Login

**nsm0220** · (This post was last modified: 12-08-2014, 12:19 AM by nsm0220.)

(12-07-2014, 05:41 PM)Shadowtime101 Wrote: # AdwCleaner v4.104 - Report created 06/12/2014 at 12:04:29
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 8 (64 bits)
# Username : jespi_000 - JOSHUA_COMPUTER
# Running from : C:\Users\jespi_000\Desktop\adwcleaner_4.104.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update SourceApp
[#] Service Deleted : Util SourceApp
Service Deleted : {0263559b-b988-4803-b082-70c1d2b89830}Gw64

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Program Files (x86)\SourceApp
Folder Deleted : C:\Users\JESPI_~1\AppData\Local\Temp\SourceApp
File Deleted : C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys
File Deleted : C:\Users\jespi_000\AppData\Roaming\Mozilla\Firefox\Profiles\woys1x6u.default\user.js

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update SourceApp
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util SourceApp
Key Deleted : HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\updateSourceApp.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9f7ab9c4-4da3-440e-ba84-95903165f129}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1B74BE8-E593-4EB8-BF9E-AC2BBE4B1BEB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7e25cc08-8611-435a-bed7-60dd82b4fde5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9f7ab9c4-4da3-440e-ba84-95903165f129}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1B74BE8-E593-4EB8-BF9E-AC2BBE4B1BEB}
Key Deleted : HKCU\Software\SourceApp
Key Deleted : HKLM\SOFTWARE\SourceApp
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SourceApp

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17148

-\\ Mozilla Firefox v33.1 (x86 en-US)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [7779 octets] - [13/08/2014 15:46:48]
AdwCleaner[R10].txt - [1678 octets] - [17/08/2014 10:05:32]
AdwCleaner[R11].txt - [1739 octets] - [18/08/2014 15:35:43]
AdwCleaner[R12].txt - [1939 octets] - [23/08/2014 10:57:25]
AdwCleaner[R13].txt - [1922 octets] - [23/08/2014 11:17:01]
AdwCleaner[R14].txt - [1983 octets] - [24/08/2014 10:10:19]
AdwCleaner[R15].txt - [2042 octets] - [26/08/2014 16:16:00]
AdwCleaner[R16].txt - [2103 octets] - [27/08/2014 19:19:10]
AdwCleaner[R17].txt - [2164 octets] - [06/09/2014 11:06:30]
AdwCleaner[R18].txt - [2211 octets] - [25/10/2014 10:22:56]
AdwCleaner[R19].txt - [2225 octets] - [26/10/2014 19:14:48]
AdwCleaner[R1].txt - [7839 octets] - [13/08/2014 15:56:08]
AdwCleaner[R20].txt - [2373 octets] - [30/10/2014 19:46:16]
AdwCleaner[R21].txt - [2434 octets] - [31/10/2014 22:15:11]
AdwCleaner[R22].txt - [3716 octets] - [11/11/2014 09:33:32]
AdwCleaner[R23].txt - [2589 octets] - [14/11/2014 20:18:25]
AdwCleaner[R24].txt - [2777 octets] - [23/11/2014 18:13:04]
AdwCleaner[R25].txt - [2838 octets] - [23/11/2014 18:28:34]
AdwCleaner[R26].txt - [5659 octets] - [06/12/2014 12:03:37]
AdwCleaner[R2].txt - [7899 octets] - [13/08/2014 18:48:40]
AdwCleaner[R3].txt - [7959 octets] - [13/08/2014 18:52:56]
AdwCleaner[R4].txt - [962 octets] - [13/08/2014 19:06:21]
AdwCleaner[R5].txt - [1021 octets] - [14/08/2014 15:14:46]
AdwCleaner[R6].txt - [1075 octets] - [15/08/2014 15:50:58]
AdwCleaner[R7].txt - [1255 octets] - [16/08/2014 11:49:38]
AdwCleaner[R8].txt - [1555 octets] - [17/08/2014 09:41:59]
AdwCleaner[R9].txt - [1557 octets] - [17/08/2014 09:52:42]
AdwCleaner[S0].txt - [7410 octets] - [13/08/2014 18:58:31]
AdwCleaner[S1].txt - [1618 octets] - [17/08/2014 09:49:25]
AdwCleaner[S2].txt - [1618 octets] - [17/08/2014 09:56:46]
AdwCleaner[S3].txt - [2001 octets] - [23/08/2014 11:11:40]
AdwCleaner[S4].txt - [2491 octets] - [31/10/2014 22:22:02]
AdwCleaner[S5].txt - [3768 octets] - [11/11/2014 09:35:32]
AdwCleaner[S6].txt - [2904 octets] - [23/11/2014 18:29:31]
AdwCleaner[S7].txt - [5340 octets] - [06/12/2014 12:04:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [5400 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8 x64
Ran by jespi_000 on Sat 12/06/2014 at 14:56:23.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

~~~ Folders

