Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

OnlineUpdate.exe


  • Please log in to reply
14 replies to this topic

#1 rozzer

rozzer

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 01 January 2016 - 03:33 AM

Windows 8/8.1
 
Hi
 
A few days ago a dialogue box appeared asking if I wanted to run:
 
Program Name................................OnlineUpdate.exe
Publisher..........................................Unknown
File Origin.........................................Hard Drive on this Computer
 
I refused and cancelled but I am curious if anyone has had this and if so can you give and advice
and is it a possible virus .
 
Cheers

Edited by Queen-Evie, 01 January 2016 - 11:51 AM.
moved from Windows 8 to Am I Infected


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:07 PM

Posted 01 January 2016 - 04:49 AM

A web search tells me that it is a malicious file.

 

If you can find the file on your computer you can submit it to  VirusTotal - Free Online Virus and Malware Scan

and allow it to be scanned by numerous security programs.

 

I suggest you scan your computer for malware and adware. Use the programs below.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 rozzer

rozzer
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 01 January 2016 - 10:54 AM

Hi Buddy215

Thanks for your assistance

CCleaner ………Cleaned

Malwarebytes Anti Malware scan……………Clean

 

AdwCleaner………………

# AdwCleaner v5.027 - Logfile created 01/01/2016 at 17:21:30

# Updated 30/12/2015 by Xplode

# Database : 2015-12-30.1 [Local]

# Operating system : Windows 8.1 Single Language  (x64)

# Username : Hilda - HILDAS-PC

# Running from : C:\Users\Hilda\Desktop\AdwCleaner.exe

# Option : Scan

# Support : http://toolslib.net/forum

 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

 

***** [ Files ] *****

 

 

***** [ DLL ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Key Found : HKCU\Software\IM

Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://www.ixquick.com/

 

***** [ Web browsers ] *****

 

[C:\Users\Hilda\AppData\Roaming\Mozilla\Firefox\Profiles\7gcd5yyv.default\prefs.js] [Preference] Found : user_pref("browser.startup.homepage", " hxxps://ixquick.com/do/mypage.pl?prf=dd83f3a7e9393b29f3a6fec40ed6f6dc ");

 

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1336 bytes] ##########

…………………………………………………………………………………………………………………………….

 

 

JRT………………………………..

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.1 (11.24.2015)

Operating System: Windows 8.1 Single Language x64

Ran by Hilda (Administrator) on 01/01/2016 at 17:37:11.59

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 0

 

 

Deleted the following from C:\Users\Hilda\AppData\Roaming\Mozilla\Firefox\Profiles\7gcd5yyv.default\prefs.js

user_pref(browser.startup.homepage,  hxxps://ixquick.com/do/mypage.pl?prf=dd83f3a7e9393b29f3a6fec40ed6f6dc );

 

 

 

Registry: 1

 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)

…………………………………………………………………………………………………………………………………….

 

ESETScan………………………………..

 

C:\Users\Hilda\Downloads\cbsidlm-cbsi188-Revo_Uninstaller-ORG-10687648.exe   a variant of Win32/CNETInstaller.B potentially unwanted application               cleaned by deleting – quarantined

 

Again thanks

 

Rozzer



#4 buddy215

buddy215

  • Moderator
  • 13,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:07 PM

Posted 01 January 2016 - 11:39 AM

Rerun AdwCleaner and be sure to click on Clean after the scan finishes.

 

Were you able to find the OnlineUpdate.exe ?


Edited by buddy215, 01 January 2016 - 11:58 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 rozzer

rozzer
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 02 January 2016 - 01:22 AM

Hi buddy215

 

Thanks again

Ran AdwCleaner again and did the clean option.

Also Avast shows clean too

 

No couldn't find anything on OnlineUpdate.exe, but if it appears again I will

try to find out where it's located and let you know

 

Thanks a million

 

Cheers



#6 buddy215

buddy215

  • Moderator
  • 13,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:07 PM

Posted 02 January 2016 - 04:37 AM

Okay....just a word of caution...the Eset scan found item was a piece of adware installer from Cnet's download of Revo. All of the

third party sites will attempt to install adware (some more like malware) when downloading free stuff. Best to get downloads from

developer's sites but even then many attempt to install adware...even the security programs.

