Sign in to follow this  
Metallica

Removal instructions for Deal Drop Down

Recommended Posts

What is Deal Drop Down?

The Malwarebytes research team has determined that Deal Drop Down is adware. These adware applications display advertisements not originating from the sites you are browsing.

How do I know if my computer is affected by Deal Drop Down?

This is how the main screen of the installer looks:

main.png

And you may see these warning:

warning1.png

and this entry in your list of installed programs:

warning2.png

or this icon in your taskbar:

icons.png

How did Deal Drop Down get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was offered as browser protection.

How do I remove Deal Drop Down?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.

  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Is there anything else I need to do to get rid of Deal Drop Down?
  • The rogue replaces your hosts file, so you may have to restore the old one. You can find third-party hosts file alternatives at hpHosts or at mvps.org or you can simply reset the default hosts file as outlined here by Microsoft.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this adware application.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Deal Drop Down adware. It would have warned you before the adware could install itself, giving you a chance to stop it before it became too late.

protection1.png

Technical details for experts

Signs in a HijackThis log:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:3128O1 - Hosts: 54.204.28.26 bkammehfojfpdbdaepcehofnibanadkmO4 - HKLM\..\Run: [BService] C:\Program Files\Bench\BService\1.1\bservice.exeO4 - HKLM\..\Run: [Wd] C:\Program Files\Bench\Wd\wd.exeO4 - HKLM\..\Run: [Bench Communicator Watcher] C:\Program Files\Bench\Proxy\pwdg.exeO4 - HKLM\..\Run: [Bench Settings Cleaner] C:\Program Files\Bench\Proxy\cl.exeO4 - HKLM\..\RunOnce: [Deal Drop Down-repairJob] wscript.exe "C:\Users\{username}\AppData\Local\Deal Drop Down\repair.js" "Deal Drop Down-repairJob"
Alterations made by the installer:

