SystemLook

For stuff that really doesn't have ANYTHING to do with Puppy
Post Reply
Message
Author
User avatar
NickAu
Posts: 183
Joined: Mon 30 Dec 2013, 04:32
Location: Far North Coast NSW ɹÇ￾punuÊ￾op

SystemLook

#1 Post by NickAu »

Lets play a game. This is just 1 of the basic scans for Windows that a trained malware removal person would use. This scan is looking for toolbars. We will play other games soon.

Both the 32 and 64 bit System Look are included.

The point of this game IS NOT to clean up a pc, But to see just how clean some guys pc's are, Because as they state " I dont run Antivirus firewall or update my Windows I know what I am doing.

SystemLook
Please download SystemLook_.exe by jpshortstuff and save it to your Desktop.


Right click on SystemLook_exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
Highlight and copy the following entries: into SystemLook's main text entry window.
:filefind
*AskToolbar*
*Ask.com*
*Bandoo*
*Babylon*
*Conduit*
*Coupons*
*datamngr*
*Fun4IM*
*Funmoods*
*iLivid*
*IObit*
*Iminent*
*Rapport*
*searchab*
*Searchqu*
*Searchnu*
*SearchProtect*
*Slick*
*smartbar*
*Sweet*
*Tarma*
*Trusteer*
*trolltech*
*Vafmusic2*
*vshare*
*Websteroids*
*WiseConvert*
*whitesmoke*
*FriendsChecker*
*UnfriendApp*
*ExFriendAlert*
*RecordChecker*
*SearchDonkey*
*InfoSeeker*
*SecureWeb*
*TVGenie*
*TubeDimmer*
*Yontoo*

:folderfind
*AskToolbar*
*Ask.com*
*Babylon*
*Bandoo*
*Conduit*
*Coupons*
*datamngr*
*Rapport*
*smartbar*
*Fun4IM*
*Funmoods*
*iLivid*
*IObit*
*Iminent*
*searchab*
*Searchqu*
*Searchnu*
*SearchProtect*
*Slick*
*smartbar*
*Sweet*
*Tarma*
*Trusteer*
*trolltech*
*Vafmusic2*
*vshare*
*Websteroids*
*WiseConvert*
*whitesmoke*
*FriendsChecker*
*UnfriendApp*
*ExFriendAlert*
*RecordChecker*
*SearchDonkey*
*InfoSeeker*
*SecureWeb*
*TVGenie*
*TubeDimmer*
*Yontoo*

:Regfind
AskToolbar
Ask.com
Babylon
Bandoo
Conduit
Coupons
datamngr
Fun4IM
Funmoods
iLivid
IObit
Iminent
Rapport
searchab
Searchqu
Searchnu
SearchProtect
Slick
smartbar
Sweetpack
Tarma
Trusteer
trolltech
Vafmusic2
vshare
Websteroids
WiseConvert
whitesmoke
FriendsChecker
UnfriendApp
ExFriendAlert
RecordChecker
SearchDonkey
InfoSeeker
SecureWeb
TVGenie
TubeDimmer
Yontoo
Press the Look button to start the scan. Please be patient - it may take a while...
When finished, a Notepad window will open with the results of the scan.
A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
Please post the contents of the SystemLook.txt file in your next reply.
Attachments
syslookx64.tar.gz
(75.05 KiB) Downloaded 15 times
SyslookX32.tar.gz
(31.82 KiB) Downloaded 17 times
[b]Precise Puppy 5.7.1 Retro Fatty Edition. Hp Compaq 2510p 2x Intel(R) Core(TM) 2 Duo Cpu U7700@ 1.33 ghz,2 gig ram Booting from 8 gig micro USB + 32 gig SD card instead of HDD[/b]
Top
User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#2 Post by mikeb »

Ok done.
Unfortunately systemlook will not work on windows 2000 as it wants a check for 64 bit function in the kernel.
That's a shame as I have installs up to 10 years old that are used dailyand run like the day they were installed which would be a good test.

Attached is the result from a lesser used XP install in glorious unicode that geany won't open so it must be genuine :D

A quick look in notebook only seemed to find some mp3 files with sweet and slick in the name...I suspect 2000 woiuld give a similar result since it looked like it was looking for IE related stuff.

I do have hijack this around but such things tend to gather dust due to lack of need.

Also note the test was done on a machine with 2000 and 2 XP installs on partition c: so 2000 may have been partitially scanned anyway.

mike
Attachments
systemlook.zip
(2.06 KiB) Downloaded 16 times
Top
User avatar
NickAu
Posts: 183
Joined: Mon 30 Dec 2013, 04:32
Location: Far North Coast NSW ɹÇ￾punuÊ￾op

#3 Post by NickAu »

Please note I am not giving advice on if the pc is clean or not or how to remove anything 0r if infact there is anything to remove I AM NOT A TRAINED MALWARE REMOVAL EXPERT.... yet.. remember we are only playing a game

Code: Select all

Searching for "*Slick*"
C:\Program Files\FLStudio\SamplesPDJ\DRUM&BASE\SLICK80SFILMTRACK5_BPM130.wav	--a---- 49665 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] DF3DB991C090D7D665824C9E694EC237
C:\Program Files\FLStudio\SamplesPDJ\SNARE\SLICK SNARE.wav	--a---- 25720 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] 1F63C74CE71B3C5622A109D818B27E1F
C:\Program Files\FLStudio\SamplesPDJ\SYNTHESIZER2\SLICK80SFILMTRACK1_BPM130.wav	--a---- 54584 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] DA1194427804BAEEA2F3C65A07AA4710
C:\Program Files\FLStudio\SamplesPDJ\SYNTHESIZER2\SLICK80SFILMTRACK2_BPM130.wav	--a---- 51030 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] F417B320AEE717C3FACAF08B5ADC7D0A
C:\Program Files\FLStudio\SamplesPDJ\SYNTHESIZER2\SLICK80SFILMTRACK3_BPM130.wav	--a---- 84138 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] F935CBC286D2472D94F3843F3DF337EE
C:\Program Files\FLStudio\SamplesPDJ\SYNTHESIZER2\SLICK80SFILMTRACK4_BPM130.wav	--a---- 63479 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] DA8C7CDB73DBAF29960AD19C5070D662

Searching for "*smartbar*"
No files found.