 

Enjoyed working with you...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 rozzer

rozzer
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 02 January 2016 - 06:08 AM

Thanks

 

I will heed your advice

 

The feeling is mutual

 

Cheers



#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,810 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:11:07 AM

Posted 02 January 2016 - 10:17 AM

Express (Suggested) installation vs Custom installation
 
Bundling third party software in free or paid downloads has become a common and usually unwanted practice.  Authors of the primary program offered to be downloaded make extra revenue by allowing third party programs to be bundled in their product downloads.  This is Adware.  There is a surprisingly large number of people who are not aware of this and will simply choose the Express installation option which will automatically install the author's software and all of the bundled third party software.  These may include unwanted toolbars, software which can change your homepage, or change your default search engine.
 
This can be avoided quite easily by using the Custom installation option.  This will take a little more time because you will need to read through the download information to see where the third party software is.  A lot of these will have a box to select the software and will usually already have a check mark in the box.  These are easy to spot.  There is another way that these a presented, this is a written description of the software which initially looks like it is describing the author's software.  These often will have the option to decline the installation.
 
The bottom line is that you have to look at downloads with a certain amount of skepticism.  Don't take things for granted, read all of the information before installing anything. 

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 rozzer

rozzer
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 03 January 2016 - 03:59 AM

Hi dc3

 

Thanks for the very informative and useful advice, hope it helps others too, I have copied it for future reference

 

Cheers



#10 rozzer

rozzer
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 25 February 2016 - 05:20 AM

Hi again

Thought I would give an update on this previous post

Program Name................................OnlineUpdate.exe
Publisher..........................................Unknown
File Origin.........................................Hard Drive on this Computer

This as reappeared again and I followed the instruction for the first time and
it has cleared, however I did discover that it appears to be from Incredimail
somehow....Key Found : HKCU\Software\IM... this was the only infection found
and it appeared when my wife opened Incredimail.
When I check the registry I find :-
IM Providers
Skype
Image Burn
Incredimail

The only one we use is incredimail!

Now it has been removed again I will be more aware if it appears again if it
does indeed happen in other programmes that will put the 'cat amongst the pigeons'.

Cheers

Edited by rozzer, 25 February 2016 - 05:21 AM.


#11 buddy215

buddy215

  • Moderator
  • 13,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:07 PM

Posted 26 February 2016 - 12:29 PM

I thought most had weaned themselves from Incredimail. It is so ad intensive and some consider it spyware, too.

 

You can use CCleaner to see lists of Windows Startups, Browser Startups, Installed Programs and Scheduled Tasks. Very useful. 

I often ask those I'm assisting to post those lists using the directions below.

 

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 rozzer

rozzer
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 28 February 2016 - 07:15 AM

Hi Buddy215

 

Sorry for the late response'

Here are the lists you requested:-

 

Install txt.

