Register Account

Britec Tech Support Forum Computer Security Security, Viruses, Trojans & Malware Removal Very Infected Pc

Thread Closed 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options  
Very Infected Pc
Shadowtime101 Offline
Junior Member
**
Registered
Posts: 41
Threads: 2
Joined: Nov 2014
Reputation: 0
#1
11-24-2014, 02:37 AM (This post was last modified: 11-24-2014, 02:39 AM by Shadowtime101.)
Hi I'm Shadowtime101,
Okay here's my story.  First off I accidentally downloaded a Trojan and some other stuff to my laptop. (I was not that smart or good with computer's at the time.)  I didn't do anything until a few months after getting that malware stuff. My laptop was full of adware, viruses, spyware, maybe rootkit, and Trojans.  To try to remove the malware I used Malwarebytes.  I did a scan and it found a ton of things.  I pressed delete for all that was found, and I was told to restart my laptop.  So I did, but when it was booting back up it said automatic repair.  It then went into the automatic repair loop.  I was able to get out of it though, and I looked it up and happened to be hardware failure.  My laptop went back to normal though, but still full of all the harmful things. I have been doing many scans from sas, rougekiller, adwcleaner, hitman pro, mcafee, avast, emsisoft, tdsskiller, junkware removal tool, etc. They weren't able to get rid of all the things on my laptop though.  It's pretty slow, high cpu usage, and takes time to start up and turn off.  I really want my laptop to be malware free for once. Also my laptop is a windows 8 hp that I got around a year ago.

Thanks,
Shadowtime101
Find

nsm0220 Offline
Malware Remover
***
Registered
Posts: 179
Threads: 19
Joined: Sep 2014
Reputation: 0
#2
11-24-2014, 08:31 AM
let me see your Hitman pro and Malwarebytes scan results i also want to take a look at your startup at msconfig
Find

Shadowtime101 Offline
Junior Member
**
Registered
Posts: 41
Threads: 2
Joined: Nov 2014
Reputation: 0
#3
11-24-2014, 11:10 PM (This post was last modified: 11-24-2014, 11:23 PM by Shadowtime101.)
Ok, but I never did a malwarebytes scan since the automatic repair loop and the scan I did before on malwarebytes I never saved and on hitman pro I did not save the logs so I'll just do a new scan with hitman pro, but for malwarebytes I'm afraid it might go into the automatic repair loop if I do a scan. Also how do I let you look at my startup at msconfig?

Thanks,
Shadowtime101
Oh also before on hitman pro it found this thing called boost65794.tmp I got scared and quarantined it 5 days ago. It said invalid signature and suspicious. Not sure if its important or not but just to make sure.

Thanks,
Shadowtike101
Code:
HitmanPro 3.7.9.232
www.hitmanpro.com

   Computer name . . . . : JOSHUA_COMPUTER
   Windows . . . . . . . : 6.2.0.9200.X64/2
   User name . . . . . . : JOSHUA_COMPUTER\jespi_000
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2014-11-24 16:09:07
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 11m 38s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 2,176,041
   Files scanned . . . . : 46,522
   Remnants scanned  . . : 440,479 files / 1,689,040 keys

