RASAPI32SOFTWARE\Microsoft\Tracing\PlurPush_RASMANCSSOFTWARE\Microsoft\Tracing\updatePlurPush_RASAPI32SOFTWARE\Microsoft\Tracing\updatePlurPush_RASMANCSSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{82249076-d5c8-431d-982b-023779779587}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82249076-D5C8-431D-982B-023779779587}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82249076-D5C8-431D-982B-023779779587}Software\PlurPushSOFTWARE\Wow6432Node\Microsoft\Tracing\PlurPush_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{82249076-d5c8-431d-982b-023779779587}SOFTWARE\Wow6432Node\PlurPushSYSTEM\ControlSet002\services\Update PlurPushSYSTEM\CurrentControlSet\services\eventlog\Application\Update PlurPushSYSTEM\CurrentControlSet\services\Update PlurPush
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} {82249076-d5c8-431d-982b-023779779587}{089EDE16-F82F-4CB5-B64E-433860459D81}{6A9F605F-89D1-4AF7-8747-2A17F002E20E}
Posted: October 10, 2013 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 2/10
Detection Count: 33,928

Leave a Reply

What is 13 + 11 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)