Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

many pups


  • Please log in to reply
17 replies to this topic

#1 Tilkon

Tilkon

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 27 February 2016 - 04:32 PM

I run a routine Malwarebytes scan and found more than 100 pups. Shall I remove them, or first is need to scan with other tools?

 

 

Here the text file:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27.2.16
Scan Time: 21.21.05
Logfile: rr.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.27.03
Rootkit Database: v2016.02.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Owner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 566803
Time Elapsed: 27 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 8
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NCDGHCMANHFIGPIJJLLOPOCPCNJFFKHL, , [446bd68f1d7c77bf43468d7fd62da45c],
PUP.Optional.TNT, HKU\S-1-5-21-796845957-790525478-839522115-1003\SOFTWARE\TNT2, , [ffb0a1c42871c76fb4d31107f90b8878],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-796845957-790525478-839522115-1003\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NCDGHCMANHFIGPIJJLLOPOCPCNJFFKHL, , [2c8366ff2e6b4ee87911ab61a55e36ca],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\conduitEngine, , [515e83e203961323e38c4c8cbc4758a8],
PUP.Optional.Conduit, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [1f901451f5a4f046a478e207ff045aa6],
PUP.Optional.ASK, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9F193D6C-D1F0-42D0-AEA5-5A012A6FAB0E}, , [66497ce9cccd5fd7d9ad066961a327d9],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-796845957-790525478-839522115-1009\TOOLBAR\REGISTEREDSOURCES, , [eac52441138658de32605582f11257a9],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-796845957-790525478-839522115-501\SOFTWARE\ConduitEngine, , [713e184dddbc7cba244b0dcb4eb523dd],

Registry Values: 6
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ncdghcmanhfigpijjllopocpcnjffkhl|path, C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\ncdghcmanhfigpijjllopocpcnjffkhl.crx, , [446bd68f1d7c77bf43468d7fd62da45c]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-796845957-790525478-839522115-1003\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ncdghcmanhfigpijjllopocpcnjffkhl|path, C:\Documents and Settings\Owner\Local Settings\Application Data\CRE\ncdghcmanhfigpijjllopocpcnjffkhl.crx, , [2c8366ff2e6b4ee87911ab61a55e36ca]
PUP.Optional.Conduit, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678, , [1f901451f5a4f046a478e207ff045aa6]
PUP.Optional.ASK, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9F193D6C-D1F0-42D0-AEA5-5A012A6FAB0E}|URL, http://websearch.ask.com/redirect?client=ie&tb=TKR&o=15589&src=crm&q={searchTerms}&locale=en_IT&apn_ptnrs=^IY&apn_dtid=^YYYYYY^YY^IT&apn_uid=eb319294-04fd-43fb-89f6-9cdada6fd836&apn_sauid=DFAC69B4-21D9-4C7D-AC78-32F84691EC48, , [66497ce9cccd5fd7d9ad066961a327d9]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-796845957-790525478-839522115-1009\TOOLBAR\REGISTEREDSOURCES|CT2304564, 0, , [eac52441138658de32605582f11257a9]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-796845957-790525478-839522115-1009\TOOLBAR\REGISTEREDSOURCES|CT2786678, 0, , [f0bf14518c0da5914a4801d6c340c63a]

Registry Data: 3
PUM.Optional.DisableShowHelp, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowHelp, 0, Good: (1), Bad: (0),,[bdf267fefd9ca19573c906f7c93bab55]
PUM.Optional.DisableShowMyDocs, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowMyDocs, 0, Good: (1), Bad: (0),,[cee1df862c6da1953fffed103fc5b34d]
PUM.Optional.DisableShowSearch, HKU\S-1-5-21-796845957-790525478-839522115-1009\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowSearch, 0, Good: (1), Bad: (0),,[515e83e23e5b2e08fd43f409e61e10f0]

Folders: 14
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\emailnotifier, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\MyStuffComponents, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\weather, , [a40b64010297c571880135c900029f61],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\en-US, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\nl-NL, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\defaults, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\defaults\preferences, , [d1de6005d1c8c0766782f60846bc5ea2],

Files: 82
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\appsMetaData.json, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\getAppsContextMenu.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\languagePack.json, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\LocalSettings.txt, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\postAppsContextMenu.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\searchInNewTabData.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\ServiceMap.json, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\ThirdPartyComponents.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\toolbarContextMenu.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\unsharedAppsContextMenu.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\UserAdditionalComponents.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\EMAILNOTIFIER\acc, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___rss_cbc_ca_lineup_latest_xml_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___feeds_reuters_com_reuters_topNews_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___feeds_reuters_com_reuters_topNews_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___news_google_nl_news_cf=all_ned=fr_hl=fr_topic=h_num=3_output=rss_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___news_google_nl_news_cf=all_ned=fr_hl=fr_topic=h_num=3_output=rss_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___news_google_nl_news_cf=all_ned=us_hl=en_topic=h_num=3_output=rss_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___news_google_nl_news_cf=all_ned=us_hl=en_topic=h_num=3_output=rss_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___news_google_nl_news_pz=1_cf=all_ned=nl_nl_hl=nl_topic=h_num=3_output=rss_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___news_google_nl_news_pz=1_cf=all_ned=nl_nl_hl=nl_topic=h_num=3_output=rss_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___rss_cbc_ca_lineup_latest_xml_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___rss_cnn_com_rss_cnn_latest_rss_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___rss_cnn_com_rss_cnn_latest_rss_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___rss_news_yahoo_com_rss_world_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___rss_news_yahoo_com_rss_world_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___worldpress_org_feeds_topstories_xml_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___worldpress_org_feeds_topstories_xml_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\feed\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_structured.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\MYSTUFFCOMPONENTS\list.json, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\weather\forecast_en.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\CT2786678\weather\history.xml, , [a40b64010297c571880135c900029f61],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome.manifest, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\install.rdf, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\authentication.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSite.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSite.jsm, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSiteAdvanced.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSiteEditWebsite.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSiteOverlay.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSiteOverlay.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSitePrefs.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSitePrefs.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\BlockSiteSetWebsite.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\config.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\config_special.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\convert2RegExp.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\hex_sha256.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\md5.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\SetWebsiteBlack.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\SetWebsiteWhite.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\special_thanks.css, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\special_thanks.html, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\special_thanks.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\tooltip.css, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\translate.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\Usage.xul, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\wips.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\wipstats.js, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\agree_continue.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\bodybg.jpg, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\context-icon.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\dont_help.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\icon32.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\icon48.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\logo.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\logo_settings.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\mrwips.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\question_mark.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\content\img\question_mark14.png, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\en-US\BlockSite.dtd, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\en-US\BlockSite.properties, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\en-US\contents.rdf, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\nl-NL\BlockSite.dtd, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\nl-NL\BlockSite.properties, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\chrome\locale\nl-NL\contents.rdf, , [d1de6005d1c8c0766782f60846bc5ea2],
PUP.Optional.BlockSite, C:\Documents and Settings\Egle\Application Data\Mozilla\Firefox\Profiles\HD8VCUH6.DEFAULT\EXTENSIONS\{dd3d7613-0246-469d-bc65-2a3cc1668adc}\defaults\preferences\prefs.js, , [d1de6005d1c8c0766782f60846bc5ea2],

Physical Sectors: 0
(No malicious items detected)


(end)



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:57 PM

Posted 27 February 2016 - 08:24 PM

Yes....allow MBAM to delete and quarantine what it found. Reboot if it asks you to.