Suspicious files ____________________________________________________________

   C:\Users\jespi_000\Desktop\MiniToolBox.exe
      Size . . . . . . . : 401,920 bytes
      Age  . . . . . . . : 13.3 days (2014-11-11 09:04:50)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 55ADA329F40AC0E0F13EC464E56D09C12078ADEF021A934F059BCD3E962EC46E
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -65.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E15361A5CBD6D3DED3D0BC7C7E33514D0315F3E3
         -65.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DD2D4B4356E57B46C184B09307A920315CAF11F8
         -65.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4A76F251908BAE21B42B0AA2C3F8335127B1ADED
         -65.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4259331B30FC0F677EEFEA39D8513AE0282EB2D6
         -65.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\5C5366EB95CE74149932E6FB0A6EFE7C1A71546B
         -64.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4CC256AE602C0D7769010C0E923ECF34349D5946
         -64.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\60A6B86FB38697D6094ABED81D77C5187FC4BB34
         -64.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\407C8151B9B975A58E16B0D430A81EB7404B4A69
         -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\96E2EE8CB2F4EA23F0F401546CEC1587E61E24EF
         -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C344E0098BF0FB6755BB8CDE6371B79E033B6AA6
         -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\8CCF902A016F05EFC146E36F2424B659F8658C2E
         -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\86D47BF087B25277C28B84DDEA4CD948F56C143B
         -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\5F0C0FAD3E1D8B2D5580E5CB66A9CB7AE6436EB2
         -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\81E7CCD8087E8A2246614DB3E44AB2DEBA7B06CB
         -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\AF2782B951288CC56121B330F40809A239B2ABC1
         -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\8523303C6FBDC256E81D75DB638B7309A2DA9F74
         -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\035B34E89BD2372CF1DFC3ACE56FA32DDB080BC3
         -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\24557A830DE559A054043D3C685B4C1060A084EE
         -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\0973407B48289A8167EB074772B0DBA9D691B29D
         -63.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E76C178BE8403EEB90C3118F04BE532298149A47
         -63.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\35EAB658F32AE78264583BD373BCD47B77513FD5
         -62.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\983DBD3A063E8862CD5A3D2F109506CAA91B4FE4
         -62.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4EDE97E35DFCE186E844CA99859C32F3272E6827
         -54.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\FB52BE0389CFD320E7A89E03A71E9B395241C3E4
         -54.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E8FE0185F01921302FE64797DEAD6C7CC37EEA53
         -54.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C4C89C6D87C36DBCBDFD02768DDB5DB8A67BF85C
         -53.9s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C0B25D3B57A43F9F5B1BB30667B9D1C91BF1878E
         -53.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\A1479E61F47D0D3BFCBD29631D57F89F1DDF211A
         -53.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4F691D53EBC0F8B617F093865F7F0E2E0365B72E
         -53.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4D5B29D48A1421E2FA01603790DAED6E20725952
         -52.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\479722270DEA7440484DFEBAE54D5FCBF1C7FCE6
         -52.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\301BBF48FAB790F0DE12267D7084DCE73861E3C8
         -51.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\9CFF12F5E09F8789B791F240F191FB6DEA1B870E
         -51.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\00DC5EBCDF6FE2731CCD82692C92598375B98154
         -51.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\2F4E78CD9F06CCD2AEA76ADEAECD2A6D232F322B
         -51.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\375289C368735CA2F8419E3BCB1588AE41D976EF
         -51.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4397609681CE385F10581A713F485E2D7A756C7B
         -51.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\8007CF6489B48A2C1457C68A38F120FE4AE5DEBF
         -51.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\1D2DEEC122C2469A71A9D2497532EDE4A9051F35
         -50.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\F0BF7A700C052C0CD244D6ED917D27E2EB9E8A56
         -49.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D30BF6EEC78D915158A4AB95623D2FCDBCF91EC8
         -49.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C000F3E56CD56C2719E6EE24AE1F58B4F6BCB2E3
         -48.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\40CA6E20A0B0F91C62D09035C408F831745895DF
         -47.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\726C8E828657BD0308B548C2126F326AA32F16C4
         -46.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\CA1B1D93A15C8C11CA2D1B88AF000CDA81D4C7A7
         -45.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C3C5E3CF1457230C29CC70419043D1AE96CA0182
         -45.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\28C2BCF858E9DF21FCB8DB5CB5BBE05A798BCB4A
         -45.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\478E9876B7C6C996E105FC0F9FBACFB494A3A180
         -45.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\754E9AE0031EFF3553146560906094B503F16DB7
         -44.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D0F7CD678ADFF0B494C4BFDB5D87CCA7F0708F2C
         -44.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\27464E82DAACCBB23749A375CA0AA08B351F8779
         -44.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\61E94655A4D78D4B20912E1DB2717D40C504854D
         -43.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E64E1716296DADCC9CE0EF8363F67C828724C511
         -43.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\196552D16C82FC052C3452522FB7FB69308DA796
         -37.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\A12083334C500394D124B15292D7BF00A2AF8A57
         -37.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\6279F78B4AC3A9E94FE9F49182992AC0E6140753
         -36.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\B68B65ECF8CC11C43A25AA09A133C163828F0A60
         -35.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\FAC2E0AB8520E96E1BDAD85303DB745D63A3D9E4
         -33.2s C:\Users\jespi_000\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb0000​3.log
         -25.9s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D64874C3CDEDAD5D4009BDADB9B4497B2DF4E0B5
         -25.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\5708D0EDB386E437D56C1A30A9D70BA49BA113C3
         -25.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\CC4742A84F4AE596897A6914C2B2AC8FA4A24312
         -25.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\57097D0911FEFE808E1C1D62C27172C55B568805
         -25.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DC50518CA49F7EBD37190BAF5D279E50D3093576
         -24.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\49D3CFFE4430B8A40B9D343592EDB106D2C60F6E
         -16.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\B744EA5D31752ABF48086962354AB01ECBE83250
         -15.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\99F705ECDFF5D5B0DA3D3F9333552841188C2F68
         -13.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D51E1E90B64EE06145D0DD3B378D2927187A11A2
         -13.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\1431D3D6E5A0798A8EFBAA3D9F3D8E62C2D22A13
         -12.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DD4D540658FA019740CE7895F33CD82DEB153710
         -11.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\1496E6B634F44F766CE82ABB4A9B66B2A36D9559
         -10.9s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\44C1709851CD2BAF0701F7CDCA46709BD5D08688
         -10.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\03A5D76D43914CFEB6B98F276B69F367615626E4
         -10.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\F67D9C89FCBE85B73BB48C89DEC3F1C438BA6C3B
         -9.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\98E47B78FDD7ADCA87EFF52F0A1788C339DE41A2
         -4.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DD9A48F781FE432135B799543FE0FA36B5C53177
         -4.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\15A0EDC0D589FEA363948F2F5D52267F1B5BE369
         -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\FB4D1C5F36CCD48FF901A47289298D73E648DC38
         -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\F25369F99D66290579DA63BA3BB5A81D9B6A1B0B
         -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\ABB898AB73F6059FAF229B0B12D276E8898CC2D7
         -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\A29ECDC5DE9B0E5F7F807E80F4B91B8E2F32FADB
         -3.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\35E259C5B42DA6B3DFD1A505EE1E2BCB48C5CE63
          0.0s C:\Users\jespi_000\Desktop\MiniToolBox.exe