~~~ FireFox

Successfully deleted: [Folder] C:\Users\jespi_000\AppData\Roaming\mozilla\firefox\profiles\woys1x6u.default\extensions\staged
Successfully deleted the following from C:\Users\jespi_000\AppData\Roaming\mozilla\firefox\profiles\woys1x6u.default\prefs.js

user_pref("extensions.iobitascsurfingprotection@iobit.com.install-event-fired", true);
Emptied folder: C:\Users\jespi_000\AppData\Roaming\mozilla\firefox\profiles\woys1x6u.default\minidumps [1 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 12/06/2014 at 19:23:37.90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'm not to sure if I want to do the repair install anymore. I don't know if the iso's are infected or not.

the iso is not infected and the programs i install were jelly bean key finder, daemon tools which i use to run isos like i did with my windows 7 repair install, and comodo IS 2015 and i said no to all the junkware and i didn't install steam for sure i take a lie detention test to prove im tell the truth

***Britec*** · 12-08-2014, 01:19 PM

ShadowTime how is the computer running now?

**Shadowtime101** · (This post was last modified: 12-08-2014, 11:18 PM by Shadowtime101.)

No more ads and fire fox is doing better, but it's kind of the same as before

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\NmHost\nmhost.exe.vir Win32/AdWare.SmartApps.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\Updater\updater.exe.vir Win32/AdWare.SmartApps.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\jgaecljocfhdjcdhckepieoehdmpnjjp.crx.vir Win32/BrowseFox.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\SourceAppbho.dll.vir a variant of Win32/BrowseFox.O potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\SourceAppUninstall.exe.vir Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\updateSourceApp.exe.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\0263559bb9884803b082.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\0263559bb9884803b08264.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter64.exe.vir a variant of Win64/BrowseFox.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\tmpB822.tmp.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\tmpD731.tmp.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\utilSourceApp.exe.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\{0263559b-b988-4803-b082-70c1d2b89830}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\{0263559b-b988-4803-b082-70c1d2b89830}64.dll.vir a variant of Win64/BrowseFox.CH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.BroStats.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.ExpExt.dll.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.GCUpdate.dll.vir a variant of MSIL/BrowseFox.K potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.IEUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.PurBrowseG.dll.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Webinternetsecurity\uninstall.webinternetsecurity.exe.vir a variant of MSIL/Adware.iBryte.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Greg\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir a variant of Android/Mobserv.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys.vir a variant of Win64/BrowseFox.CG potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Adobe\bin\Adobe.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Program Files (x86)\Convertor\Convertor.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Users\jespi_000\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/OneInstaller.D potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Local\Temp\2FE4.tmp Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Local\Temp\bitool.dll Win32/Somoto.C potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Local\Temp\nsz7E45.tmp Win32/Somoto.G potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Roaming\PDFConvert\SWUpdate.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Users\jespi_000\Downloads\CrystalDiskInfo6_2_1-en.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\jespi_000\Downloads\DTLite4491-0356.exe Win32/DownWare.L potentially unwanted application deleted - quarantined
C:\Users\jespi_000\Downloads\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

***Britec*** · (This post was last modified: 12-09-2014, 01:59 PM by Britec.)

Can you post me the log for Eset Online Scanner

Please perform a scan with ESET Online Scan

Open new browser tab
Click the
button.
Click on button to download the ESET Smart Installer.
Save it to your Desktop.
Double click on to start ESET Smart Installer.
Check ”YES“, and Tick ”I accept the Terms of Use“
Click the button.
Yes to User Account Control warning.
Enable detection of potentially unwanted applications.
Click Advanced settings and select the following:
Remove found threats
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology
ESET will then download updates for signature database, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List of Found Threats
Click Export toText File, and save the file to your desktop and name it EsetLog. (optional)
Put tick in Uninstall Application on close
Put tick in Delete Quarantined files
Click the Finish button.

**Shadowtime101** · 12-09-2014, 11:23 PM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\NmHost\nmhost.exe.vir Win32/AdWare.SmartApps.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\Updater\updater.exe.vir Win32/AdWare.SmartApps.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\jgaecljocfhdjcdhckepieoehdmpnjjp.crx.vir Win32/BrowseFox.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\SourceAppbho.dll.vir a variant of Win32/BrowseFox.O potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\SourceAppUninstall.exe.vir Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\updateSourceApp.exe.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\0263559bb9884803b082.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\0263559bb9884803b08264.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter64.exe.vir a variant of Win64/BrowseFox.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\tmpB822.tmp.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\tmpD731.tmp.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\utilSourceApp.exe.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\{0263559b-b988-4803-b082-70c1d2b89830}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\{0263559b-b988-4803-b082-70c1d2b89830}64.dll.vir a variant of Win64/BrowseFox.CH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.BroStats.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.ExpExt.dll.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.GCUpdate.dll.vir a variant of MSIL/BrowseFox.K potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.IEUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\plugins\SourceApp.PurBrowseG.dll.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Webinternetsecurity\uninstall.webinternetsecurity.exe.vir a variant of MSIL/Adware.iBryte.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Greg\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir a variant of Android/Mobserv.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys.vir a variant of Win64/BrowseFox.CG potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Adobe\bin\Adobe.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Program Files (x86)\Convertor\Convertor.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Users\jespi_000\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/OneInstaller.D potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Local\Temp\2FE4.tmp Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Local\Temp\bitool.dll Win32/Somoto.C potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Local\Temp\nsz7E45.tmp Win32/Somoto.G potentially unwanted application deleted - quarantined
C:\Users\jespi_000\AppData\Roaming\PDFConvert\SWUpdate.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Users\jespi_000\Downloads\CrystalDiskInfo6_2_1-en.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\jespi_000\Downloads\DTLite4491-0356.exe Win32/DownWare.L potentially unwanted application deleted - quarantined
C:\Users\jespi_000\Downloads\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