File system details  ---------------------------------------------    Adds the folder C:\Program Files\Bench\BService\1.1       Adds the file bhelper.dll"="7/15/2014 11:24 PM, 53248 bytes, A       Adds the file bservice.exe"="7/15/2014 11:24 PM, 52736 bytes, A    Adds the folder C:\Program Files\Bench\NmHost       Adds the file manifest.json"="7/15/2014 11:23 PM, 117 bytes, A       Adds the file nmhost.exe"="7/15/2014 11:23 PM, 165376 bytes, A    Adds the folder C:\Program Files\Bench\Proxy       Adds the file cl.exe"="7/15/2014 11:19 PM, 55296 bytes, A       Adds the file icon.ico"="7/15/2014 11:24 PM, 32038 bytes, A       Adds the file proc.exe"="8/1/2014 4:40 PM, 430592 bytes, A       Adds the file pwdg.exe"="7/15/2014 11:19 PM, 127488 bytes, A    Adds the folder C:\Program Files\Bench\Updater       Adds the file products.xml"="8/17/2014 10:17 AM, 377 bytes, A       Adds the file updater.exe"="7/15/2014 11:19 PM, 67072 bytes, A    Adds the folder C:\Program Files\Bench\Updater\1.7.0.0       Adds the file updater.exe"="7/15/2014 11:19 PM, 419840 bytes, A    Adds the folder C:\Program Files\Bench\Wd       Adds the file wd.exe"="7/15/2014 11:24 PM, 92672 bytes, A    In the existing folder C:\Users\{username}\AppData\Local       Adds the file proxy.log"="8/17/2014 10:17 AM, 0 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\BenchUpdater       Adds the file products.xml"="8/17/2014 10:19 AM, 446 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\Deal Drop Down       Adds the file chrome_gp_update.js"="7/15/2014 11:24 PM, 2348 bytes, A       Adds the file chrome_installer.js"="7/15/2014 11:24 PM, 6304 bytes, A       Adds the file clear_cache.js"="7/15/2014 11:24 PM, 522 bytes, A       Adds the file common.js"="7/15/2014 11:23 PM, 13540 bytes, A       Adds the file firefox_installer.js"="7/15/2014 11:24 PM, 6848 bytes, A       Adds the file gpedit.exe"="7/15/2014 11:24 PM, 93184 bytes, A       Adds the file icon.ico"="8/13/2014 8:59 AM, 32038 bytes, A       Adds the file ie_installer.js"="7/15/2014 11:24 PM, 3685 bytes, A       Adds the file installer.js"="7/15/2014 11:23 PM, 799 bytes, A       Adds the file main_installer.js"="7/15/2014 11:24 PM, 1567 bytes, A       Adds the file migrate.js"="7/15/2014 11:24 PM, 4746 bytes, A       Adds the file projectInstaller.js"="7/15/2014 11:23 PM, 3004 bytes, A       Adds the file repair.js"="7/15/2014 11:24 PM, 1735 bytes, A       Adds the file SoftwareDetector.exe"="8/1/2014 4:40 PM, 78848 bytes, A       Adds the file sqlite3.exe"="7/15/2014 11:23 PM, 492544 bytes, A       Adds the file uninstall.exe"="8/17/2014 10:17 AM, 203450 bytes, A    Adds the folder C:\Users\{username}\AppData\LocalLow\Protect\Blocker       Adds the file 212e90ffa529f5c99c44dc574c6f9a16"="8/17/2014 10:17 AM, 2785330 bytes, A       Adds the file 8d3f613ded3421026a6b47abd4042139"="8/17/2014 10:17 AM, 8 bytes, A       Adds the file b24f88eb229178ba93accf228dc5b280"="8/17/2014 10:17 AM, 70 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deal Drop Down       Adds the file Browser Guardian Settings.url"="8/17/2014 10:17 AM, 138 bytes, A       Adds the file Browser Guardian.lnk"="8/17/2014 10:17 AM, 1970 bytes, A       Adds the file Uninstall.lnk"="8/17/2014 10:17 AM, 1086 bytes, A    In the existing folder C:\Windows\System32\drivers\etc       Alters the file hosts        6/10/2009 11:39 PM, 824 bytes, A ==> 8/17/2014 10:17 AM, 871 bytes, A    In the existing folder C:\Windows\System32\Tasks       Adds the file bench-S-1-5-21-4016700205-1717049133-1125222536-1001"="8/17/2014 10:19 AM, 3234 bytes, A       Adds the file bench-sys"="8/17/2014 10:17 AM, 3242 bytes, A    In the existing folder C:\Windows\Tasks       Adds the file bench-S-1-5-21-4016700205-1717049133-1125222536-1001.job"="8/17/2014 10:19 AM, 346 bytes, A       Adds the file bench-sys.job"="8/17/2014 10:17 AM, 346 bytes, ARegistry details  ------------------------------------------    [HKEY_LOCAL_MACHINE\SOFTWARE]       "38920"="REG_SZ", "Deal Drop Down"    [HKEY_LOCAL_MACHINE\SOFTWARE\AdvertisingSupport]       "Seen"="REG_SZ", "1"       "SeenDate"="REG_SZ", "1408263459"       "SystemId"="REG_SZ", "619bdd98c7140d14e62a62d4922b6abd"    [HKEY_LOCAL_MACHINE\SOFTWARE\Bench\BService]       "Path"="REG_SZ", "C:\Program Files\Bench\BService\1.1"       "Version"="REG_SZ", "1.