 

Use the programs below to complete the clean up of adware and malware. No one program finds all the crap.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Tilkon

Tilkon
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 28 February 2016 - 05:53 AM

# AdwCleaner v5.008 - Logfile created 23/09/2015 at 08:29:07
# Updated 18/09/2015 by Xplode
# Database : 2015-09-22.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Owner - LEGENDA
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
Folder Found : C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\SDP
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKU\.DEFAULT\Software\APN
Key Found : HKU\.DEFAULT\Software\Ask.com
Key Found : HKU\.DEFAULT\Software\AskToolbar
Key Found : HKCU\Software\Burn4Free
Key Found : HKCU\Software\SlimWare Utilities Inc
Key Found : HKCU\Software\Yahoo\Companion
Key Found : HKCU\Software\Yahoo\YFriendsBar
Key Found : HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Yahoo\Companion
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1003\Software\AppDataLow\Software\Yahoo\Companion

***** [ Web browsers ] *****

[C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : jpmbfleldcgkldadpdinhjjopdfpjfjp

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2170 bytes] ##########
# AdwCleaner v5.036 - Logfile created 28/02/2016 at 11:38:08
# Updated 22/02/2016 by Xplode
# Database : 2016-02-28.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Owner - LEGENDA
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\MTV Networks
Folder Found : C:\Program Files\MTV Networks

***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Key Found : HKCU\Software\MTV Networks
Key Found : HKLM\SOFTWARE\simplitec
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Conduit
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\DVDVideoSoft\toolbar
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Search_USA
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Softonic
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Yahoo\Companion
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Yahoo\YFriendsBar
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\YahooPartnerToolbar
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKU\S-1-5-21-796845957-790525478-839522115-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Classes\PCSuiteContactsView
Key Found : HKCU\Software\Classes\PCSuiteMessagesView
Key Found : HKLM\SOFTWARE\Classes\.bglog

***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2443 bytes] - [23/09/2015 07:31:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [7780 bytes] - [22/09/2015 17:36:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [4532 bytes] - [23/09/2015 07:29:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [7780 bytes] - [27/02/2016 21:18:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4678 bytes] ##########
 


# AdwCleaner v5.008 - Logfile created 23/09/2015 at 08:31:58
# Updated 18/09/2015 by Xplode
# Database : 2015-09-22.3 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Owner - LEGENDA
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\SDP
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Key Deleted : HKU\.DEFAULT\Software\APN
[-] Key Deleted : HKU\.DEFAULT\Software\Ask.com
[-] Key Deleted : HKU\.DEFAULT\Software\AskToolbar
[-] Key Deleted : HKCU\Software\Burn4Free
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[!] Key Not Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1003\Software\AppDataLow\Software\Yahoo\Companion

***** [ Web browsers ] *****

[-] [C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jpmbfleldcgkldadpdinhjjopdfpjfjp

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2364 bytes] ##########
# AdwCleaner v5.036 - Logfile created 28/02/2016 at 11:40:15
# Updated 22/02/2016 by Xplode
# Database : 2016-02-28.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Owner - LEGENDA
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\MTV Networks
[-] Folder Deleted : C:\Program Files\MTV Networks

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKCU\Software\MTV Networks
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Conduit
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\DVDVideoSoft\toolbar
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Search_USA
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Softonic
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Yahoo\Companion
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\YahooPartnerToolbar
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-1009\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKU\S-1-5-21-796845957-790525478-839522115-501\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKCU\Software\Classes\PCSuiteContactsView
[-] Key Deleted : HKCU\Software\Classes\PCSuiteMessagesView
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bglog

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4780 bytes] - [23/09/2015 07:31:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [7780 bytes] - [22/09/2015 17:36:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [4757 bytes] - [23/09/2015 07:29:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [7780 bytes] - [27/02/2016 21:18:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5072 bytes] ##########
 



#4 Tilkon

Tilkon
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 28 February 2016 - 05:56 AM

Don't know if it matters: while running JRT I read something like "line 9 too long" in the black screen....

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Microsoft Windows XP x86
Ran by Owner (Administrator) on dom 28.02.16 at 11.45.06,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\WINDOWS\prefetch\FREECOUNTDOWNTIMER.EXE-2E5A3713.pf (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on dom 28.02.16 at 11.49.13,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:57 PM

Posted 28 February 2016 - 07:26 AM

After posting the results of the Eset scan.......You have MBAM so please run a MBAM scan using the settings below.

 

  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Tilkon

Tilkon
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 28 February 2016 - 10:56 AM

C:\System Volume Information\_restore{3F7FB183-E7B1-4493-82FB-B60F672B9406}\RP3106\A1353109.inf    Win32/Toolbar.TNT2.F potentially unwanted application    cleaned by deleting
C:\System Volume Information\_restore{3F7FB183-E7B1-4493-82FB-B60F672B9406}\RP3106\A1353113.dll    a variant of Win32/Toolbar.TNT2.B potentially unwanted application    cleaned by deleting
C:\System Volume Information\_restore{3F7FB183-E7B1-4493-82FB-B60F672B9406}\RP3106\A1353114.dll    a variant of Win64/Toolbar.TNT2.A potentially unwanted application    cleaned by deleting
C:\System Volume Information\_restore{3F7FB183-E7B1-4493-82FB-B60F672B9406}\RP3106\A1353116.dll    a variant of Win32/Toolbar.TNT2.H potentially unwanted application    cleaned by deleting
C:\System Volume Information\_restore{3F7FB183-E7B1-4493-82FB-B60F672B9406}\RP3106\A1353117.dll    a variant of Win32/Toolbar.TNT2.C potentially unwanted application    cleaned by deleting
C:\System Volume Information\_restore{3F7FB183-E7B1-4493-82FB-B60F672B9406}\RP3106\A1353118.dll    a variant of Win32/Toolbar.TNT2.C potentially unwanted application    cleaned by deleting
C:\System Volume Information\_restore{3F7FB183-E7B1-4493-82FB-B60F672B9406}\RP3106\A1353125.dll    a variant of Win32/Toolbar.TNT2.C potentially unwanted application    cleaned by deleting
 



#7 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:57 PM

Posted 28 February 2016 - 11:13 AM

The last thing to do after we finish cleaning up the computer is to follow the instructions below to remove the infected Restore points.