Searching for "*Sweet*"
C:\Program Files\FLStudio\Data\Patches\Packs\SimSynth\Misc\sweet dreams.syn	--a---- 6763 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] 6D61ABA14BCFE7A2E5F03C92B472737D
C:\Program Files\FLStudio\Data\Patches\Packs\SimSynth\Riffs\SweetLeaf.syn	--a---- 6763 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] 71745F74D62894CD5B94FA738E8C68F5
C:\Program Files\FLStudio\E jay samples\synthés\sweet.wav	--a---- 42907 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] C2541C7F88A9C77089E29CA4362793C3
C:\Program Files\FLStudio\E jay samples\synthés\sweet125.wav	--a---- 48360 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] 57B9750ED2D1DD4D6D098C104291AEEF
C:\Program Files\FLStudio\Our samples\sweet.wav	--a---- 299432 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] ABEAF427E2D1B22E049DA808488CDB83
C:\Program Files\FLStudio\Our samples\love me not\intro sweet.wav	--a---- 372780 bytes	[13:52 26/09/2009]	[13:52 26/09/2009] 1B3569961B51CBE8C566AFB8A3D97570
C:\winnt\profiles\Administrator\Recent\10 - Sweet Lorraine.mp3.lnk	--a---- 481 bytes	[22:36 17/01/2014]	[22:36 17/01/2014] B1AC7BBA0F09EF936B96912054899033

Searching for "*Tarma*"
C:\Program Files\Orbiter\Meshes\Tarmac2.msh	--a---- 1786 bytes	[19:41 30/07/2012]	[05:43 17/07/2001] EDA02F6CF4E9CBD92C43F20A4FE5F52A
But thats what was found on your pc. *Slick*" and *Sweet*".*Tarma*

Should you wish to remove these I can point you to a forum that will help you Fully scan and clean up your pc if needed.

Remember this was a BASIC scan for toolbars only. Also do not remove any entries IF you do not know what you are doing.
You would not get any help on a malware removal site for win2k as it is no longer supported by Microsoft and therefore it is considered obsolete and in secure.
XP will be the same after April 8.
I do have hijack this around but such things tend to gather dust due to lack of need.
Hmm Hijack this about as usefull as Breasts on a bull.And dangerous in the wrong hands, Just like super antispyware. but should you wish to run it then copy paste the result into here and analyse the result.
http://www.hijackthis.de/
Nick

Ps. This is the Hijack this result from the deamon spawns pc. (My loving and kind 15 year old daughter.)
Attachments
Hijackthis.tar.gz
(2.8 KiB) Downloaded 11 times
[b]Precise Puppy 5.7.1 Retro Fatty Edition. Hp Compaq 2510p 2x Intel(R) Core(TM) 2 Duo Cpu U7700@ 1.33 ghz,2 gig ram Booting from 8 gig micro USB + 32 gig SD card instead of HDD[/b]
Top
User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#4 Post by mikeb »

But thats what was found on your pc. *Slick*" and *Sweet*".*Tarma*

Should you wish to remove these I can point you to a forum that will help you Fully scan and clean up your pc if needed.
Are you taking the piss.

Read the flaming log...these are wav samples from fruity loops that just happen to have those characters in the name name and the last one is a model from orbiter space flight simulator. For malware they would have to have exe , bat , dll to be any kind of threat.

Also note they are in PROGRAM FILES and not in the windows system at all including NOTHING in the registry. If this is a serious test I passed with flying colours.

No checker for 2000...damn shame but as mentioned it would have been scanned anyway being on the same drive.

As said before I have a 10 year old windows 2000 install that has never had any antivirus and only the router filewall...it has had ZERO infections (the sasser was previously when testing only).

Clearly you know sod all about security and infections so please do not be advising anyone on the matter.

mike
Top
User avatar
NickAu
Posts: 183
Joined: Mon 30 Dec 2013, 04:32
Location: Far North Coast NSW ɹÇ￾punuÊ￾op

#5 Post by NickAu »

Please note I am not giving advice on if the pc is clean or not or how to remove anything 0r if infact there is anything to remove
read that. Those files would likley be removed I a clean up. And yes the typical I am a Linux uber God atittude comes out finally.
[b]Precise Puppy 5.7.1 Retro Fatty Edition. Hp Compaq 2510p 2x Intel(R) Core(TM) 2 Duo Cpu U7700@ 1.33 ghz,2 gig ram Booting from 8 gig micro USB + 32 gig SD card instead of HDD[/b]
Top
User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#6 Post by mikeb »

read that. Those files would likley be removed I a clean up. And yes the typical I am a Linux uber God atittude comes out finally.
then you are an idiot who should not be advising anything since you would remove perfectly valid music files that your lack of ability cannot recognise....ask anyone with half a mind here and they would agree with me.

No elitist linux crap...in fact I use windows half the time and am just a dabbling user of computers...... you are the one strutting around telling us all what to do when you clearly do not have a clue.

mike
Top
Post Reply

Return to “Truly off-topic conversations”