   C:\Users\jespi_000\Downloads\FRST64.exe
      Size . . . . . . . : 2,118,144 bytes
      Age  . . . . . . . : 1.9 days (2014-11-22 19:02:23)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : E6F98F6FB182E5E8F6AFA5CB7F2BCD2ACCFEE6598D985F2F7A34C7CC01904D57
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
Find

nsm0220 Offline
Malware Remover
***
Registered
Posts: 179
Threads: 19
Joined: Sep 2014
Reputation: 0
#4
11-25-2014, 02:29 AM
(11-24-2014, 11:10 PM)Shadowtime101 Wrote:  Ok, but I never did a malwarebytes scan since the automatic repair loop and the scan I did before on malwarebytes I never saved and on hitman pro I did not save the logs so I'll just do a new scan with hitman pro, but for malwarebytes I'm afraid it might go into the automatic repair loop if I do a scan. Also how do I let you look at my startup at msconfig?

Thanks,
Shadowtime101

Oh also before on hitman pro it found this thing called boost65794.tmp I got scared and quarantined it 5 days ago. It said invalid signature and suspicious. Not sure if its important or not but just to make sure.

Thanks,
Shadowtike101

Code:
HitmanPro 3.7.9.232
www.hitmanpro.com

  Computer name . . . . : JOSHUA_COMPUTER
  Windows . . . . . . . : 6.2.0.9200.X64/2
  User name . . . . . . : JOSHUA_COMPUTER\jespi_000
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (30 days left)

  Scan date . . . . . . : 2014-11-24 16:09:07
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 11m 38s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 2

  Objects scanned . . . : 2,176,041
  Files scanned . . . . : 46,522
  Remnants scanned  . . : 440,479 files / 1,689,040 keys