I'm posting that now so I won't forget to tell you....:)

How to remove all System Restore points except the most recent one

To do this:-
Click Start > All Programs > Accessories > System Tools > Click Disc Cleanup
Now launch this utility and click More Options tab. Under which click System Restore and followed by that click Clean Up tab a message will popup -Are you sure you want to delete all but the most recent restore point?Click Yes then OK. Finally another message will  popup-Are you sure you want to perform these actions?Click Yes.
Now, all the System Restore points except the most recent one are cleaned. As a result there will be more free space in hard disk.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 Tilkon

Tilkon
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 28 February 2016 - 04:38 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 28.2.16
Scan Time: 17.03.56
Logfile: tftf.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.02.28.03
Rootkit Database: v2016.02.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Owner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 564397
Time Elapsed: 27 min, 51 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#9 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:57 PM

Posted 28 February 2016 - 06:02 PM

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 Tilkon

Tilkon
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 29 February 2016 - 04:23 AM

Windows

 

 

Yes    HKCU:Run    ctfmon.exe    Microsoft Corporation    C:\WINDOWS\system32\ctfmon.exe
No    HKCU:Run    Dropbox Update    Dropbox, Inc.    "C:\Documents and Settings\Owner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe" /c
Yes    HKCU:Run    f.lux    Flux Software LLC    "C:\Documents and Settings\Owner\Local Settings\Application Data\FluxSoftware\Flux\flux.exe" /noshow
Yes    HKCU:Run    Free Internet Window Washer        C:\Program Files\Free Internet Window Washer\Clearpch.exe -Start
Yes    HKCU:Run    FreeCT    Comfort Software Group    C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe -autorun
Yes    HKCU:Run    Google Update    Google Inc.    "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
Yes    HKCU:Run    iCloudServices    Apple Inc.    C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
Yes    HKCU:Run    RoboForm    Siber Systems    "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
Yes    HKCU:Run    Skype    Skype Technologies S.A.    "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
No    HKCU:Run    Spotify Web Helper        "C:\Documents and Settings\Owner\Application Data\Spotify\Data\SpotifyWebHelper.exe"
Yes    HKCU:Run    Taskbar Shuffle        C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
Yes    HKCU:Run    Winsplit        C:\Program Files\WinSplit Revolution\WinSplit.exe
Yes    HKLM:Run    Acrobat Assistant 8.0    Adobe Systems Inc.    "F:\Adobe Acrobat\Acrobat\Acrotray.exe"
Yes    HKLM:Run    Adobe Acrobat Speed Launcher    Adobe Systems Incorporated    "F:\Adobe Acrobat\Acrobat\Acrobat_sl.exe"
Yes    HKLM:Run    Adobe ARM    Adobe Systems Incorporated    "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes    HKLM:Run    AppleSyncNotifier    Apple Inc.    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
Yes    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes    HKLM:Run    bit4id store register    Microsoft Corporation    RUNDLL32.EXE "C:\WINDOWS\system32\bit4cnsp.dll",RegisterMyPhysicalStore
Yes    HKLM:Run    BullGuard    BullGuard Ltd.    "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot
Yes    HKLM:Run    BullGuardUpdate2    BullGuard Ltd.    c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe
No    HKLM:Run    CanonQuickMenu    CANON INC.    C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
No    HKLM:Run    IJNetworkScannerSelectorEX    CANON INC.    C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
No    HKLM:Run    ipTray.exe    Intel® Corporation    "C:\Program Files\Intel\Intel Desktop Utilities\ipTray.exe"
Yes    HKLM:Run    ISUSPM Startup    Macrovision Corporation    "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
Yes    HKLM:Run    ISUSScheduler    Macrovision Corporation    "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
Yes    HKLM:Run    NvBackend    NVIDIA Corporation    "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
Yes    HKLM:Run    NvCplDaemon    Microsoft Corporation    RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
Yes    HKLM:Run    NvMediaCenter    Microsoft Corporation    RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
Yes    HKLM:Run    nwiz    NVIDIA Corporation    C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
Yes    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Program Files\QuickTime\QTTask.exe" -atboottime
No    HKLM:Run    sospcSelf        C:\Program Files\SOS PC Self\clientBase\SOSPCSelf Widget minimize=true
Yes    HKLM:Run    SwitchBoard    Adobe Systems Incorporated    C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
Yes    HKLM:Run    SysTrayApp    IDT, Inc.    %ProgramFiles%\IDT\WDM\sttray.exe
Yes    HKLM:Run    WheelMouse    A4Tech Co.,Ltd.    C:\Program Files\A4Tech\Mouse\Amoumain.exe
Yes    HKLM:RunOnce    WIAWizardMenu    Microsoft Corporation    RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
No    Startup Common    Windows Search.lnk    Microsoft Corporation    C:\PROGRA~1\WI459E~1\WINDOW~1.EXE
No    Startup User    OneNote 2007 Screen Clipper and Launcher.lnk    Microsoft Corporation    C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE
Yes    Startup User    RescueTime.lnk    RescueTime, Inc.    C:\Program Files\RescueTime\RescueTime.exe
Yes    Startup User    Shortcut to stickies.exe.lnk    Zhorn Software    C:\Program Files\Stickies\stickies.exe
No    Startup User    SpeedFan.lnk    Almico Software (www.almico.com)    C:\PROGRA~1\SpeedFan\speedfan.exe
Yes    Startup User    Wireless Network Watcher.lnk    NirSoft    C:\Program Files\NirSoft\Wireless Network Watcher\WNetWatcher.exe
 


Scheduled tasks

 

 

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    Defraggler Volume D Task    Piriform Ltd    C:\Program Files\Defraggler\df.exe "D:" /ts /user "Owner" /appPath "C:\Program Files\Defraggler"  /QD
No    Task    Disk C Image full xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk C Image.xml"    -full
No    Task    Disk C Image incremental xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk C Image.xml"        -inc
No    Task    Disk D Backup full xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk D Backup.xml"  -full
No    Task    Disk D Backup increment xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\Reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk D Backup.xml"         -inc
No    Task    Disk F Backup full xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk F Backup.xml"    -full
No    Task    Disk F Backup increment xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\Reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk F Backup.xml"           -inc
No    Task    Disk F2 Backup full xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk F2 Backup.xml"    -full
No    Task    Disk F2 Backup incremental xml    Paramount Software UK Ltd    c:\program files\macrium\reflect\reflect.exe -e -w "C:\Documents and Settings\Owner\My Documents\Reflect\Disk F2 Backup.xml"          -inc
Yes    Task    DropboxUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003Core    Dropbox, Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe /c
Yes    Task    DropboxUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003UA    Dropbox, Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes    Task    G2MUpdateTask-S-1-5-21-796845957-790525478-839522115-1003    Citrix Online, a division of Citrix Systems, Inc.    C:\Program Files\Citrix\GoToMeeting\4431\g2mupdate.exe
Yes    Task    G2MUploadTask-S-1-5-21-796845957-790525478-839522115-1003    Citrix Online, a division of Citrix Systems, Inc.    C:\Program Files\Citrix\GoToMeeting\4431\g2mupload.exe
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003Core    Google Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003UA    Google Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    Microsoft Windows XP End of Service Notification Logon    Microsoft Corporation    C:\WINDOWS\system32\xp_eos.exe -c
Yes    Task    Microsoft Windows XP End of Service Notification Monthly    Microsoft Corporation    C:\WINDOWS\system32\xp_eos.exe
 


Installed programs

 

 

