WinXP EOS -> it's really unsafe after April 08, 2014?

Author	Message
BilBg Volunteer tester Send message Joined: 27 May 07 Posts: 3720 Credit: 9,385,827 RAC: 0	Message 1502234 - Posted: 10 Apr 2014, 17:34:47 UTC - in response to Message 1502160. Last modified: 10 Apr 2014, 17:47:08 UTC The CNET Installer is detected only by 5 antivirus programs: https://www.virustotal.com/en/file/3706b20574f1aff6f103b9ba085f54c95e78ae70a26f90baa59aa212b08480b4/analysis/1397147162/ ... and it is the same file regardless of what do you think you Download! The contents (bytes) of the file are identical - look in tab 'Additional details' and then 'File names' (since all have the same SHA256 they are the same file) Examples: cbsidlm-cbsi188-BSPlayer-ORG-10722361.exe cbsidlm-cbsi188-ATI_Catalyst_Software_Suite_Windows_XP_32bit-ORG-10347315.exe cbsidlm-cbsi188-Autodesk_3ds_Max-ORG-75451614.exe cbsidlm-cbsi188-Need_for_Speed_Underground_2-ORG-10331372.exe cbsidlm-cbsi188-Nero_2014_Platinum-ORG-10028984.exe cbsidlm-cbsi188-HP_DeskJet_1120C_Printer-ORG-121650.exe cbsidlm-cbsi188-Free_AVI_Video_Converter-ORG-75685273.exe Obviously the only difference is the filename So this installer do not contain 'your' program (nor the adware it installs? - it seems too small) The only way it knows what and where to get is its filename Probably it makes some URL from its filename, contacts it and Downloads the adware and 'your' program This can be proven (if you are 'brave' enough) by renaming the file to some garbage (AAAAAAABBBBBB.exe) and then running it - it will not know what program to get from web (but I'm not sure about the adware which may be hard-coded - the same adware co-installed for many programs) (7-Zip shows some files in this CNET Installer but attempt to extract them for most gives 'File is broken') Get "Malwarebytes from download.com" and "became infected with a browser hijacker" "CNET has been sued by numerous software manufacturers for bundling malware with installments of their software" http://www.pirate4x4.com/forum/general-chit-chat/1296393-dont-use-download-com.html P.S. This (above) may be off-topic but it shows that the main reason for vulnerability is not Windows XP but: - the user actions - most Antiviruses not blocking this 'thing' because it comes from big site (and instead focus on producing false-positives for harmless for the user programs) - the 'big site' don't care about people but only for money - the law enforcement (courts) don't have nerve to close this site or require it to become clean (this adware wrapping/pushing behaviour continues for years) "This practice of hiding software and installing it as if it is part of Nmap actually violates the softwareâ€™s copyright and trademark" http://www.geek.com/news/nmap-warns-download-com-bundles-malware-with-its-software-1446963/ Â - ALF - "Find out what you don't do well ..... then don't do it!" :) Â ID: 1502234 ·