Suspicious files ____________________________________________________________

  C:\Users\jespi_000\Desktop\MiniToolBox.exe
     Size . . . . . . . : 401,920 bytes
     Age  . . . . . . . : 13.3 days (2014-11-11 09:04:50)
     Entropy  . . . . . : 7.9
     SHA-256  . . . . . : 55ADA329F40AC0E0F13EC464E56D09C12078ADEF021A934F059BCD3E962EC46E
     Needs elevation  . : Yes
     Fuzzy  . . . . . . : 23.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
     Forensic Cluster
        -65.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E15361A5CBD6D3DED3D0BC7C7E33514D0315F3E3
        -65.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DD2D4B4356E57B46C184B09307A920315CAF11F8
        -65.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4A76F251908BAE21B42B0AA2C3F8335127B1ADED
        -65.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4259331B30FC0F677EEFEA39D8513AE0282EB2D6
        -65.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\5C5366EB95CE74149932E6FB0A6EFE7C1A71546B
        -64.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4CC256AE602C0D7769010C0E923ECF34349D5946
        -64.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\60A6B86FB38697D6094ABED81D77C5187FC4BB34
        -64.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\407C8151B9B975A58E16B0D430A81EB7404B4A69
        -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\96E2EE8CB2F4EA23F0F401546CEC1587E61E24EF
        -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C344E0098BF0FB6755BB8CDE6371B79E033B6AA6
        -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\8CCF902A016F05EFC146E36F2424B659F8658C2E
        -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\86D47BF087B25277C28B84DDEA4CD948F56C143B
        -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\5F0C0FAD3E1D8B2D5580E5CB66A9CB7AE6436EB2
        -64.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\81E7CCD8087E8A2246614DB3E44AB2DEBA7B06CB
        -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\AF2782B951288CC56121B330F40809A239B2ABC1
        -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\8523303C6FBDC256E81D75DB638B7309A2DA9F74
        -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\035B34E89BD2372CF1DFC3ACE56FA32DDB080BC3
        -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\24557A830DE559A054043D3C685B4C1060A084EE
        -64.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\0973407B48289A8167EB074772B0DBA9D691B29D
        -63.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E76C178BE8403EEB90C3118F04BE532298149A47
        -63.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\35EAB658F32AE78264583BD373BCD47B77513FD5
        -62.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\983DBD3A063E8862CD5A3D2F109506CAA91B4FE4
        -62.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4EDE97E35DFCE186E844CA99859C32F3272E6827
        -54.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\FB52BE0389CFD320E7A89E03A71E9B395241C3E4
        -54.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E8FE0185F01921302FE64797DEAD6C7CC37EEA53
        -54.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C4C89C6D87C36DBCBDFD02768DDB5DB8A67BF85C
        -53.9s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C0B25D3B57A43F9F5B1BB30667B9D1C91BF1878E
        -53.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\A1479E61F47D0D3BFCBD29631D57F89F1DDF211A
        -53.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4F691D53EBC0F8B617F093865F7F0E2E0365B72E
        -53.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4D5B29D48A1421E2FA01603790DAED6E20725952
        -52.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\479722270DEA7440484DFEBAE54D5FCBF1C7FCE6
        -52.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\301BBF48FAB790F0DE12267D7084DCE73861E3C8
        -51.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\9CFF12F5E09F8789B791F240F191FB6DEA1B870E
        -51.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\00DC5EBCDF6FE2731CCD82692C92598375B98154
        -51.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\2F4E78CD9F06CCD2AEA76ADEAECD2A6D232F322B
        -51.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\375289C368735CA2F8419E3BCB1588AE41D976EF
        -51.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\4397609681CE385F10581A713F485E2D7A756C7B
        -51.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\8007CF6489B48A2C1457C68A38F120FE4AE5DEBF
        -51.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\1D2DEEC122C2469A71A9D2497532EDE4A9051F35