2X-Office 7.80        7.6.14        
6425    Microsoft    17.3.11    36,62 MB    1.0.0
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch    Adobe Systems    15.5.13        9.5.5
Adobe AIR    Adobe Systems Incorporated    27.9.13        3.8.0.1430
Adobe Community Help    Adobe Systems Incorporated.    7.5.11        3.4.980
Adobe Content Viewer    Adobe Systems Incorporated    7.5.11        1.4.0
Adobe Download Assistant    Adobe Systems Incorporated    7.5.11        1.0.0
Adobe Download Manager    NOS Microsystems Ltd.    22.5.14        1.6.2.63
Adobe Dreamweaver CS3    Adobe Systems Incorporated    17.10.10        9.0
Adobe Flash Player 19 ActiveX    Adobe Systems Incorporated    24.2.16        19.0.0.245
Adobe Flash Player 20 NPAPI    Adobe Systems Incorporated    24.2.16        20.0.0.306
Adobe Illustrator CS3    Adobe Systems Incorporated    20.4.10        13.0
Adobe InDesign CS5.5    Adobe Systems Incorporated    22.5.14        7.5
Adobe Interactive Guide    Adobe Systems Incorporated    18.11.09        v2.206
Adobe Media Player    Adobe Systems Incorporated    12.5.10        1.8
Adobe Photoshop CS4    Adobe Systems Incorporated    7.7.09        11.0
Adobe Reader XI (11.0.08)    Adobe Systems Incorporated    25.2.16    182,00 MB    11.0.08
Adobe Shockwave Player 11.6    Adobe Systems, Inc    12.3.12    34,77 MB    11.6.1.629
Antares Autotune Evo VST RTAS v6.0.9        7.1.13        
Antares Tube 1.02 DirectX        21.2.16        
Apple Software Update    Apple Inc.    15.2.16    2,38 MB    2.1.3.127
Audacity 1.2.6        22.5.14        
Automap 4.7    Focusrite Audio Engineering Ltd.    8.9.13        4.7
Avidemux 2.6 (32-bit)        17.2.16        2.6.8.9046
aXbo research 2.0.18    infactory    22.5.14        
aXbo up2date    MEDS    10.1.12    0,67 MB    1.2.1
Bass Station 1.6    Novation Digital Music Systems Ltd.    12.9.13        1.6
BazzISM2 VST3 2.4.9    intelligent sounds and music    29.2.16        2.4.9
BigKick version 1.5.2        27.9.14        1.5.2
Bit4Id - miniLector    Bit4id    22.5.14        3.0
Bit4Id - PdL Cittadino per la CRS di Regione Lombardia - 1.2.13    Bit4Id    29.2.16        1.2.13
Breaker    Davide Vitelaru    7.1.14    0,82 MB    3.0.3
BullGuard Internet Security    BullGuard Ltd.            16.0
bx_cleansweep Native 1.0    Brainworx    24.2.10        
Canon Easy-WebPrint EX    Canon Inc.    24.5.14        1.4.1.0
Canon IJ Network Scanner Selector EX    Canon Inc.    24.5.14        1.5.1.4
Canon IJ Network Tool    Canon Inc.    24.5.14        3.4.0
Canon IJ Scan Utility    Canon Inc.    10.11.14        1.1.5.14
Canon MX470 series MP Drivers    Canon Inc.    10.11.14        1.00
Canon MX470 series On-screen Manual    Canon Inc.    23.5.14        7.6.1
Canon MX470 series User Registration    ‭Canon Inc.    10.11.14        
Canon My Image Garden    Canon Inc.    23.5.14        2.1.0
Canon My Image Garden Design Files    Canon Inc.    21.2.16        2.1.0
Canon My Printer    Canon Inc.    23.5.14        3.2.0
Canon Quick Menu    Canon Inc.    23.5.14        2.3.0
Canon Speed Dial Utility    Canon Inc.    23.5.14        1.4.0
CCleaner    Piriform    13.11.14        4.19
Citrix Online Launcher    Citrix    29.10.14    0,26 MB    1.0.223
CM MFX Rack    Nomad Factory    11.3.10    3,11 MB    1.00.0000
Compatibility Pack for the 2007 Office system    Microsoft Corporation    10.2.16    391,00 MB    12.0.6612.1000
Corel Graphics - Windows Shell Extension    Corel Corporation    29.3.10        15.0.0.487
CorelDRAW® Graphics Suite X5    Corel Corporation    22.5.14        15.0.0.486
coverXP (remove only)        22.5.14        
CRS Kit 1.0    Lombardia Informatica S.p.a.    3.5.12        
CRS Manager 4.2.01    Lombardia Informatica    4.11.14        
Decimort 1.3.1 (32bit)    D16 Group Audio Software    15.7.14    3,95 MB    1.3.1.0
Defraggler    Piriform    18.2.16        2.13
DiskCheckup v3.1    PassMark Software    30.9.11        3.1.1001
Dropbox    Dropbox, Inc.    20.2.16        3.14.7
Drumazon 1.5.1 (32bit)    D16 Group Audio Software    19.9.13    9,87 MB    1.5.1.0
eLicenser Control    Steinberg Media Technologies GmbH    21.2.16        6.7.1.8150
ERUNT 1.1j    Lars Hederer    13.11.14        
ESET Online Scanner v3        24.9.15        
Everything 1.3.4.686 (x86)        13.11.14        
EZdrummer    Toontrack    3.5.12    701,00 MB    1.0
EZdrummer Lite Installer    Toontrack    24.2.10    166,00 MB    1.1.4
EZXCocktail    Toontrack    24.2.10    175,00 MB    1.2
f.lux        29.2.16        
FabFilter One 2.01        22.5.14        
Fazortan 1.3.1 (32bit)    D16 Group Audio Software    17.7.14    3,99 MB    1.3.1.0
FileZilla Client 3.7.1    FileZilla Project    22.5.14        3.7.1
FileZilla Client 3.7.3    Tim Kosse    22.5.14        3.7.3
FLUX Spring Pack Bundle v1.0.4.14    TEAM AiR    22.5.14        
Free Countdown Timer 3.1.0    Comfort Software Group    28.1.15        3.1
Free Hide Folder        22.5.14        
Free Internet Window Washer        22.5.14        
Free Video Flip and Rotate version 1.8    DVDVideoSoft Limited.    5.8.10        
Garmin Communicator Plugin    Garmin Ltd or its subsidiaries    5.1.16    14,64 MB    4.2.0
Geeks3D.com FurMark 1.10.6    Geeks3D.com    30.4.13        
getPlus® Download Manager for Corel    NOS Microsystems Ltd.    22.5.14        1.5.0.56
Google Chrome    Google Inc.    28.11.11        48.0.2564.116
Google Earth    Google    12.12.13    180,00 MB    7.1.2.2041
GoToMeeting 7.12.0.4431    CitrixOnline    21.2.16        7.12.0.4431
HandBrake 0.9.8        22.5.14        0.9.8
HD Tune 2.55    EFD Software    16.5.14        
iCF Skin Pack        29.2.16        
iCloud    Apple Inc.    11.2.12    22,41 MB    1.0.2.17
iColorFolder        22.5.14        
IIS 7.5 Express    Microsoft Corporation    20.11.12    12,22 MB    7.5.1190