- Games App -    WildTangent Games    18/07/2015        1.0.3.28
Adobe Acrobat Reader DC    Adobe Systems Incorporated    23/02/2016    195 MB    15.010.20059
Adobe Flash Player 20 NPAPI    Adobe Systems Incorporated    14/01/2016    18.1 MB    20.0.0.267
Amazon    Amazon.com    18/07/2015        3.1.2.8
Avast Free Antivirus    AVAST Software    23/02/2016        11.1.2253
Belarc Advisor 8.4    Belarc Inc.    16/10/2014        8.4.0.0
Canon IJ Scan Utility    ‪Canon Inc.‬    25/02/2016         
Canon Inkjet Printer/Scanner/Fax Extended Survey Program    Canon Inc.    25/02/2016        4.0.0
Canon MG4200 series MP Drivers    Canon Inc.    03/04/2015        1.01
Canon MG4200 series On-screen Manual    Canon Inc.    03/04/2015        7.5.0
Canon MG4200 series User Registration    Canon Inc.‎    25/02/2016         
Canon My Image Garden    Canon Inc.    25/02/2016        1.0.0
Canon My Image Garden Design Files    Canon Inc.    25/02/2016        1.0.0
Canon My Printer    Canon Inc.    25/02/2016        3.0.0
Canon Quick Menu    Canon Inc.    25/02/2016        2.0.0
CCleaner    Piriform    11/02/2016        5.14
Dream Pinball 3D Demo    TopWare Interactive Inc.    12/08/2015        1.00
ESET Online Scanner v3        14/01/2016         
Evernote Touch    Evernote    09/01/2016        3.2.2.96
Fresh Paint    Microsoft Corporation    17/01/2016        2.0.15133.0
Frozen-Bubble 1.0    Frozen-Bubble.org    07/10/2015         
Games    Microsoft Corporation    15/09/2014        2.0.139.0
Google Earth    Google    03/07/2014    180 MB    7.1.2.2041
GPL Ghostscript    Artifex Software Inc.    22/04/2015        9.16
ImgBurn    LIGHTNING UK!    20/03/2015        2.5.8.0
IncrediMail 2.5    IncrediMail Ltd.    07/02/2015        6.6.0.5282
Intel® Management Engine Components    Intel Corporation    24/09/2013        8.1.0.1252
Intel® Processor Graphics    Intel Corporation    15/09/2014        10.18.10.3345
Intel® Rapid Storage Technology    Intel Corporation    25/02/2016        11.5.2.1001
Intel® SDK for OpenCL - CPU Only Runtime Package    Intel Corporation    24/09/2013        2.0.0.37149
IrfanView (remove only)    Irfan Skiljan    24/04/2015    2.00 MB    4.38
LibreOffice 5.0.4.2    The Document Foundation    18/01/2016    582 MB    5.0.4.2
Mail, Calendar, and People        18/07/2015         
Malwarebytes Anti-Malware version 2.2.0.1024    Malwarebytes    14/10/2015    66.1 MB    2.2.0.1024
Maps    Microsoft Corporation    17/10/2014        2.1.3230.2048
Microsoft Office Home and Student 2013 - en-us    Microsoft Corporation    19/01/2016        15.0.4433.1508
Microsoft Silverlight    Microsoft Corporation    15/08/2015    150 MB    5.1.40728.0
Microsoft SkyDrive    Microsoft Corporation    19/01/2016    25.1 MB    16.4.6012.0828
Microsoft Solitaire Collection    Microsoft Studios    29/09/2015        2.7.1508.1402
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    18/12/2012    13.2 MB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    27/09/2013    13.2 MB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    18/12/2012    10.2 MB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    26/09/2013    10.1 MB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    15/02/2015    15.3 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    15/02/2015    16.1 MB    10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)    Microsoft Corporation    15/02/2015        10.0.50903
Mozilla Firefox 44.0.2 (x86 en-US)    Mozilla    23/02/2016    87.8 MB    44.0.2
Mozilla Maintenance Service    Mozilla    23/02/2016    337 KB    44.0.2.5884
Mozilla Thunderbird 31.6.0 (x86 en-US)    Mozilla    07/04/2015    67.5 MB    31.6.0
Mozilla Thunderbird 38.5.0 (x86 en-US)    Mozilla    28/01/2016    79.5 MB    38.5.0
MSN Food & Drink    Microsoft Corporation    18/07/2015        3.0.4.336
MSN Health & Fitness    Microsoft Corporation    18/07/2015        3.0.4.336
MSN Money    Microsoft Corporation    18/07/2015        3.0.4.336
MSN News    Microsoft Corporation    18/07/2015        3.0.4.336
MSN Sports    Microsoft Corporation    18/07/2015        3.0.4.336
MSN Travel    Microsoft Corporation    18/07/2015        3.0.4.336
MSN Weather    Microsoft Corporation    17/01/2016        3.0.4.337
MTN Online    TCT Mobile Limited    14/12/2015    54.7 MB     
Music    Microsoft Corporation    05/05/2015        2.6.672.0