        -50.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\F0BF7A700C052C0CD244D6ED917D27E2EB9E8A56
        -49.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D30BF6EEC78D915158A4AB95623D2FCDBCF91EC8
        -49.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C000F3E56CD56C2719E6EE24AE1F58B4F6BCB2E3
        -48.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\40CA6E20A0B0F91C62D09035C408F831745895DF
        -47.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\726C8E828657BD0308B548C2126F326AA32F16C4
        -46.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\CA1B1D93A15C8C11CA2D1B88AF000CDA81D4C7A7
        -45.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\C3C5E3CF1457230C29CC70419043D1AE96CA0182
        -45.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\28C2BCF858E9DF21FCB8DB5CB5BBE05A798BCB4A
        -45.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\478E9876B7C6C996E105FC0F9FBACFB494A3A180
        -45.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\754E9AE0031EFF3553146560906094B503F16DB7
        -44.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D0F7CD678ADFF0B494C4BFDB5D87CCA7F0708F2C
        -44.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\27464E82DAACCBB23749A375CA0AA08B351F8779
        -44.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\61E94655A4D78D4B20912E1DB2717D40C504854D
        -43.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\E64E1716296DADCC9CE0EF8363F67C828724C511
        -43.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\196552D16C82FC052C3452522FB7FB69308DA796
        -37.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\A12083334C500394D124B15292D7BF00A2AF8A57
        -37.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\6279F78B4AC3A9E94FE9F49182992AC0E6140753
        -36.6s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\B68B65ECF8CC11C43A25AA09A133C163828F0A60
        -35.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\FAC2E0AB8520E96E1BDAD85303DB745D63A3D9E4
        -33.2s C:\Users\jespi_000\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb0000​3.log
        -25.9s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D64874C3CDEDAD5D4009BDADB9B4497B2DF4E0B5
        -25.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\5708D0EDB386E437D56C1A30A9D70BA49BA113C3
        -25.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\CC4742A84F4AE596897A6914C2B2AC8FA4A24312
        -25.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\57097D0911FEFE808E1C1D62C27172C55B568805
        -25.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DC50518CA49F7EBD37190BAF5D279E50D3093576
        -24.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\49D3CFFE4430B8A40B9D343592EDB106D2C60F6E
        -16.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\B744EA5D31752ABF48086962354AB01ECBE83250
        -15.2s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\99F705ECDFF5D5B0DA3D3F9333552841188C2F68
        -13.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\D51E1E90B64EE06145D0DD3B378D2927187A11A2
        -13.0s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\1431D3D6E5A0798A8EFBAA3D9F3D8E62C2D22A13
        -12.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DD4D540658FA019740CE7895F33CD82DEB153710
        -11.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\1496E6B634F44F766CE82ABB4A9B66B2A36D9559
        -10.9s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\44C1709851CD2BAF0701F7CDCA46709BD5D08688
        -10.7s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\03A5D76D43914CFEB6B98F276B69F367615626E4
        -10.3s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\F67D9C89FCBE85B73BB48C89DEC3F1C438BA6C3B
        -9.5s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\98E47B78FDD7ADCA87EFF52F0A1788C339DE41A2
        -4.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\DD9A48F781FE432135B799543FE0FA36B5C53177
        -4.4s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\15A0EDC0D589FEA363948F2F5D52267F1B5BE369
        -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\FB4D1C5F36CCD48FF901A47289298D73E648DC38
        -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\F25369F99D66290579DA63BA3BB5A81D9B6A1B0B
        -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\ABB898AB73F6059FAF229B0B12D276E8898CC2D7
        -4.1s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\A29ECDC5DE9B0E5F7F807E80F4B91B8E2F32FADB
        -3.8s C:\Users\jespi_000\AppData\Local\Mozilla\Firefox\Profiles\woys1x6u.default\cache​2\entries\35E259C5B42DA6B3DFD1A505EE1E2BCB48C5CE63
         0.0s C:\Users\jespi_000\Desktop\MiniToolBox.exe