IK Multimedia Authorization Manager version 1.0.3    IK Multimedia    27.12.11        1.0.3
ImageMagick 6.7.6-5 Q16 (2012-05-01)    ImageMagick Studio LLC    5.5.12        6.7.6
ImageMagick 6.7.8-6 Q16 (2012-08-01)    ImageMagick Studio LLC    9.2.13        6.7.8
ImageMagick 6.8.8-10 Q16 (32-bit) (2014-04-01)    ImageMagick Studio LLC    7.4.14        6.8.8
ImgBurn    LIGHTNING UK!    5.7.11        2.5.5.0
inSSIDer Home    MetaGeek, LLC    4.3.15    7,60 MB    3.1.2.1
Install Intel Desktop Utilities    Intel Corporation    26.5.07    0,15 MB    1.0.0
Installazione Guidata Alice        22.5.14        
Intel® Desktop Utilities    Intel® Corporation    30.9.11        3.0.15
Intel® Network Connections 18.3.62.0    Intel    3.2.14        18.3.62.0
Intel® SMBus        21.2.16        
InterLok Driver Kit    PACE Anti-Piracy    28.5.07    0,08 MB    5.3.4.2414
Java 7 Update 55    Oracle    27.1.14    118,00 MB    7.0.550
Java™ 6 Update 39    Oracle    12.8.12    91,84 MB    6.0.390
K-Lite Mega Codec Pack 10.0.5        25.9.13        10.0.5
KMPlayer    PandoraTV    27.2.16        4.0.3.1
KORG Legacy Collection - M1    KORG Inc.    2.2.14    69,51 MB    1.7.0
LADSPA_plugins-win-0.4.15    Audacity Team    22.5.14        
License Support    PACE Anti-Piracy, Inc.    10.6.14        1.3.0.8766
LinPlug RMV        5.2.16        
LinPlug RMV Drum Library        29.2.16        
LinPlug RMV Loop Library        29.2.16        
Loquendo TTS 7 Allison Multimedia High Quality    Loquendo    5.2.13    40,74 MB    7.3.0
Loquendo TTS 7 Dave Multimedia High Quality    Loquendo    5.2.13    50,22 MB    7.3.0
Loquendo TTS 7 Elizabeth Multimedia High Quality    Loquendo    5.2.13    40,78 MB    7.3.0
Loquendo TTS 7 Engine Full Distribution    Loquendo    5.2.13    9,61 MB    7.5.0
Loquendo TTS 7 English    Loquendo    5.2.13    2,91 MB    7.4.0
Loquendo TTS 7 Kate Multimedia High Quality    Loquendo    5.2.13    53,66 MB    7.3.0
Loquendo TTS 7 SDK Distribution    Loquendo    5.2.13    76,62 MB    7.3.1
Loquendo TTS 7 Simon Multimedia High Quality    Loquendo    5.2.13    50,97 MB    7.3.0
Loquendo TTS 7 Steven Multimedia High Quality    Loquendo    5.2.13    39,48 MB    7.3.0
Loquendo TTS 7 Susan Multimedia High Quality    Loquendo    5.2.13    52,00 MB    7.3.0
Loquendo TTS: Luca (Italian)        22.5.14        
Loquendo TTS: Paola (Italian)        22.5.14        
Loquendo TTS: Roberto (Italian)        22.5.14        
Macrium Reflect Standard Edition    Paramount Software (UK) Ltd.    28.7.15        5.3
Magnifier    Iconico    22.5.14        2.4
Malwarebytes Anti-Malware version 2.2.0.1024    Malwarebytes    27.2.16        2.2.0.1024
Marvell 61xx MRU    Marvell    22.5.14        1.0.0.29
Massey VST Demos (Remove only)        21.2.16        
McAfee Security Scan Plus    McAfee, Inc.            3.11.266.3
MediaCoder 2011    Broad Intelligence    22.5.14        2011
MediaCoder Audio Edition 0.7.2.4525    Broad Intelligence    22.5.14        0.7.2.4525
Microsoft .NET Framework 1.1        10.7.13        
Microsoft .NET Framework 2.0 Service Pack 2    Microsoft Corporation    14.2.14    2.764,00 MB    2.2.30729
Microsoft .NET Framework 3.0 Service Pack 2    Microsoft Corporation    13.10.13    344,00 MB    3.2.30729
Microsoft .NET Framework 4 Client Profile    Microsoft Corporation    14.2.14        4.0.30319
Microsoft .NET Framework 4 Extended    Microsoft Corporation    14.2.14        4.0.30319
Microsoft ASP.NET Web Pages 2    Microsoft Corporation    22.5.14        2.0.20715.0
Microsoft Base Smart Card Cryptographic Service Provider Package    Microsoft Corporation    21.2.16        
Microsoft Compression Client Pack 1.0 for Windows XP    Microsoft Corporation    24.6.07        1
Microsoft Office Enterprise 2007    Microsoft Corporation    10.2.16        12.0.6612.1000
Microsoft Office File Validation Add-In    Microsoft Corporation    14.5.14    10,90 MB    14.0.5130.5003
Microsoft Silverlight    Microsoft Corporation    24.7.14    394,00 MB    5.1.30514.0
Microsoft SQL Server 2008 R2 Management Objects    Microsoft Corporation    20.11.12    21,65 MB    10.51.2500.0
Microsoft SQL Server 2008 R2 Native Client    Microsoft Corporation    20.11.12    4,45 MB    10.51.2500.0
Microsoft SQL Server Compact 4.0 SP1 ENU CTP1    Microsoft Corporation    20.11.12    12,45 MB    4.0.8854.1
Microsoft SQL Server Compact 4.0 Web Tools ENU    Microsoft Corporation    20.11.12    0,12 MB    4.0.8482.1
Microsoft SQL Server System CLR Types    Microsoft Corporation    20.11.12    4,21 MB    10.51.2500.0
Microsoft User-Mode Driver Framework Feature Pack 1.7    Microsoft Corporation    22.6.09        
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053    Microsoft Corporation    30.7.09    0,11 MB    8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    24.8.13    4,61 MB    8.0.56336
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022    Microsoft Corporation    21.7.13    7,49 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    27.12.11    10,29 MB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    28.12.11    15,00 MB    9.0.30729.6161
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005    Microsoft Corporation    9.11.15        12.0.21005.1
Microsoft Visual Studio Tools for Applications 2.0 - ENU    Microsoft Corporation    16.6.11    214,00 MB    9.0.30729
Microsoft Visual Studio Tools for Applications 2.0 Runtime    Microsoft Corporation    29.3.10    1,76 MB    9.0.30729
Microsoft Web Deploy 3.0    Microsoft Corporation    20.11.12    10,85 MB    3.1236.1631
Microsoft Web Platform Installer 4.0    Microsoft Corporation    20.11.12    4,28 MB    4.0.1692
Microsoft WebMatrix 2    Microsoft Corporation    20.11.12    28,04 MB    2.0.1692
MIDI-OX    MIDIOX Computing    9.9.13    1,99 MB    7.02.372
minimoog V2 2.0    Arturia    1.12.15        