My Toshiba    Ennova Research    29/09/2015        2.2.30.0
Nero 12 Essentials Toshiba    Nero AG    12/11/2012    792 MB    12.0.00600
Noki v2.1    hz    24/12/2013         
Nokia Connectivity Cable Driver    Nokia    16/12/2013    3.95 MB    7.1.78.0
Nokia PC Suite    Nokia    15/09/2014        7.1.180.94
OneNote    Microsoft Corporation    26/07/2015        16.0.3327.1048
PC Connectivity Solution    Nokia    16/12/2013    21.2 MB    12.0.27.0
QuickSnooker    QuickGames    15/09/2014         
Reader    Microsoft Corporation    31/07/2015        6.4.9926.17994
Realtek Bluetooth Filter Driver Package    REALTEK Semiconductor Corp    18/12/2012    2.81 MB    12.24.2012.0802
Realtek Ethernet Controller Driver    Realtek    18/12/2012        8.3.730.2012
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    15/09/2014        6.0.1.6738
Realtek USB 2.0 Card Reader    Realtek Semiconductor Corp.    18/12/2012        6.1.8400.30136
Realtek WLAN Driver    REALTEK Semiconductor Corp.    18/12/2012        2.00.0020
Return to Castle Wolfenstein - Game of The Year Edition    Activision, Inc.    19/04/2015        1.33
Revo Uninstaller 1.95    VS Revo Group    15/09/2014        1.95
Samsung Kies3    Samsung Electronics Co., Ltd.    28/09/2015    90.8 MB    3.2.15072.2
Samsung USB Driver for Mobile Phones    Samsung Electronics Co., Ltd.    28/09/2015    24.0 MB    1.5.55.0
Simple Sudoku 4.1        04/08/2015         
Skitch Touch    Evernote    15/09/2014        2.4.2000.1918
Skype    Skype    18/07/2015        3.1.0.1016
Skype™ 7.3    Skype Technologies S.A.    03/06/2015    49.2 MB    7.3.101
Speccy    Piriform    07/02/2015        1.28
Synaptics Pointing Device Driver    Synaptics Incorporated    15/09/2014    46.4 MB    17.0.8.21
System Requirements Lab for Intel    Husdawg, LLC    27/09/2013    1.02 MB    4.5.13.0
TOSHIBA Audio Enhancement    TOSHIBA Corporation    18/12/2012    276 KB    1.0.2.8
TOSHIBA Desktop Assist    Toshiba Corporation    12/11/2012    456 KB    1.00.08.6402
TOSHIBA eco Utility    Toshiba Corporation    18/12/2012    20.3 MB    2.0.0.6415
TOSHIBA Function Key    Toshiba Corporation    18/12/2012    32.0 MB    1.00.6626.6406
TOSHIBA HDD Accelerator    Toshiba Corporation    18/12/2012    13.7 MB    1.1.0001
TOSHIBA Manuals    TOSHIBA    18/12/2012        10.10
TOSHIBA Media Player by sMedio TrueLink+    sMedio    09/01/2016        3.1.1.29
Toshiba Password Utility    Toshiba Corporation    18/12/2012    7.36 MB    2.00.972
TOSHIBA PC Health Monitor    Toshiba Corporation    18/12/2012    45.6 MB    1.8.17.640104
TOSHIBA Recovery Media Creator    Toshiba Corporation    12/11/2012        2.2.1.54043006
TOSHIBA Resolution+ Plug-in for Windows Media Player    TOSHIBA Corporation    18/12/2012        1.2.2.00
TOSHIBA Service Station    TOSHIBA    18/12/2012    20.7 MB    2.4.4
TOSHIBA System Driver    Toshiba Corporation    18/12/2012    5.52 MB    1.00.0015
TOSHIBA System Settings    Toshiba Corporation    18/12/2012    7.22 MB    1.00.0002.32002
Toshiba TEMPRO    Toshiba Europe GmbH    12/11/2012    50.7 MB    4.2.2
TOSHIBA VIDEO PLAYER    Toshiba Corporation    18/12/2012    48.3 MB    5.1.0.12-A
Video    Microsoft Corporation    17/01/2016        2.6.446.0
VLC media player    VideoLAN    15/09/2014        2.1.5
WildTangent Games    WildTangent    15/09/2014        1.0.3.0
Windows Alarms    Microsoft Corporation    15/09/2014        6.3.9654.20335
Windows Calculator    Microsoft Corporation    15/09/2014        6.3.9600.20278
Windows Driver Package - Nokia Modem  (02/25/2011 4.7)    Nokia    15/09/2014        02/25/2011 4.7
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9)    Nokia    15/09/2014        02/25/2011 7.01.0.9
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)    Nokia    15/09/2014        05/31/2012 7.1.2.0
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3)    Realtek Semiconductor Corp.    15/09/2014        07/11/2012 2.3.13.3
Windows Help+Tips    Microsoft Corporation    17/10/2014        6.3.9654.20559
Windows Reading List    Microsoft Corporation    29/09/2015        6.3.9654.20947
Windows Scan    Microsoft Corporation    28/05/2015        6.3.9654.17133
Windows Sound Recorder    Microsoft Corporation    15/09/2014        6.3.9600.20280
Wisdom-soft ScreenHunter 6.0 Free    Wisdom Software Inc.    20/10/2015       