This is the eset scan log

**Shadowtime101** · 12-10-2014, 01:12 AM

I just ran malwarebytes to see if anything popped up and a few stuff did, would it be ok to delete this stuff from my pc, and it will cause no harm because last time the automatic repair loop happened so would it be ok to delete these things with malwarebytes?.

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 12/9/2014
Scan Time: 5:07:29 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.09.08
Rootkit Database: v2014.12.08.03
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: jespi_000

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 393991
Time Elapsed: 1 hr, 1 min, 21 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.DealDropper.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41708E47-E97E-4051-A609-B88B398BCC94}, , [fdcf7ce43e3e5cda8b29996ef70c54ac],
PUP.Optional.DealDropper.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{41708E47-E97E-4051-A609-B88B398BCC94}, , [fdcf7ce43e3e5cda8b29996ef70c54ac],
PUP.Optional.DealDropper.A, HKLM\SOFTWARE\WOW6432NODE\Deal-Dropper, , [d2fac59ba5d750e6c8fcbfb4b94a5ea2],
PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, , [cb016cf43745f3432c08b00755afab55],
PUP.OPTIONAL.WebInternetSecurity, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Webinternetsecurity, , [9438421ed3a9d0660f83f5693dc630d0],

Registry Values: 2
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [a923d18f6a123cfad2f3184f4db610f0]
PUP.Optional.ConsumerInput.A, HKU\S-1-5-21-3436019999-1338614278-3438539980-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ConsumerInput@Compete, C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi, , [fdcfc898e19bc2743de14a08966d21df]

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons, , [efdd82de502c1c1a619d0f17659e1ce4],

Files: 63
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\chrome_gp_update.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\chrome_installer.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\common.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox_installer.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\ie_installer.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\installer.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\main_installer.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\migrate.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\projectInstaller.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\repair.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\repair_data.json, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\background.html, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\bootstrap.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\chrome.manifest, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\extension_info.json, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\install.rdf, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_bg.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_browseraction.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_common.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_content.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_settings.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\appAPI_webrequest.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\AppFramework\jquery.min.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\canvasscript_engine.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\canvas_bg.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\md5.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\registry.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\CanvasFramework\webrequest.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\backgroundscript_engine.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\base.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\browser.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\chrome_windows.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\console.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\content_proxy.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\framework.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\i18n.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\invoke_async.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\io.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\lang.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\legacy.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\message_target.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\messaging.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\storage.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\timer.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\uninstall.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\userscript_client.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\userscript_engine.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\utils.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework\xhr.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\browser_button.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\contentNotification.tmpl, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\contentNotificationStyle.tmpl, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\content_notifications.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\context_menu.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\framework_api.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\notifications.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\options.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\framework-ui\ui_base.js, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\button.png, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon100.png, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon128.png, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon32.png, , [efdd82de502c1c1a619d0f17659e1ce4],
PUP.Optional.DealDropper.A, C:\Users\Greg\AppData\Local\Deal-Dropper\firefox\icons\icon48.png, , [efdd82de502c1c1a619d0f17659e1ce4],

Physical Sectors: 0
(No malicious items detected)

(end)

**nsm0220** · 12-10-2014, 03:11 AM

these programs are now try to avoid the users that hit no to any other program that the installer wants them to install thats big low for me not even unchecky can even stop it

**Shadowtime101** · 12-10-2014, 05:10 AM

Ok, and adwcleaner couldn't pick these up and I want to delete them but, I'm afraid of the automatic repair loop so can these cause anything to my computer like hardware failure or something if I delete them with malwarebytes.

**Shadowtime101** · 12-10-2014, 01:46 PM

Something weird just happened, after I updated Firefox yahoo became my search engine without me doing anything. Also my cpu went back up a bit. I did a scan with AdwCleaner again to check but found nothing. That usually happen after updating Firefox?

**Shadowtime101** · 12-14-2014, 04:36 AM

Okay with all these problems on my computer I'm considering doing the reformat. There is something seriously wrong with my pc and I just can't take it anymore. Is there any possible things or problems that could happen with reformatting? Is hardware failure or automatic repair possible if I reformat. I just want my pc to be back to normal.