TBar Volunteer tester Send message Joined: 22 May 99 Posts: 5204 Credit: 840,779,836 RAC: 2,768	Message 1502279 - Posted: 10 Apr 2014, 18:29:38 UTC - in response to Message 1502160. Last modified: 10 Apr 2014, 19:26:25 UTC Well, I've looked everywhere for the small web installer I used for Vista. I had moved everything to the USB Pendrive before installing the OSes, so, the only copy was on the Pendrive. It was a couple months old and about half a megabyte in size. I did find a similar AVG installer from early 2013 on another machine and it was from cnet. Here's the report from Malwarebytes, I had uninstalled a few items using the Control Panel before scanning; 4/7/2014 3:24:08 PM mbam-log-2014-04-07 (15-24-08).txt Scan type: Full scan (C:\\|) Scan options enabled: Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken \| PUP \| PUM Scan options disabled: P2P Objects scanned: 289212 Time elapsed: 1 hour(s), 34 minute(s), 32 second(s) Memory Processes Detected: 2 C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe (PUP.Optional.Wajam.A) -> 5936 -> Delete on reboot. C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe (PUP.Optional.Wajam.A) -> 4696 -> Delete on reboot. Memory Modules Detected: 2 C:\Program Files\Wajam\Wajam Internet Enhancer\FiddlerCore.dll (PUP.Optional.Wajam.A) -> Delete on reboot. C:\Program Files\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll (PUP.Optional.Wajam.A) -> Delete on reboot. Registry Keys Detected: 9 HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. HKCR\CrossriderApp0054248.BHO (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully. HKCR\CrossriderApp0054248.BHO.1 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully. HKCR\CrossriderApp0054248.Sandbox (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully. HKCR\CrossriderApp0054248.Sandbox.1 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully. HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\DomaIQ (PUP.Optional.DomaIQ.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. HKLM\SYSTEM\CurrentControlSet\Services\Wajam Internet Enhancer Service (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully. Folders Detected: 25 C:\Program Files\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot. C:\Program Files\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Delete on reboot. C:\Program Files\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot. C:\Program Files\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot. C:\Program Files\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot. C:\Program Files\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Delete on reboot. C:\Program Files\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot. C:\Program Files\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam (PUP.Optional.Wajam.A) -> Delete on reboot. C:\Program Files\Wajam\Logos (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer (PUP.Optional.Wajam.A) -> Delete on reboot. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. Files Detected: 149 C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Delete on reboot. C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Delete on reboot. C:\Program Files\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Delete on reboot. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\nsdBD4B.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\nssC151.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\nst11C6.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\nsy8C0.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2014.exe\6c68e48be3d3439cb7c289b7c110033c\parent.txt (PUP.Optional.DomaIQ) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2014.exe\6c68e48be3d3439cb7c289b7c110033c\software\DesktopWeatherAlertsSetup.exe (PUP.Optional.WeatherAlerts.A) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2014.exe\6c68e48be3d3439cb7c289b7c110033c\software\sp-downloader.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2014.exe\6c68e48be3d3439cb7c289b7c110033c\software\wajam_download.exe (PUP.Optional.Wajam) -> Quarantined and deleted successfully. C:\Users\TBar\AppData\Local\Temp\nsn95EC\SpSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\bgSettingsDS.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe (PUP.Optional.Wajam.A) -> Delete on reboot. C:\Program Files\Wajam\uninstall.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\amazon.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\argos.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\ask.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\bestbuy.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\ebay.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\etsy.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\facebook.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\favicon.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\google.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\homedepot.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\ikea.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\imdb.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\lowes.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\mercado.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\mysearchweb.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\myshopping.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\searchresult.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\sears.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\setting.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\settings.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\shopping.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\target.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\tesco.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\tripadvisor.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\twitter.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\wajam.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\walmart.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\wiki.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\yahoo.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Logos\zalando.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer\2845734c09907de22309ed6090c7c5b9 (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer\71c85049b965923d6f2589a74f8652ed (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer\FiddlerCore.dll (PUP.Optional.Wajam.A) -> Delete on reboot. C:\Program Files\Wajam\Wajam Internet Enhancer\HtmlAgilityPack.dll (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer\makecert.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll (PUP.Optional.Wajam.A) -> Delete on reboot. C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe (PUP.Optional.Wajam.A) -> Delete on reboot. C:\Program Files\Wajam\Wajam Internet Enhancer\wie.json (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files\Wajam\Wajam Internet Enhancer\WJManifest.json (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Settings.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Facebook.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Twitter.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Wajam Website.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Ask.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Google.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\IMDb.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Shopping.com.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\TripAdvisor.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Wikipedia.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Yahoo!.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Amazon.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Argos.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ebay.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Etsy.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\HomeDepot.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ikea.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Lowe's.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Mercadolivre.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\MyShopping.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Sears.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Target.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Tesco.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Walmart.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Zalando.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam\uninstall.lnk (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. (end) I just found 19 Folders for all that junk in C:\Users\TBar\AppData\Local\Temp\AVG-Anti-Virus-Free-Edition-2014. The only thing left in the folders is a html instruction file. So, it most definitely came from the cnet AVG installer. Nice. All that from just trying to install an AntiVirus program. Never again cnet... ID: 1502279 ·

