> VilmaTech Blog > PUP.Optional.Conduit.A, Remove PUP Virus and Stop It Reappearing

PUP.Optional.Conduit.A, Remove PUP Virus and Stop It Reappearing


PUP.Optional.Conduit.A stems from PUP category, the one that is deemed to be potentially unwanted program. So far according to surveys, Malwarebytes is the main anti-virus program that detects it.

pup optional conduit a

It is apparent from the above attached figure that getting PUP.Optional.Conduit.A will suffer from pop-up ads and additional items stemming from the same PUP category. As a matter of fact, PUP.Optional.Conduit.A supports the operation of adware with various content and address for promotion. Merchants deny the appellation as virus as PUP.Optional.Conduit.A is required to help with broader publicity for their products among thousands of hundreds of commodities. However, PUP.Optional.Conduit.A does harms and incur antipathy out of PC users, PUP is created as an expedient to warn PC users with dangers to help and support victims to remove it.

In the light of, however, information gathered by VilmaTech Research Lab, complaints are made about PUP.Optional.Conduit.A keeps coming back from removals. With respect to the reason for reappearance and the way to remove PUP.Optional.Conduit.A, the answers are depicted below. On the occurrence of questions and unexpected mechanical issues, you are welcome to get instant assistance from specialized expert at VilmaTech Online Support.

live chat


Infiltration Way

Different as the appellation is, PUP.Optional.Conduit.A resembles Trojan in many aspects. Generally speaking, PUP.Optional.Conduit.A is programmed as a part of adware which has been bundled with another third-party program. Once the third-party program is installed out of carelessness along with the installation of the third-party program, PUP.Optional.Conduit.A manages to find its way to complete the settlement.
When in, PUP.Optional.Conduit.A generates executable files in system partition and some key components of a machine, such as startup and Registry Editor. As a result, ads supported by PUP.Optional.Conduit.A will be able to make network connection as a trigger to pop up ads automatically. Be noted that those generated items are not that easy to be removed for three reasons:

  1. Some executable files are injected among the ones protected by Windows.
  2. The names of generated items resemble the ones for system items to make the target machine confuse.
  3. Running processes are put to jointly support ads with other generated items in Windows protected zone.

Such modifications are sufficient to make the ads supported by PUP.Optional.Conduit.A sticky to a computer and to make vulnerability on a system, which imposes potential harms that most PC users haven’t got to know yet:

  1. Arouse web vulnerability – web vulnerability can be easily located by deadly infections as vulnerable web is a tool to achieve broader and quicker attacks.
  2. Trigger system vulnerability – more system configurations are easier to be attacked to follow infections.
  3. Cause information lost – Windows protected zone and processes contains system information as well as browser histories; analysis on those information will help ads supported by PUP.Optional.Conduit.A to deliver more and more ads containing partners products catering for your appetite to ruin surfing experience; besides, to achieve its ultimate goal of obtaining profitable revenue, spammers behind PUP.Optional.Conduit.A might resell the collected information to other spammers, putting target into victims for other infections.

Obviously it is an emergency to remove PUP.Optional.Conduit.A so that potentially harmful damages can be stopped in the nick of time. Below is the removal instruction VilmaTech Online Support offers. Stick to the steps and order to remove PUP.Optional.Conduit.A completely and thoroughly. On condition that other introduced items impose adverse impact on the removal and it is overwhelming you, get exclusive help from experienced computer professionals here.

live chat


Complete Instruction to Remove PUP.Optional.Conduit.A and Stop It Reappearing

One – Access Databases containing settings to remove the keys and values generated by PUP.Optional.Conduit.A.
Tip: if you have your browsers (IE, Chrome, Firefox, Opera, Safari) open, close them down to start.