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Bench\BService\38920]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Bench\InstalledExtensions]       "38920"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Bench\NmHost]       "(Default)"="REG_SZ", "C:\Program Files\Bench\NmHost\nmhost.exe"    [HKEY_LOCAL_MACHINE\SOFTWARE\Bench\NmHost\38920       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Bench\Updater]       "path"="REG_SZ", "C:\Program Files\Bench\Updater\updater.exe"    [HKEY_LOCAL_MACHINE\SOFTWARE\Bench\Updater\38920]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Deal Drop Down]       "(Default)"="REG_SZ", "C:\Users\{username}\AppData\Local\Deal Drop Down"       "AllowProxy"="REG_SZ", "1"       "CDN"="REG_SZ", "dealdropdown-a.akamaihd.net"       "czoneid"="REG_SZ", "12199"       "InstallTime"="REG_SZ", "1408270659"       "Pid"="REG_SZ", ""       "Seen"="REG_SZ", "1"       "SeenDate"="REG_SZ", "1408263459"       "SystemId"="REG_SZ", "619bdd98c7140d14e62a62d4922b6abd"       "UTCInstallTime"="REG_SZ", "1408263459"       "ZoneId"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.bench.nmhost]       "(Default)"="REG_SZ", "C:\Program Files\Bench\NmHost\manifest.json"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]       "Bench Communicator Watcher"="REG_SZ", "C:\Program Files\Bench\Proxy\pwdg.exe"       "Bench Settings Cleaner"="REG_SZ", "C:\Program Files\Bench\Proxy\cl.exe"       "BService"="REG_SZ", "C:\Program Files\Bench\BService\1.1\bservice.exe"       "Wd"="REG_SZ", "C:\Program Files\Bench\Wd\wd.exe"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]       "Deal Drop Down-repairJob"="REG_SZ", "wscript.exe "C:\Users\{username}\AppData\Local\Deal Drop Down\repair.js" "Deal Drop Down-repairJob""    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\38920_Deal Drop Down]       "DisplayIcon"="REG_SZ", "C:\Users\{username}\AppData\Local\Deal Drop Down/icon.ico"       "DisplayName"="REG_SZ", "Deal Drop Down"       "DisplayVersion"="REG_SZ", "1.0"       "InstallLocation"="REG_SZ", "C:\Users\{username}\AppData\Local\Deal Drop Down"       "NoModify"="REG_DWORD", 1       "NoRepair"="REG_DWORD", 1       "Publisher"="REG_SZ", "Actually Apps"       "UninstallString"="REG_SZ", "C:\Users\{username}\AppData\Local\Deal Drop Down\uninstall.exe "    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]       "bench-S-1-5-21-4016700205-1717049133-1125222536-1001.job"="REG_BINARY, ................................       "bench-S-1-5-21-4016700205-1717049133-1125222536-1001.job.fp"="REG_DWORD", -1599400938       "bench-sys.job"="REG_BINARY, ................................       "bench-sys.job.fp"="REG_DWORD", 317758886    [HKEY_LOCAL_MACHINE\SOFTWARE\Proxy\Installations\Deal Drop Down]       "aoi"="REG_SZ", "1408270659"       "domain"="REG_SZ", "dealdropdown-a.akamaihd.net"       "ext"="REG_SZ", "Deal Drop Down"       "format"="REG_SZ", "//{domain}/loaders/{pid}/l.js?pid={pid}&systemid={systemid}&ext={ext}&aoi={aoi}&zoneid={zoneid}&crr={crr}&type=p"       "more_info_url"="REG_SZ", "http://browserguardian.com"       "pid"="REG_SZ", ""       "protect_redirect_url"="REG_SZ", "http://dealdropdown-a.akamaihd.net/protect/warning?%blocked_url%"       "settings_url"="REG_SZ", "http://dealdropdown-a.akamaihd.net/protect/settings"       "system_black_list_url"="REG_SZ", "http://dealdropdown-a.akamaihd.net/protect/block.json"       "zoneid"="REG_SZ", ""    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]       "ProxyEnable        REG_DWORD, 0 ==> REG_DWORD, 1       "ProxyServer"="REG_SZ", "http=127.0.0.1:3128"    [HKEY_CURRENT_USER\Software\Proxy]       "app_name"="REG_SZ", "Deal Drop Down"       "AutoConfigURL"="REG_SZ", ""       "disableChainProxy"="REG_DWORD", 0       "ProxyEnable"="REG_DWORD", 0       "ProxyServer"="REG_SZ", ""       "totalFail"="REG_DWORD", 0
Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 8/17/2014Scan Time: 10:25:37 AMLogfile: mbamDealDropdown.txtAdministrator: YesVersion: 2.00.2.1012Malware Database: v2014.08.16.08Rootkit Database: v2014.08.16.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x86File System: NTFSUser: MalwarebytesScan Type: Threat ScanResult: CompletedObjects Scanned: 255565Time Elapsed: 2 min, 54 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 4PUP.Optional.Bench.A, C:\Program Files\Bench\Wd\wd.exe, 868, Delete-on-Reboot, [470134935e1d57dff089cc3aee150000]PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\pwdg.exe, 3128, Delete-on-Reboot, [1b2d95327efda09676b948af4db538c8]PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bservice.exe, 1416, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62]PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\proc.exe, 3152, Delete-on-Reboot, [94b4fec94d2eeb4b6693dce9b64c6e92]Modules: 9PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], Registry Keys: 10PUP.Optional.ActuallyApps.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\38920_Deal Drop Down, Quarantined, [db6dae19156670c6007cdfc5639eca36], PUP.Optional.DealDropDown.A, HKLM\SOFTWARE\Deal Drop Down, Quarantined, [de6a97306615d95d994cdb0251b145bb], PUP.Optional.Bench.A, HKLM\SOFTWARE\BENCH\BService, Quarantined, [1434a91e314afa3c8081c13146bc17e9], PUP.Optional.Bench.A, HKLM\SOFTWARE\BENCH\InstalledExtensions, Quarantined, [76d26661e992ee486f93e70ba55ddb25], PUP.Optional.Bench.A, HKLM\SOFTWARE\BENCH\NmHost, Quarantined, [3f091ea98eed1c1a9a694aa8a45eba46], PUP.Optional.Bench.A, HKLM\SOFTWARE\BENCH\Updater, Quarantined, [d573c502e596d16518ecbd35719121df], PUP.Optional.Bench.A, HKLM\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\com.bench.nmhost, Quarantined, [1b2d7f48b7c45bdbb7125dde0004857b], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [4cfceed95328979f5a6d1630679dec14], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [5fe99a2d9dde37ffa424b2946a9a14ec], PUP.Optional.DealDropDown.A, HKLM\SOFTWARE\PROXY\INSTALLATIONS\Deal Drop Down, Quarantined, [450300c7eb902016d6140fce2cd6d32d], Registry Values: 6PUP.Optional.Bench.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Wd, C:\Program Files\Bench\Wd\wd.exe, Quarantined, [470134935e1d57dff089cc3aee150000]PUP.Optional.Bench.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Bench Communicator Watcher, C:\Program Files\Bench\Proxy\pwdg.exe, Quarantined, [1b2d95327efda09676b948af4db538c8]PUP.Optional.Bench.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Bench Settings Cleaner, C:\Program Files\Bench\Proxy\cl.exe, Quarantined, [81c7b413ff7c72c439f79d5a7e84ed13]PUP.Optional.SmartApps, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Deal Drop Down-repairJob, wscript.exe "C:\Users\{username}\AppData\Local\Deal Drop Down\repair.js" "Deal Drop Down-repairJob", Quarantined, [90b8d3f4e19a1125088376c657ad728e]PUM.Bad.Proxy, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:3128, Quarantined, [3d0b21a63b403cfa2d8a9b553cc6966a]PUP.Optional.Bench.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BService, C:\Program Files\Bench\BService\1.1\bservice.exe, Quarantined, [83c5c30452290f279bd3a4187c869e62]Registry Data: 0(No malicious items detected)Folders: 10PUP.Optional.BenchUpdater, C:\Program Files\Bench\NmHost, Quarantined, [6fd9f5d2e29962d4d021000d4eb5e11f], PUP.Optional.BenchUpdater.A, C:\Users\{username}\AppData\Local\BenchUpdater, Quarantined, [d078616664173df92cd46ca313f08b75], PUP.Optional.AdwarePlugin, C:\Program Files\Bench\Updater, Quarantined, [f5536364790212248309338625dd59a7], PUP.Optional.AdwarePlugin, C:\Program Files\Bench\Updater\1.7.0.0, Quarantined, [f5536364790212248309338625dd59a7], PUP.Optional.Bench.A, C:\Program Files\Bench\BService, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\Wd, Delete-on-Reboot, [80c8dceba7d40630204f6656f80a47b9], PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy, Delete-on-Reboot, [94b4fec94d2eeb4b6693dce9b64c6e92], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deal Drop Down, Quarantined, [57f1eadd6a11f93d3e64eeeec14142be], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down, Delete-on-Reboot, [8cbc527580fbbf776b3a2eaeb1517888], Files: 39PUP.Optional.ActuallyApps.A, C:\Users\{username}\Desktop\Deal Drop