Recent Posts

Pages: [1] 2 3 ... 10
Thanks again Seedy :). Log below

Zoek.exe v5.0.0.1 Updated 26-November-2015
Tool run by Krystal on Thu 11/26/2015 at 18:49:28.40.
Microsoft Windows 7 Starter  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Krystal\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11/26/2015 6:55:31 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\CCleaner
C:\Program Files\HitmanPro
C:\Program Files\MSXML 4.0
C:\Program Files\Common Files\Symantec Shared
C:\Users\Krystal\AppData\Roaming\Media Player Classic

==== Installed Programs ======================

32 Bit HP CIO Components Installer 
Adobe Flash Player 11 ActiveX 
Adobe Flash Player 11 Plugin 
Adobe Reader XI (11.0.02) 
Advanced Audio FX Engine 
Aleks 3.18 
Apple Application Support 
Apple Mobile Device Support 
Apple Software Update 
avast Free Antivirus 
Battery Meter 
Bing Rewards Client Installer 
Cisco EAP-FAST Module 
Cisco LEAP Module 
Cisco PEAP Module 
Dell DataSafe Local Backup 
Dell DataSafe Online 
Dell Dock 
Dell Edoc Viewer 
Dell Getting Started Guide 
Dell Support Center (Support Software) 
Dell Webcam Central 
Delta Chrome Toolbar 
Delta toolbar   
Driver Mender 
Function Keys 
HP Customer Participation Program 14.0 
HP Imaging Device Functions 14.0 
HP Photo Creations 
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 
HP Smart Web Printing 4.60 
HP Solution Center 14.0 
HP Update 
Intel(R) Graphics Media Accelerator Driver 
Java 7 Update 10 
Java Auto Updater 
Junk Mail filter update 
Live Cam Avatar Creator 
Media Player Classic - Home Cinema v1.4.2499.0 
Mesh Runtime 
Messenger Companion 
Microsoft .NET Framework 4 Client Profile 
Microsoft .NET Framework 4 Extended 
Microsoft Application Error Reporting 
Microsoft Default Manager 
Microsoft Office 2010 
Microsoft Office Click-to-Run 2010 
Microsoft Office Starter 2010 - English 
Microsoft Silverlight 
Microsoft SQL Server 2005 Compact Edition [ENU] 
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 
Microsoft Visual C++ 2005 Redistributable 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 
Mozilla Firefox 19.0.2 (x86 en-US) 
Mozilla Maintenance Service 
MSXML 4.0 SP2 (KB954430) 
MSXML 4.0 SP2 (KB973688) 
Oceanis Change Background Windows 7 3.4.1 
PDF Reader 
PDF Reader Packages 
Realtek Ethernet Controller Driver For Windows 7 
Realtek High Definition Audio Driver 
REALTEK PCIE Wireless LAN Driver 
Realtek USB 2.0 Card Reader 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) 
Security Update for Microsoft .NET Framework 4 Extended (KB2487367) 
Security Update for Microsoft .NET Framework 4 Extended (KB2656351) 
Security Update for Microsoft .NET Framework 4 Extended (KB2736428) 
Security Update for Microsoft .NET Framework 4 Extended (KB2742595) 
Shop for HP Supplies 
Skype Toolbars 
SkypeT 5.10 
Synaptics Pointing Device Driver 
TeamViewer 6 
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) 
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) 
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) 
Update for Microsoft .NET Framework 4 Extended (KB2468871) 
Update for Microsoft .NET Framework 4 Extended (KB2533523) 
Update for Microsoft .NET Framework 4 Extended (KB2600217) 
Update for PDF Reader 
Windows Live Communications Platform 
Windows Live Essentials 
Windows Live Family Safety 
Windows Live ID Sign-in Assistant 
Windows Live Installer 
Windows Live Mail 
Windows Live Mesh 
Windows Live Mesh ActiveX Control for Remote Connections 
Windows Live Messenger 
Windows Live Messenger Companion Core 
Windows Live MIME IFilter 
Windows Live Movie Maker 
Windows Live Photo Common 
Windows Live Photo Gallery 
Windows Live PIMT Platform 
Windows Live Remote Client 
Windows Live Remote Client Resources 
Windows Live Remote Service 
Windows Live Remote Service Resources 
Windows Live SOXE 
Windows Live SOXE Definitions 
Windows Live Sync 
Windows Live UX Platform 
Windows Live UX Platform Language Pack 
Windows Live Writer 
Windows Live Writer Resources 
Yontoo 1.10.03 