  • Use Win key and R key at hold them together and bring up a text box.
  • Put “Regedit” and hit Enter key to access Database.                     run regedit
  • When the following window is up, navigate to the following listed entries one by one and remove them from the Database:                                                                                                             registry enditor2

HKLM\Software\Web Assistant
HKLM\SOFTWARE\Mozilla\Firefox\Extensions {random numbers}
HKLM\SOFTWARE\Google\Chrome\Extensions\random letters
HKLM\SOFTWARE\Classes\AppID\{random numbers}
HKLM\SOFTWARE\Classes\CLSID\{random numbers}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{random numbers}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{random numbers}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{random numbers}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{random numbers}_is1

Two – Reveal all hidden items to remove virulent ones related to PUP.Optional.Conduit.A from the target computer.

  1. Enter into C:\Windows and C:\Windows\System32 to remove Temp files and folder.
  2. Search and find any items with the names containing “PUP”.
  3. Browse to the following listed directories and remove related ones:

C:\Program Files\Web Assistant
C:\Program Files\Common Files\[name – the program that brought in by PUP.Optional.Conduit.A]
C:\Users\AppData\Local\[names – the program that brought in by PUP.Optional.Conduit.A]
C:\Users\AppData\LocalLow\[names – the program that brought in by PUP.Optional.Conduit.A]
C:\Users\AppData\Roaming\[browsers you use]\Profiles\[random letters and numbers].default\Extensions\webbooster@[the popup name triggered by PUP.Optional.Conduit.A].com.xpi

Windows 8

  • Access Windows Explorer which has its icon on Start Screen.
  • When in, hit View tab to tick ‘File name extensions’ and ‘Hidden items’ options in the upper right .
  • Don’t forget to press “OK” button so that hidden items can be revealed.       win8 hidden file

Windows 7/Vista/XP

  • Click Windows icon start menu to bring up Start menu.
  • Find and access Control Panel.
  • When in, choose ‘Folder Options’ to proceed.
  • Hit View tab to tick ‘Show hidden files and folders and non-tick Hide protected operating system files (Recommended)’.                                                                                                                                                                           folder options1
  • Don’t forget to press “OK” button so that hidden items can be revealed.

Three – Reset browsers to for recovery browser settings.
Tip: once the modifications are done, targets need to restart the computer for the machine to remember the modification for good.

Internet Explorer

  • Click on IE’s Tools menu (some versions will have it as a gear icon) to select Internet Options in the drop-down list.
  • When in, go to Advanced tab to press “Restore Defaults”/”Reset” button at the bottom.
  • “OK” button is always required to confirm the reset.                                                                   reset IE

Mozilla Firefox

  • Click on Firefox menu to get options and place the mouse on Help option to get  sub-list.
  • Choose Troubleshooting information option, which will pop up a new window offering ‘Reset Firefox’ button on the left uppers corner.
  • Hit ‘Reset Firefox’ button to reset Firefox.                                           reset_firefox_1

Google Chrome

  • Click on ‘Customize and Control Google Chrome’ menu to get options and and choose ‘Options’.
  • Go to ‘Under the Hood’ tab and hit ‘Reset to Defaults’ button to reset Chrome.reset gg4


  • There’s no such “reset” button for opera like other browsers; all we need is to remove Operapref.ini file under “C:\Users\user_name\AppData\Roaming\Opera\Opera\” after reveal hidden files and folders .   reset opera


Summary Plus

Name:   PUP.Optional.Conduit.A

OS attacked:   Microsoft Windows

Vicious partners:   PUP.Optional.Value.Apps.A, PUP.Optional.OpenCandy

Dissemination routine:   Drive-by download

Recommended removal method:   Manual way

Potential damages:
Vulnerable web and vulnerable system to be susceptible to infections.


  1. more items and infections are flagged by installed anti-virus programs without being removed completely;
  2. more items are piling up on the target machine to considerably consume limited computer resource;
  3. pop-up ads are increasing in frequency to ruin surfing experience.

The removal steps should be undertaken in order, otherwise, error message would be triggered to popup telling something related to PUP.Optional.Conduit.A is in use and cannot be exterminated. It should also come to your awareness that other unforeseeable items can be introduced in due to vulnerability because of random modifications. Should it be the case, come to VilmaTech Online Support where specialists are working; they will give away solution to your concrete situation.

live chat

Comments are closed.

Latest Posts