  C:\Users\jespi_000\Downloads\FRST64.exe
     Size . . . . . . . : 2,118,144 bytes
     Age  . . . . . . . : 1.9 days (2014-11-22 19:02:23)
     Entropy  . . . . . : 7.5
     SHA-256  . . . . . : E6F98F6FB182E5E8F6AFA5CB7F2BCD2ACCFEE6598D985F2F7A34C7CC01904D57
     Needs elevation  . : Yes
     Fuzzy  . . . . . . : 24.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.

type in msconfig.exe in run i also want to take a look at the file FRST64.exe as well so can you send me the file as well
Find

Shadowtime101 Offline
Junior Member
**
Registered
Posts: 41
Threads: 2
Joined: Nov 2014
Reputation: 0
#5
11-25-2014, 03:04 AM (This post was last modified: 11-25-2014, 03:12 AM by Shadowtime101.)
Here's a Malwarebytes scan and thanks for the fast reply
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 11/24/2014
Scan Time: 7:22:27 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.25.01
Rootkit Database: v2014.11.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: jespi_000

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 387825
Time Elapsed: 39 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.DealDropper.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41708E47-E97E-4051-A609-B88B398BCC94}, , [cf262916413b44f20bc8a6559f63d828],
PUP.Optional.DealDropper.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41708E47-E97E-4051-A609-B88B398BCC94}, , [cf262916413b44f20bc8a6559f63d828],
PUP.Optional.DealDropper.A, HKLM\SOFTWARE\WOW6432NODE\Deal-Dropper, , [6b8a142bccb035011cd4580a1ee51fe1],
PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, , [3fb6ce718af201357512b2f437cd55ab],
PUP.OPTIONAL.WebInternetSecurity, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Webinternet​security, , [3eb763dcee8e32049912f558c93aad53],

Registry Values: 2
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [7085c07fcdaf54e22db68acc21e2df21]
PUP.Optional.ConsumerInput.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ConsumerInput@Compete, C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi, , [c233b58a1d5f1d19979c44fdb44f758b]

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons, , [cc29e758de9eed49ae6e48d318eb21df],

Files: 63
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\chrome_gp_update.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\chrome_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\common.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\ie_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\main_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\migrate.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\projectInstaller.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\repair.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\repair_data.json, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\background.html, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\bootstrap.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\chrome.manifest, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\extension_info.json, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\install.rdf, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_bg.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_browseraction.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_common.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_content.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_settings.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_webrequest.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\jquery.min.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\canvasscript_engine.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\canvas_bg.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\md5.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\registry.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\webrequest.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\backgroundscript_engine.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\base.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\browser.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\chrome_windows.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\console.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\content_proxy.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\framework.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\i18n.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\invoke_async.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\io.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\lang.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\legacy.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\message_target.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\messaging.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\storage.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\timer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\uninstall.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\userscript_client.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\userscript_engine.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\utils.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\xhr.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\browser_button.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\contentNotification.tmpl, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\contentNotificationStyle.tmpl, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\content_notifications.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\context_menu.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\framework_api.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\notifications.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\options.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\ui_base.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\button.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon100.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon128.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon32.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon48.png, , [cc29e758de9eed49ae6e48d318eb21df],

Physical Sectors: 0
(No malicious items detected)


(end)
What do I do after running the msconfig.exe, it just popped up a screen with startup stuff. I'm not the best with computers so sorry.
Find

nsm0220 Offline
Malware Remover
***
Registered
Posts: 179
Threads: 19
Joined: Sep 2014
Reputation: 0
#6
11-25-2014, 03:21 AM
(11-25-2014, 03:04 AM)Shadowtime101 Wrote:  Here's a Malwarebytes scan and thanks for the fast reply
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 11/24/2014
Scan Time: 7:22:27 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.25.01
Rootkit Database: v2014.11.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: jespi_000