==== Running Processes ======================

C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ 3\program\soffice.exe
C:\Program Files\ 3\program\soffice.bin
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k swprv

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe
R2 - [AERTFilters] - Andrea RT Filters Service - c:\program files\realtek\audio\hda\aertsrv.exe
R2 - [Apple Mobile Device] - Apple Mobile Device - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
R2 - [Bonjour Service] - Bonjour Service - c:\program files\bonjour\mdnsresponder.exe
R2 - [cvhsvc] - Client Virtualization Handler - c:\program files\common files\microsoft shared\virtualization handler\cvhsvc.exe
R2 - [DockLoginService] - Dock Login Service - c:\program files\dell\delldock\docklogin.exe
R2 - [sftlist] - Application Virtualization Client - c:\program files\microsoft application virtualization client\sftlist.exe
R2 - [SftService] - SoftThinks Agent Service - c:\program files\dell datasafe local backup\sftservice.exe
R2 - [TeamViewer6] - TeamViewer 6 - c:\program files\teamviewer\version6\teamviewer_service.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [iPod Service] - iPod Service - c:\program files\ipod\bin\ipodservice.exe
R3 - [sftvsa] - Application Virtualization Service Agent - c:\program files\microsoft application virtualization client\sftvsa.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\\framework\v4.0.30319\mscorsvw.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\\framework\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache - c:\windows\\framework\v3.0\wpf\presentationfontcache.exe
S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files\windows live\family safety\fsssvc.exe
S3 - [IDriverT] - InstallDriver Table Manager - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office  Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\\framework\v2.0.50727\mscorsvw.exe
S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

==== System Specs ======================

Windows: Windows 7 Starter Edition Service Pack 1 (Build 7601)
Memory (RAM): 1014 MB
CPU Info: Intel(R) Atom(TM) CPU N455   @ 1.66GHz
CPU Speed: 1690.9 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) Graphics Media Accelerator 3150 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1024 X 600 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC | Realtek PCIe FE Family Controller
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  139.2GB | Q:  0.0MB
Hard Disks - Free: C:  106.1GB | Q:  0.0MB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 07/29/10 | DELL   - 6040000
Time Zone: Central Standard Time
Motherboard *: Dell Inc. 0GHG2G
Country: United States
Language: ENU

==== System Specs (Software) ======================

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Default Browser: Firefox   19.0.2
Internet Explorer Version: 10.0.9200.16540
Mozilla Firefox version: 19.0.2 (x86 en-US)
Adobe Reader version:
Sun Java version: 1.7.0_10-ea (32-bit)
Flash Player version: 11.6.602.180

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Krystal\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2015-11-27 00:22:57   D41D8CD98F00B204E9800998ECF8427E   0   ----a-w-   C:\Windows\System32\shoAA9D.tmp
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
====== C:\Users\Krystal\AppData\Roaming ======
====== C:\Users\Krystal ======

====== C: exe-files ==
=== C: other files ==

==== Startup Registry Enabled ======================

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"



"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"BTMeter"="C:\Program Files\Battery Meter\BTMeter.exe"
"CapsLKNotify"="C:\Program Files\CapsLKNotify\CapsLKNotify.exe"
"WSED"="C:\Program Files\WSED\WSED.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"Dell DataSafe Online"="C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe /m"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"DSUpdateLauncher"="C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe /NOCONSOLE /D=C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate /RUNAS C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"STToasterLauncher"="C:\Program Files\Dell DataSafe Local Backup\toasterLauncher.exe"
"Launcher"="C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~2\\browse~1\\261095~1.52\\{c16c1~1\\browse~1.dll "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Updater Service for StartNow Toolbar]

==== Startup Folders ======================

2010-09-19 04:48:01   2000   ----a-w-   C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2010-09-19 04:48:01   2000   ----a-w-   C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2012-12-06 07:11:28   1195   ----a-w-   C:\Users\Krystal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\DSite" [C:\Users\Krystal\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