Down.exe, Quarantined, [321611b6daa17abc8bf16d3721e0e818], PUP.Optional.ActuallyApps.A, C:\Users\{username}\AppData\Local\Deal Drop Down\uninstall.exe, Quarantined, [db6dae19156670c6007cdfc5639eca36], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bkammehfojfpdbdaepcehofnibanadkm_0.localstorage, Quarantined, [00485e690b70e35334b46a73818101ff], PUP.Optional.Proxy.A, C:\Users\{username}\AppData\Local\proxy.log, Delete-on-Reboot, [e95f695ee7942313255a3fa10df51ae6], PUP.Optional.BenchUpdater.A, C:\Windows\System32\Tasks\bench-S-1-5-21-4016700205-1717049133-1125222536-1001, Quarantined, [8ebab90e19629f973d3c5d8d649e3bc5], PUP.Optional.BenchUpdater.A, C:\Windows\System32\Tasks\bench-sys, Quarantined, [f751c2050f6c6ec84435edfdfd058e72], PUP.Optional.BenchUpdater, C:\Program Files\Bench\NmHost\nmhost.exe, Quarantined, [6fd9f5d2e29962d4d021000d4eb5e11f], PUP.Optional.BenchUpdater, C:\Program Files\Bench\NmHost\manifest.json, Quarantined, [6fd9f5d2e29962d4d021000d4eb5e11f], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-S-1-5-21-4016700205-1717049133-1125222536-1001.job, Quarantined, [bf89af187209bd79e11ebf4f15ee04fc], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-sys.job, Quarantined, [ef59be091f5ce84ec03f39d53ac9e11f], PUP.Optional.BenchUpdater.A, C:\Users\{username}\AppData\Local\BenchUpdater\products.xml, Quarantined, [d078616664173df92cd46ca313f08b75], PUP.Optional.Bench.A, C:\Program Files\Bench\Wd\wd.exe, Delete-on-Reboot, [470134935e1d57dff089cc3aee150000], PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\pwdg.exe, Delete-on-Reboot, [1b2d95327efda09676b948af4db538c8], PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\cl.exe, Quarantined, [81c7b413ff7c72c439f79d5a7e84ed13], PUP.Optional.SmartApps, C:\Users\{username}\AppData\Local\Deal Drop Down\repair.js, Quarantined, [90b8d3f4e19a1125088376c657ad728e], PUP.Optional.AdwarePlugin, C:\Program Files\Bench\Updater\products.xml, Quarantined, [f5536364790212248309338625dd59a7], PUP.Optional.AdwarePlugin, C:\Program Files\Bench\Updater\updater.exe, Quarantined, [f5536364790212248309338625dd59a7], PUP.Optional.AdwarePlugin, C:\Program Files\Bench\Updater\1.7.0.0\updater.exe, Quarantined, [f5536364790212248309338625dd59a7], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bservice.exe, Delete-on-Reboot, [83c5c30452290f279bd3a4187c869e62], PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\icon.ico, Quarantined, [94b4fec94d2eeb4b6693dce9b64c6e92], PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\proc.exe, Delete-on-Reboot, [94b4fec94d2eeb4b6693dce9b64c6e92], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deal Drop Down\Browser Guardian Settings.url, Quarantined, [57f1eadd6a11f93d3e64eeeec14142be], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deal Drop Down\Browser Guardian.lnk, Quarantined, [57f1eadd6a11f93d3e64eeeec14142be], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deal Drop Down\Uninstall.lnk, Quarantined, [57f1eadd6a11f93d3e64eeeec14142be], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\chrome_gp_update.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\chrome_installer.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\clear_cache.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\common.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\firefox_installer.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\gpedit.exe, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\icon.ico, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\ie_installer.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\installer.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\main_installer.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\migrate.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\projectInstaller.js, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\SoftwareDetector.exe, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], PUP.Optional.DealDropDown.A, C:\Users\{username}\AppData\Local\Deal Drop Down\sqlite3.exe, Quarantined, [8cbc527580fbbf776b3a2eaeb1517888], Physical Sectors: 0(No malicious items detected)(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.

We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.