MobileMe Control Panel    Apple Inc.    25.4.12    12,91 MB    3.1.8.0
Moo0 Audio Converter 1.32        24.9.14        
MOV to WMV 1.1    movtowmv.com    24.7.10        
Move Networks Media Player for Internet Explorer        5.2.16        
Mozilla Firefox 44.0.2 (x86 en-US)    Mozilla    12.2.16        44.0.2
Mozilla Maintenance Service    Mozilla    14.2.16        44.0.2.5884
MrRay VST Electric Piano version 2.2        22.5.14        
MSXML 4.0 SP2 (KB925672)    Microsoft Corporation    24.5.07    2,56 MB    4.20.9839.0
MSXML 4.0 SP2 (KB927978)    Microsoft Corporation    24.5.07    2,56 MB    4.20.9841.0
MSXML 4.0 SP2 (KB936181)    Microsoft Corporation    16.8.07    2,62 MB    4.20.9848.0
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    13.11.08    2,67 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    25.11.09    2,77 MB    4.20.9876.0
MSXML 4.0 SP2 Parser and SDK    Microsoft Corporation    24.5.07    1,21 MB    4.20.9818.0
MSXML 4.0 SP3 Parser    Microsoft Corporation    28.9.12    2,87 MB    4.30.2100.0
MSXML 4.0 SP3 Parser (KB2721691)    Microsoft Corporation    29.9.12    2,99 MB    4.30.2114.0
MSXML 4.0 SP3 Parser (KB2758694)    Microsoft Corporation    9.1.13    3,01 MB    4.30.2117.0
MSXML 6.0 Parser (KB933579)    Microsoft Corporation    30.5.08    1,30 MB    6.10.1200.0
Music Label 2009 v15.0.3    Code|Aero Technologies    1.2.09        
MusicBee 2.5    Steven Mayall    14.1.16        2.5
MusicLab DrumTools Performance Designer    MusicLab, Inc.    25.5.07        
MySQL Connector Net 6.5.4    Oracle    20.11.12    13,32 MB    6.5.4
NanoStudio 1.42        28.12.13        
NanoSync 1.30    Blip Interactive Ltd    22.5.14        1.30
National Instruments Software    National Instruments    22.5.14        
Native Instruments Abbey Road 60s Drums                
Native Instruments Absynth 5                
Native Instruments Acoustic Refractions                
Native Instruments Battery 3                
Native Instruments FM8                
Native Instruments George Duke Soul Treasures                
Native Instruments Guitar Rig 4                
Native Instruments Komplete 7                
Native Instruments Kontakt 5                
Native Instruments Kore Player                
Native Instruments Massive                
Native Instruments Pro-53        22.5.14        
Native Instruments Rammfire                
Native Instruments Reaktor 5                
Native Instruments Reaktor 5 Factory Content                
Native Instruments Reaktor Prism                
Native Instruments Reaktor Spark R2                
Native Instruments Reflektor                
Native Instruments Scarbee A-200                
Native Instruments Scarbee Clavinet Pianet                
Native Instruments Scarbee Mark I                
Native Instruments Scarbee MM-Bass                
Native Instruments Service Center                
Native Instruments The Finger R2                
Native Instruments Traktor                
Native Instruments Traktors 12                
Nepheton 1.5.1 (32bit)    D16 Group Audio Software    2.2.14    10,05 MB    1.5.1.0
NirSoft ShellExView        3.2.16        
NirSoft Wireless Network Watcher        23.8.15        
Nitro PDF Reader    Nitro PDF Software    12.5.11    80,36 MB    1.4.0.11
Nokia Connectivity Cable Driver    Nokia    22.6.09    2,88 MB    7.1.17.0
Notepad++        22.5.14        6.2.3
Novation USB Audio Driver 2.3    Novation DMS Ltd.    8.9.13        2.3
NVIDIA GeForce Experience 2.4.5.44    NVIDIA Corporation    13.6.15        2.4.5.44
NVIDIA Graphics Driver 340.52    NVIDIA Corporation    12.6.15        340.52
NVIDIA HD Audio Driver 1.3.30.1    NVIDIA Corporation    12.6.15        1.3.30.1
NVIDIA nView 141.24    NVIDIA Corporation    12.6.15        141.24
NVIDIA PhysX System Software 9.13.1220    NVIDIA Corporation    12.6.15        9.13.1220
Ohm Force - Symptohm PE VST2        29.2.16        
OhmForce Frohmage VST2        29.2.16        
OhmForce Ohmygod VST2        29.2.16        
Orca    Microsoft Corporation    11.2.12    3,06 MB    3.1.3790.0000
PACE License Support Win32    PACE Anti-Piracy, Inc.    10.6.14        2.3.1.0494
Packet8 VoIP Special Offer    Intel Corporation    26.5.07    0,01 MB    1.0.0
PandoraRecovery (Remove Only)        22.5.14        
PC Connectivity Solution    Nokia    22.6.09    12,15 MB    9.23.3.0
PCM Native Reverb Bundle                
PDF-Viewer    Tracker Software Products Ltd    9.2.13        2.5.208.0
PocketKnife Peek 1.3    Michael H. Shacter    29.8.09        1.3
PowerISO    PowerISO Computing, Inc.    22.5.14        4.7
Premium VoIP Offers    Intel Corporation    26.5.07    9,85 MB    1.0.0
PrimoPDF -- brought to you by Nitro PDF Software    Nitro PDF Software    22.5.14        5
PSP PianoVerb 1.0        29.2.16        
PSP VintageWarmer2 32bit    PSPaudioware.com    23.7.14        2.5.2 32bit
QuickTime 7    Apple Inc.    15.2.16    72,02 MB    7.76.80.95
R-Studio 7.7    R-Tools Technology Inc.    20.10.15        7.7.159851
Recuva    Piriform    19.10.15        1.51
Redoptor 1.3.1 (32bit)    D16 Group Audio Software    15.7.14    4,52 MB    1.3.1.0
Refined Audiometrics CLAS NR VST v1.53        21.2.16        
reFX Nexus 1.0.0    reFX    28.8.09        1.0.0
reFX Nexus 1.4.0        28.8.09        
RescueTime 2.11.2.1410    RescueTime.com    12.12.15        
Revo Uninstaller 1.94    VS Revo Group    22.5.14        1.94
Rhino 2.04    Big Tick    1.12.15        2.04
Rob Papen Albino 2        21.2.16        
Rob Papen Albino 3        29.2.16        
RoboForm 7-9-17-5 (All Users)    Siber Systems    17.2.16        7-9-17-5
Safari    Apple Inc.    19.3.13    105,00 MB    5.34.57.2
Secunia PSI (2.0.0.4003)    Secunia    22.5.14        2.0.0.4003
SES Driver    Western Digital    24.5.11    0,02 MB    1.0.0