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 387825
Time Elapsed: 39 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.DealDropper.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41708E47-E97E-4051-A609-B88B398BCC94}, , [cf262916413b44f20bc8a6559f63d828],
PUP.Optional.DealDropper.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41708E47-E97E-4051-A609-B88B398BCC94}, , [cf262916413b44f20bc8a6559f63d828],
PUP.Optional.DealDropper.A, HKLM\SOFTWARE\WOW6432NODE\Deal-Dropper, , [6b8a142bccb035011cd4580a1ee51fe1],
PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, , [3fb6ce718af201357512b2f437cd55ab],
PUP.OPTIONAL.WebInternetSecurity, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Webinternet​security, , [3eb763dcee8e32049912f558c93aad53],

Registry Values: 2
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [7085c07fcdaf54e22db68acc21e2df21]
PUP.Optional.ConsumerInput.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ConsumerInput@Compete, C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi, , [c233b58a1d5f1d19979c44fdb44f758b]

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons, , [cc29e758de9eed49ae6e48d318eb21df],

Files: 63
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\chrome_gp_update.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\chrome_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\common.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\ie_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\main_installer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\migrate.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\projectInstaller.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\repair.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\repair_data.json, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\background.html, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\bootstrap.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\chrome.manifest, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\extension_info.json, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\install.rdf, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_bg.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_browseraction.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_common.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_content.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_settings.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_webrequest.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\jquery.min.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\canvasscript_engine.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\canvas_bg.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\md5.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\registry.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\webrequest.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\backgroundscript_engine.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\base.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\browser.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\chrome_windows.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\console.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\content_proxy.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\framework.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\i18n.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\invoke_async.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\io.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\lang.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\legacy.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\message_target.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\messaging.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\storage.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\timer.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\uninstall.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\userscript_client.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\userscript_engine.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\utils.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\xhr.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\browser_button.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\contentNotification.tmpl, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\contentNotificationStyle.tmpl, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\content_notifications.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\context_menu.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\framework_api.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\notifications.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\options.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\ui_base.js, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\button.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon100.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon128.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon32.png, , [cc29e758de9eed49ae6e48d318eb21df],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon48.png, , [cc29e758de9eed49ae6e48d318eb21df],

Physical Sectors: 0
(No malicious items detected)


(end)

What do I do after running the msconfig.exe, it just popped up a screen with startup stuff.  I'm not the best with computers so sorry.

use the Snipping Tool to post a pic of it if you need help i can teamviewer it for you
Find

Shadowtime101 Offline
Junior Member
**
Registered
Posts: 41
Threads: 2
Joined: Nov 2014
Reputation: 0
#7
11-25-2014, 03:26 AM (This post was last modified: 11-25-2014, 03:29 AM by Shadowtime101.)
Which tab do I snip? Or do I do all and how do i send you the file FRST.exe, do I just give you the link to it?
Find

nsm0220 Offline
Malware Remover
***
Registered
Posts: 179
Threads: 19
Joined: Sep 2014
Reputation: 0
#8
11-25-2014, 03:47 AM (This post was last modified: 11-25-2014, 05:08 AM by nsm0220.)
(11-25-2014, 03:26 AM)Shadowtime101 Wrote:  Which tab do I snip? Or do I do all and how do i send you the file FRST.exe, do I just give you the link to it?
let me teamviewer it for you just install teamviewer i show what i mean by and send it by email in zip folder
Find

GuiltySpark Offline
Overseer
*****
VIP
Posts: 1,856
Threads: 46
Joined: Sep 2014
Reputation: 46
#9
11-25-2014, 01:46 PM
And please let us know how it went as it may help others. (should really be kept on the forums)
 

Website Find

Britec Offline
Owner
********
Owner
Posts: 4,727
Threads: 311
Joined: Sep 2014
Reputation: 102
#10
11-25-2014, 01:55 PM
Can't agree more, if you give support to someone, please try and help them as much as possible on forum.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support! 
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0">
</form>

   </div></left> 
Find

« Next Oldest
Next Newest »
Thread Closed 


Forum Jump:


Users browsing this thread:
1 Guest(s)

Powered By MyBB, © 2002-2024 Melroy van den Berg.