 

Startup txt

No    HKCU:Run    PC Suite Tray    Nokia    "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
No    HKCU:Run    Skype    Skype Technologies S.A.    "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
Yes    HKLM:Run    AvastUI.exe    AVAST Software    "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
No    HKLM:Run    CanonQuickMenu    CANON INC.    C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
No    HKLM:Run    HotKeysCmds    Intel Corporation    "C:\WINDOWS\system32\hkcmd.exe"
Yes    HKLM:Run    IgfxTray    Intel Corporation    "C:\WINDOWS\system32\igfxtray.exe"
Yes    HKLM:Run    Persistence    Intel Corporation    "C:\WINDOWS\system32\igfxpers.exe"
Yes    HKLM:Run    RTHDVCPL    Realtek Semiconductor    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
Yes    HKLM:Run    SynTPEnh    Synaptics Incorporated    %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes    HKLM:Run    TCrdMain    TOSHIBA CORPORATION    %ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe
Yes    HKLM:Run    TecoResident    TOSHIBA Corporation    C:\Program Files\TOSHIBA\Teco\TecoResident.exe
Yes    HKLM:Run    TODDMain    TOSHIBA CORPORATION    C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
Yes    HKLM:Run    TosWaitSrv    TOSHIBA Corporation    %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
Yes    HKLM:Run    TPUReg    Pegatron Corporation    "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
Yes    HKLM:Run    TPUReg(x86)        "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes

 

Thanks for your time it's much appreciated

 

Cheers


Edited by rozzer, 28 February 2016 - 07:20 AM.


#13 buddy215

buddy215

  • Moderator
  • 13,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:07 PM

Posted 28 February 2016 - 07:52 AM

I see you have Thunderbird and Incredimail. If Thunderbird is working well for you, why not consider uninstalling Incredimail?

 

Suggest uninstalling these programs:

- Games App -    WildTangent Games    18/07/2015        1.0.3.28

Amazon    Amazon.com    18/07/2015        3.1.2.8

ESET Online Scanner v3        14/01/2016   

Mozilla Thunderbird 31.6.0 (x86 en-US)    Mozilla    07/04/2015    67.5 MB    31.6.0 (this is the older of the two Thunderbirds)

WildTangent Games    WildTangent    15/09/2014        1.0.3.0


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 rozzer

rozzer
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:09:07 PM

Posted 04 March 2016 - 02:49 AM

Hi buddy215

Sorry once again for the late response

This is my wifes pc and I loaded Thunderbird in an attempt to convert
her a while ago (she likes the graphics in Incredimail) and wants to keep
it, I told her that if it occurs again she will have to convert to Thunderbird,
I have removed it in the meantime as she never did use it, also removed Amazon
and ESET Online Scanner, she wants to keep the games as she does use them daily.
I will see how things go and will let you know if the problem re-occurs and is so
I will remove Incredimail.

Thanks a million

Cheers

Edited by rozzer, 04 March 2016 - 02:49 AM.


#15 buddy215

buddy215

  • Moderator
  • 13,506 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:07 PM

Posted 04 March 2016 - 08:11 AM

Seems Incredimail did start offering an add-on for instant messengers such as AOL and Yahoo. It's called HiYo.

See here: Download HiYo

You might poke around in the settings for Incredimail or do a search on the computer for HiYo.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users