sfArk        22.5.14        
SideKick4.3.2    Twisted Lemon    2.5.10        
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista    Silicon Laboratories, Inc.    20.8.08        4.40
Skype Setup Launcher    Skype    26.5.07        1.0.0
Skype™ 7.18    Skype Technologies S.A.    1.2.16    127,00 MB    7.18.109
Softube Tube-Tech CL 1B VST RTAS v1.0.3        2.8.10        
Sonalksis Plug-Ins for Windows 3.00    Sonalksis    2.8.10        
Songr    Xamasoft    17.2.15        2.0.2330
Sophos Virus Removal Tool    Sophos Limited    5.12.15    141,00 MB    2.5.5
SoundToys Native Effects VST RTAS v3.1.2        2.8.10        
Speccy    Piriform    19.9.15        1.28
SpeedFan (remove only)        3.2.16        
SPL Analog Code EQ Rangers Volume One VST RTAS v1.2        5.8.10        
SPL Analog Code Transient Designer VST RTAS v1.2        5.8.10        
SPL Analog Code TwinTube Processor VST RTAS v1.2        5.8.10        
Spotify    Spotify AB    3.1.16        1.0.20.94.g8f8543b3
SSL Duende Native (32-bit) v3.6.6    Team V.R    8.4.11        3.6.6
Steinberg Cubase SL        22.5.14        
Steinberg Cubase Studio 5    Steinberg Media Technologies GmbH    30.12.13    232,00 MB    5.5.3
Steinberg Drum Loop Expansion 01    Steinberg Media Technologies GmbH    1.8.10    424,00 MB    1.0.0.1
Steinberg Groove Agent ONE Content    Steinberg Media Technologies GmbH    1.8.10    142,00 MB    1.0.0.003
Steinberg Groove Agent ONE Vintage Beatboxes    Steinberg Media Technologies GmbH    30.12.13    38,01 MB    1.0.0.000
Steinberg HALion 2    Steinberg    21.2.16        2.0
Steinberg HALionOne    Steinberg Media Technologies GmbH    1.8.10    264,00 MB    1.1.0.457
Steinberg HALionOne Additional Content Set 01    Steinberg Media Technologies GmbH    1.8.10    940,00 MB    1.0.0.001
Steinberg HALionOne Expression Set    Steinberg Media Technologies GmbH    1.8.10    231,00 MB    1.0.1.0
Steinberg HALionOne GM Drum Set    Steinberg Media Technologies GmbH    1.8.10    23,94 MB    1.0.1.457
Steinberg HALionOne GM Set    Steinberg Media Technologies GmbH    1.8.10    63,61 MB    1.0.1.457
Steinberg HALionOne Studio Drum Set    Steinberg Media Technologies GmbH    1.8.10    48,06 MB    1.0.1.457
Steinberg HALionOne Studio Set    Steinberg Media Technologies GmbH    1.8.10    112,00 MB    1.0.1.457
Steinberg SKI Remote    Steinberg Media Technologies GmbH    31.8.13    1,73 MB    1.0.5
Stickies 8.0b    Zhorn Software    6.2.16        
Stylus    Spectrasonics, Inc.    22.5.14        
Subtitle Workshop 6.0b        14.9.15        
Supporto applicazioni Apple    Apple Inc.    15.2.16    65,76 MB    2.3.6
Sylenth1 v2.20        31.1.11        
Synth1        22.5.14        
System Requirements Lab for Intel    Husdawg, LLC    2.5.14    1,03 MB    4.5.13.0
Taskbar Shuffle version 2.5    Jay Elaraj    3.6.11        2.5
TeamViewer 7    TeamViewer    22.5.14        7.0.13989
TextAloud    NextUp.com    5.2.13        2.0
TomTom HOME 2.8.3.2499    TomTom    22.5.14        2.8.3.2499
TomTom HOME Visual Studio Merge Modules    TomTom International B.V.    24.7.09    1,63 MB    1.0.2
Toontrack solo    Toontrack    24.2.10    11,29 MB    1.2.2
Toraverb 1.3.1 (32bit)    D16 Group Audio Software    2.7.14    4,93 MB    1.3.1.0
TreeSize Free V3.4.5    JAM Software    27.2.16        3.4.5
Uninstall 1.0.0.1        5.8.10        
Unlocker 1.9.2    Cedrick Collomb    22.5.14        1.9.2
URL Snooper v2.30.01    DonationCoder.com    14.11.11        
USB PC Camera 301P                1.00.000
V-Station 1.5.1    Novation Digital Music Systems Ltd.    2.8.10        1.5.1
Virtual Earth 3D (Beta)    Microsoft Corporation    22.5.09    16,48 MB    4.0.903.16005
Visual C++ Redistributables    PACE Anti-Piracy, Inc.    10.6.14        1.3.0.8766
Visual Pinball VPInstaller 1.0.3    VPForums.org    5.5.15        VPInstaller 1.0.3
Voxengo Deconvolver 1.9        13.7.14        
Voxengo GlissEQ VST 2.9.1        22.5.14        
VSDC Free Video Editor version 3.3.5.411    Flash-Integro LLC    17.2.16        3.3.5.411
Waves Complete VST RTAS TDM v7.1.16        30.1.11        
Widget vodafone.it    Vodafone Omnitel N.V.    23.9.11        1.7.0
Windows Driver Package - Marvell Inc. (mv61xx) SCSIAdapter  (05/24/2012 1.2.0.8400)    Marvell Inc.    14.7.14        05/24/2012 1.2.0.8400
Windows Driver Package - Marvell Inc. System  (05/24/2012 1.2.0.8400)    Marvell Inc.    14.7.14        05/24/2012 1.2.0.8400
Windows Installer Clean Up    Microsoft Corporation    17.3.09    0,30 MB    3.00.00.0000
Windows Internet Explorer 8    Microsoft Corporation    19.12.13        20090308.140743
Windows Live Sign-in Assistant    Microsoft Corporation    4.5.11    1,93 MB    5.000.818.5
Windows Live Upload Tool    Microsoft Corporation    4.5.11    0,22 MB    14.0.8014.1029
Windows Management Framework Core    Microsoft Corporation    5.5.12        
Windows Media Format 11 runtime        22.5.14        
Windows Media Player 11        22.5.14        
Windows Resource Kit Tools    Microsoft Corporation    5.5.12    18,66 MB    5.2.3790
Windows Search 4.0    Microsoft Corporation    25.2.14        04.00.6001.503
Windows XP Service Pack 3    Microsoft Corporation    18.10.08        20080414.031525
WinHTTrack Website Copier 3.48-3    HTTrack    30.4.14        3.48.3
WinPcap 4.1.2    CACE Technologies    22.5.14        4.1.0.2001
WinRAR archiver        22.5.14        
WinSplit Revolution (v11.04)    Raphael Lencrerot    22.5.14        11.04
Wisdom-soft ScreenHunter 5.0 Free    Wisdom Software Inc.    22.5.14        
Yak VoIP Special Offer    Intel Corporation    26.5.07    0,01 MB    1.0.0
Youtube Downloader HD v. 2.9.9.21    YoutubeDownloaderHD.com    8.2.15        
ZipGenius 6.3    Wininizio.it Software    21.8.12        6.3
µTorrent    BitTorrent Inc.    28.2.16        3.4.2.32126
 