""="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12/06/2012 12:42 AM]
"{0F827075-B026-42F3-885D-98981EE7B1AE}"="C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension" [03/01/2013 06:37 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Krystal\AppData\Roaming\Mozilla\Firefox\Profiles\49hukh42.default
- Delta Toolbar - %ProfilePath%\extensions\
- Oberon GamesBar - %ProfilePath%\extensions\
- ShopToWin22 - %ProfilePath%\extensions\{7cd0c597-24e0-45b0-8bde-2e79b3fc0499}
- XUL Cache - %ProfilePath%\extensions\{9c0285ea-4a94-4cfa-9a10-cfab648930d6}
- XUL Cache - %ProfilePath%\extensions\{e6392193-18a2-4ad1-83e1-e5b76b88de08}
- Yontoo - %ProfilePath%\extensions\

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Krystal\AppData\Roaming\Mozilla\Firefox\Profiles\49hukh42.default
47299371607DC2FB234444EEACB1639E   - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll -   Shockwave Flash
570A48F975661221A126FCFE3B38B7E1   - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -   Adobe Acrobat
B1BB8EDC9D83D8096EE873F04CEE600C   - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -   Adobe Acrobat
A5C14075B571AF1C9592595BE724D9D2   - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll -   Silverlight Plug-In
2C9271800AB1506D827E57AA34AF3563   - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -   Java(TM) Platform SE 7 U10
169D5E796A8BE647ACE2E8170A567208   - C:\Windows\system32\npDeployJava1.dll -   Java Deployment Toolkit
11EF47BE3D8A4A943E10A63870C1F2C6   - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll -   QuickTime Plug-in 7.7.3
BB7F5F4966E76578A3EC0D11C444C545   - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll -   QuickTime Plug-in 7.7.3
16112E74A62381C69456566D35F9E51E   - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -   QuickTime Plug-in 7.7.3
BB28A86CDFFFBB041C72AD9EFEAA00D0   - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -   QuickTime Plug-in 7.7.3
2DA7883A884BE60F9EB2810F67E0E361   - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -   QuickTime Plug-in 7.7.3
DE5507DBA44CC5B6869205871B64A587   - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -   QuickTime Plug-in 7.7.3
419680FCE774976FD752EB425D91AEDF   - C:\Program Files\QuickTime\Plugins\npqtplugin.dll -   QuickTime Plug-in 7.7.3
2658CE01D183BC62E7C46A1C9969632E   - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -   iTunes Application Detector
AC421A44DE902F2627F1E63793ED89CD   - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -   Windows Live? Photo Gallery
603EEEFCB32003955535EF9418C87BC9   - C:\Program Files\Common Files\Oberon Media\NCAdapter\\npapicomadapter.dll -   Oberon com adapter
15E298B5EC5B89C5994A59863969D9FF   - C:\Windows\system32\npmproxy.dll -   Microsoft® Windows® Operating System
2AA3703D87E1327A2290C9D416D89A28   - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll -   Microsoft® Silverlight

==== Chromium Look ======================

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Krystal\AppData\Roaming\BabSolution\CR\Delta.crx[02/25/2013 06:51 AM]
niapdbllcanepiiimjjndipklodoedlc - No path found[]
pgafcinpmmpklohkojmllohdhomoefph - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[02/19/2013 06:00 AM]

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"=""
"bProtector Start Page"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"=""
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{4FE13C31-89AB-4A65-89C0-AA98DDB64F88} -{searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
HKCU\SearchScopes "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
HKCU\SearchScopes "bProtectorDefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
HKCU\SearchScopes\{0169E633-8781-F882-9BC7-7B014AE4DE4E} -{searchTerms}&pc=Z206&form=ZGAIDF&install_date=20111012&iesrc={referrer:source}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} -{searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -{searchTerms}&affID=119351&babsrc=SP_ss&mntrId=30c1038b00000000000070f1a1f35809
HKCU\SearchScopes\{9578A017-2A09-43B7-8B88-AEA73B648DDC} -{searchTerms}&locale=en_US&apn_ptnrs=^AGX&apn_dtid=^YYYYYY^YY^US&apn_uid=d61881ef-de3e-462a-b44d-c3750610337a&apn_sauid=4E2C41B2-5774-4D89-BBBC-0693A27ED438