Juha Volunteer tester Send message Joined: 7 Mar 04 Posts: 388 Credit: 1,857,738 RAC: 0	Message 1502310 - Posted: 10 Apr 2014, 19:17:24 UTC - in response to Message 1502279. Report this to AVG. I'm hoping they care about this kind of stuff. ID: 1502310 ·

Batter Up Send message Joined: 5 May 99 Posts: 1946 Credit: 24,860,347 RAC: 0	Message 1502408 - Posted: 10 Apr 2014, 22:25:40 UTC - in response to Message 1502310. Report this to AVG. I'm hoping they care about this kind of stuff. AVG is in on it. I PAID for software, not anti virus, and AVG did a sneak install; even after me telling it not to. I just did a Windows update, all "important" and the MS store appeared on my task bar again. Google has shown the way to make big bucks from crap ware. This is like paying for CATV to watch infomercials. I'm not asking for a free lunch but keep your fingers off my lunch that I paid for. I'm the go to guy when friends have PC problems. The amount of crap ware I find is staggering. Last week I found three AV all running at the same time, AVG was one. This was on a Win 7 OS so MS doesn't care about the most likely infections. In the AVG types defense they uninstalled from control panel unlike Sony's root kits. ID: 1502408 ·

Batter Up Send message Joined: 5 May 99 Posts: 1946 Credit: 24,860,347 RAC: 0	Message 1502639 - Posted: 11 Apr 2014, 12:20:18 UTC - in response to Message 1502408. Last modified: 11 Apr 2014, 13:07:10 UTC I just did a Windows update, all "important" and the MS store appeared on my task bar again. Upon further review that MS update makes Win 8.1 "Metro" behave more like a desktop OS. This must be the doing of MS's new "Technology Advisory" Bill Gates. ID: 1502639 ·

Juha Volunteer tester Send message Joined: 7 Mar 04 Posts: 388 Credit: 1,857,738 RAC: 0	Message 1507283 - Posted: 22 Apr 2014, 15:04:54 UTC - in response to Message 1502279. Here's clean AVG installers: http://free.avg.com/us-en/download-free-all-product . Well at least I hope they are clean. I used the online installer from that page the other day... ID: 1507283 ·

Cosmic_Ocean Send message Joined: 23 Dec 00 Posts: 3027 Credit: 13,516,867 RAC: 13	Message 1507493 - Posted: 23 Apr 2014, 4:44:56 UTC Last modified: 23 Apr 2014, 4:47:15 UTC I found very very recently that CNET (aka: download.com) is really sneaky and uses misdirection/sleight of hand. I wanted to download something the other day and remembered seeing that the installer I wanted was 10.3 MB. But it only downloaded a 609 KB installer. Started the process over and paid more attention... sure enough, the big green download button is to use CNET's download manager and software distribution back-end to "make sure your download is secure" and of course..it comes with a bunch of toolbars and shortcuts and trial softwares of many many things automatically. I went back through and had to pay attention, and finally found the tiny text link for a direct download to the actual installer...bypassing the download manager altogether. If my memory serves.. on just about any page where you get to "your download should start momentarily..." you can just modify the URL and add &dlm=0 (translates to: "use download manger=no") to the end of it and press enter to re-load the page with the new instruction to send to the server. Don't quote me on that one though... I remember when cnet/download.com was actually a good website...then they sold out to every adware and malware company that exists. Urg. Linux laptop: record uptime: 1511d 20h 19m (ended due to the power brick giving-up) ID: 1507493 ·

Fred E. Volunteer tester Send message Joined: 22 Jul 99 Posts: 768 Credit: 24,140,697 RAC: 0	Message 1507585 - Posted: 23 Apr 2014, 13:55:36 UTC I remember when cnet/download.com was actually a good website...then they sold out to every adware and malware company that exists. Urg. Certainly agree. I tried them yesterday to try to find something, and was disappointed at all the junk files they promoted. Used to use them a lot. Another Fred Support SETI@home when you search the Web with GoodSearch or shop online with GoodShop. ID: 1507585 ·

©2025 University of California

SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.