#11 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:57 PM

Posted 29 February 2016 - 06:25 AM

Suggest Disabling these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    HKCU:Run    f.lux    Flux Software LLC    "C:\Documents and Settings\Owner\Local Settings\Application Data\FluxSoftware\Flux\flux.exe" /noshow
Yes    HKCU:Run    Free Internet Window Washer        C:\Program Files\Free Internet Window Washer\Clearpch.exe -Start
Yes    HKCU:Run    FreeCT    Comfort Software Group    C:\Program Files\FreeCountdownTimer\FreeCountdownTimer.exe -autorun
Yes    HKCU:Run    Google Update    Google Inc.    "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
Yes    HKCU:Run    iCloudServices    Apple Inc.    C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

Yes    HKCU:Run    Skype    Skype Technologies S.A.    "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
Yes    HKCU:Run    Taskbar Shuffle        C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe

Yes    HKLM:Run    Acrobat Assistant 8.0    Adobe Systems Inc.    "F:\Adobe Acrobat\Acrobat\Acrotray.exe"
Yes    HKLM:Run    Adobe Acrobat Speed Launcher    Adobe Systems Incorporated    "F:\Adobe Acrobat\Acrobat\Acrobat_sl.exe"
Yes    HKLM:Run    Adobe ARM    Adobe Systems Incorporated    "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes    HKLM:Run    AppleSyncNotifier    Apple Inc.    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
Yes    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes    HKLM:Run    bit4id store register    Microsoft Corporation    RUNDLL32.EXE "C:\WINDOWS\system32\bit4cnsp.dll",RegisterMyPhysicalStore

Yes    HKLM:Run    ISUSPM Startup    Macrovision Corporation    "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
Yes    HKLM:Run    ISUSScheduler    Macrovision Corporation    "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

Yes    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Program Files\QuickTime\QTTask.exe" -atboottime
Yes    HKLM:Run    SwitchBoard    Adobe Systems Incorporated    C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

Yes    Startup User    RescueTime.lnk    RescueTime, Inc.    C:\Program Files\RescueTime\RescueTime.exe
Yes    Startup User    Shortcut to stickies.exe.lnk    Zhorn Software    C:\Program Files\Stickies\stickies.exe

 

Disable these Scheduled Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    Defraggler Volume D Task    Piriform Ltd    C:\Program Files\Defraggler\df.exe "D:" /ts /user "Owner" /appPath "C:\Program Files\Defraggler"  /QD

Yes    Task    DropboxUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003Core    Dropbox, Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe /c
Yes    Task    DropboxUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003UA    Dropbox, Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes    Task    G2MUpdateTask-S-1-5-21-796845957-790525478-839522115-1003    Citrix Online, a division of Citrix Systems, Inc.    C:\Program Files\Citrix\GoToMeeting\4431\g2mupdate.exe
Yes    Task    G2MUploadTask-S-1-5-21-796845957-790525478-839522115-1003    Citrix Online, a division of Citrix Systems, Inc.    C:\Program Files\Citrix\GoToMeeting\4431\g2mupload.exe
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003Core    Google Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskUserS-1-5-21-796845957-790525478-839522115-1003UA    Google Inc.    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    Microsoft Windows XP End of Service Notification Logon    Microsoft Corporation    C:\WINDOWS\system32\xp_eos.exe -c
Yes    Task    Microsoft Windows XP End of Service Notification Monthly    Microsoft Corporation    C:\WINDOWS\system32\xp_eos.exe
 

Uninstall these programs:  (If you think you would rather keep one or more of these....do that)

Adobe AIR    Adobe Systems Incorporated    27.9.13        3.8.0.1430
Adobe Community Help    Adobe Systems Incorporated.    7.5.11        3.4.980
Adobe Content Viewer    Adobe Systems Incorporated    7.5.11        1.4.0
Adobe Download Assistant    Adobe Systems Incorporated    7.5.11        1.0.0
Adobe Download Manager    NOS Microsystems Ltd.    22.5.14        1.6.2.63
Adobe Dreamweaver CS3    Adobe Systems Incorporated    17.10.10        9.0

Adobe Media Player    Adobe Systems Incorporated    12.5.10        1.8

ESET Online Scanner v3        24.9.15      

Java 7 Update 55    Oracle    27.1.14    118,00 MB    7.0.550
Java™ 6 Update 39    Oracle    12.8.12    91,84 MB    6.0.390

Microsoft Silverlight    Microsoft Corporation    24.7.14    394,00 MB    5.1.30514.0

Safari    Apple Inc.    19.3.13    105,00 MB    5.34.57.2
Secunia PSI (2.0.0.4003)    Secunia    22.5.14        2.0.0.4003

Sophos Virus Removal Tool    Sophos Limited    5.12.15    141,00 MB    2.5.5

µTorrent    BitTorrent Inc.    28.2.16        3.4.2.32126 (VERY RISKY to use to download free stuff)


Edited by buddy215, 29 February 2016 - 06:25 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 Tilkon

Tilkon
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 29 February 2016 - 09:54 AM

just some question:

 

1. f.lux is a software automatically setting the brightness of the screen according to the day time. I am happy with it running at startup. is it ok? or do you recommend to disable it at startup for some other reasons? same with free internet washer, free countdown timer, skype, taskbar shuffle, rescuetime, stickies. I am happy with them loading at startup, if there is no other reasons/danger not to do so.

2. same goes for scheduled defraggler. happy with it. Leave it or not?

3. Programs:

a. java and Silverlight are essential to surf certain sites. why do you suggest deleting?

b. Isn't Secunia a good tool to check vulnerabilities of installed programs?

c. utorrent: usually I download certain files, and then scan them to check they are virus-free. Is it enough safe, or do I risk to get infected just by opening the program? I mean, can I get infected not from opening certain downloaded infected files, but directly from utorrent? is it possible that malware are injected in uTorrent just from some of its opened ports?



#13 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:57 PM

Posted 29 February 2016 - 10:20 AM

That's the reason I said 'suggested'. Keep whatever you want to in Startups.

 

Old Java programs are malware magnets. Some games still require Java. I don't know if Java still supports XP3...you can check.

Most users don't need Java.

 

About the only use for Silverlight is viewing Microsoft help videos. Since Microsoft no longer supports XP3 I would think Silverlight is pretty much useless.

 

About the only program that Secunia would check for updates would be Flash since Windows is no longer supported and if you remove Java.

 

uTorrent comes with adware. Thinking that scanning downloaded files is sufficient works for well known malware but wouldn't work for the

malware that gets created every day and would miss a lot of adware. Did you install this yesterday? That's what is shown....28.2.16 


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 Tilkon

Tilkon
  • Topic Starter

  • Members
  • 135 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 29 February 2016 - 10:46 AM

thanks for the info.

 

about uTorrent, I don't remember installing it yesterday... I downloaded it around one week ago (but it was already installed). Yesterday played around with CCcleaner and some other tools, but can't remember really using uTorrent.. how it comes the system shows 28.2.16??



#15 buddy215

buddy215

  • Moderator
  • 13,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:57 PM

Posted 29 February 2016 - 10:51 AM

I don't know why a different install date would show. Tis a mystery to me.

 

Is the computer running up to par.....any problems after rebooting?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users