======== System Restore Points ========

RP137: 3/31/2013 12:37:13 PM - Windows Update
RP138: 4/5/2013 1:01:21 PM - Windows Update
RP139: 4/9/2013 9:20:54 PM - Windows Update
RP140: 4/11/2013 1:40:53 AM - Windows Update
RP141: 4/14/2013 1:33:54 PM - Windows Update
RP142: 4/17/2013 3:00:15 AM - Windows Update
RP143: 4/24/2013 12:48:47 AM - Windows Update
RP144: 11/26/2015 6:54:46 PM - zoek.exe restore point

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on Thu 11/26/2015 at 19:04:55.80 ======================
Topic has been re-openned at the Original Poster request.


Everyone move to Internet Explorer 11, Microsoft says

Windows 10 comes with Microsoft Edge, a completely new browser that’s supposed to replace Internet Explorer and give the Redmond-based tech giant a new chance in the fight against rivals such as Google and Mozilla, which are already dominating this side of the market.
C:\Program Files (x86)\CPUID\PC Wizard 2013\systweakasp_c.exe   MSIL/AdvancedSystemProtector.D potentially unwanted application   deleted - quarantined
C:\Users\David\Downloads\ccsetup505.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined
C:\Users\David\Downloads\ccsetup506.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined
C:\Users\David\Downloads\ccsetup508.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined
C:\Users\David\Downloads\ccsetup509.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined
C:\Users\David\Downloads\ccsetup510.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined
C:\Users\David\Downloads\ccsetup511.exe   Win32/Bundled.Toolbar.Google.D potentially unsafe application   deleted - quarantined
C:\Users\David\Downloads\pc-wizard_2014.2.13.exe   MSIL/AdvancedSystemProtector.D potentially unwanted application   deleted - quarantined

I also remember that ESET found a trojan last time that wasn't detected this time?
Hi Platypuss,

Here are the reports.


Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by David (Administrator) on Fri 27/11/2015 at 10:23:29.96

File System: 0

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

Scan was completed on Fri 27/11/2015 at 10:27:18.70
End of JRT log

  Hello Eureka888,

That is much better.We can now remove the remaining malware on your computer.

Your copy of Junkware Removal Tool has been superceded so please uninstall it:-

  • Click Start
  • Now click on Control Panel followed by Programs & Features
  • Select Junkware Removal Tool & click on the Change/Remove button
  • Allow it to uninstall & exit.


Please downloadJunkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.


Scan with ESET Online Scan

Please go to HERE to run the online scannner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is ticked
  • Click on Advanced Settings and ensure these options are ticked:-

        1.Scan for potentially unwanted applications
        2.Scan for potentially unsafe applications
        3.Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic

I need:- The Junkware Removal Tool log
             Eset log please,


Post Here for Malware Removal ... / Re: [In Progress] Still Slow After Cleaning
« Last post by Eureka888 on November 25, 2015, 06:00:08 PM »
Hi Platypuss,

I just plugged in different USB sticks and they seemed to work fine, so I don't think it's a faulty USB port. I think the WD drive is faulty as it wasn't connecting properly - I had to jiggle it to get it to register, even on other computers.

The PC runs fine with or without a external hard drive connected.

Current News / Re: Microsoft pulls down the released Windows 10 November Update
« Last post by Maurice Naggar on November 25, 2015, 04:52:49 PM »
New notes by Paul Thurrott

....If  you were twisting in the wind waiting for Microsoft to explain itself, your waiting is over: You can now use the Media Creation Tool to create a Windows 10 installer that includes the November update(e.g. is Windows 10 version 1511). And if you were blocked from getting the November update in Windows Update, check again. Though as I note in Not Being Offered the Windows 10 Fall Update? This May Be Why, there is another major issue that will prevent the update from appearing.

This topic is now closed as the issue has been resolved.

Should the topic starter require the topic to be re-opened, please contact a staff member & include the address of this thread.

Anyone else start a new topic please.
Pages: [1] 2 3 ... 10
Click Here