Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: How safe is running Zoek

25 Mar 2015   #11

Windows 7 Home Premium

If MBAR is freezing up, don't use it.

Let's go to something more simple...

Use the Farbar Service Scanner
Download: Downloading Farbar Service Scanner

Let's get a view of all services and dependencies scoped by the tool...
Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender

Press: Scan

When done, FSS creates a log, FSS.txt, on the Desktop.

Please provide the FSS.txt in your reply. (No personal info there.)

If you wish, remove the FRST.txt and the Addition.txt results from this thread (Posts 5 thru 10).

My System SpecsSystem Spec
25 Mar 2015   #12

Windows 7 Home Premium

After doing the above (Post #18), please check your current DNS server settings using the DNSCHECK tool from F-Secure:

Press: Start test

What is the Verdict?
Any DNS hijacking detected?
My System SpecsSystem Spec
27 Mar 2015   #13

Windows 7 Ultimate x64

Hi Cottonball,

Thanks. Sorry for the delay.

Farbar Service Scanner Version: 17-01-2015
Ran by 13 (administrator) on 27-03-2015 at 01:16:14
Running from "C:\Users\13\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal

Internet Services:

Connection Status:
Localhost is accessible.
LAN connected.
Google IP is accessible. is accessible. is accessible.

Windows Firewall:

Firewall Disabled Policy:

System Restore:

System Restore Policy:

Windows Update:

Windows Autoupdate Disabled Policy:

Windows Defender:
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

Other Services:

File Check:
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

MBAR never did complete a scan without freezing...
My System SpecsSystem Spec

27 Mar 2015   #14

Windows 7 Ultimate x64

For the DNSCHECK tool it says:

"All is well.
No DNS hijacking detected."

I'm wondering if "Orbit downloader" is part of the problem. I went to open up Orbit the other day and the computer began acting up right away....started to freeze and make that sound maybe like 20 times within 20 seconds.

At one point right clicking on a download and clicking "Save As" disappeared as an option. And I had to download firefox extensions just to be able to download from blogtalk radio. Unless you know how I can get my right click "save as" option back, I'm not willing to delete orbit just yet though.
My System SpecsSystem Spec
27 Mar 2015   #15

Windows 7 Home Premium

Let's see if you have better luck with this program...

TDSSKiller Download

Select the .exe version
  • Doubleclick on TDSSKiller.exe to run the program.
  • At the Kaspersky TDSSKiller interface, click: Change parameters
  • Check: Detect TDLFS file system
  • Click: OK
  • Now, click Start Scan and allow the scan to run
  • If any threats are found, select: Skip (Do not select: Delete!!)
  • Click: Continue
  • Click: Reboot computer
When done, please provide the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically C:\)
My System SpecsSystem Spec
27 Mar 2015   #16

Windows 7 Home Premium


On your Save as and perhaps other issues, try the following, using Option 2 to Scan and Repair System files:
SFC /SCANNOW Command - System File Checker
If there are files that SFC cannot fix automatically, follow Option 3.

At this point, my personal assessment of your situation is the following:

Whatever virus or malware was taking over the computer, IMO, it caused irreparable damage to the system.
Just the possibility of having Win32.Fareit seriously compromises your computer, and a variant of this trojan steals passwords.

If this computer is a Dell, and has a Dell Recovery Partition, would consider pursuing the following:

Follow the instructions to: Access the recovery partition in Windows 7
It will reformat the hard drive and restore system software to factory condition.
My System SpecsSystem Spec
27 Mar 2015   #17
Microsoft MVP


If running Dell Windows 7 PC Restore should fail you can do the superior Clean Reinstall Windows 7.

Dell will provide Re installation media for just a small handling charge.

Be sure to read the Special Note for Dell Owners at the end to know how to handle existing partitions.
My System SpecsSystem Spec
28 Mar 2015   #18

Windows 7 Ultimate x64

My System SpecsSystem Spec
28 Mar 2015   #19

Windows 7 Ultimate x64

My System SpecsSystem Spec
28 Mar 2015   #20

Windows 7 Ultimate x64

C:\Program Files\iPod\bin\iPodService.exe
My System SpecsSystem Spec

 How safe is running Zoek

Thread Tools

Similar help and support threads
Thread Forum
Safe CPU Temperatures? running from 9C-24C is it too cold?
So I ended up buying a new processor, and they gave me a free motherboard with it, I got an AMD FX4100 3.6GHZ quad core processor, that can be Overclocked to 4.6GHZ very easily because it is already unlocked, seen some crappy reviews, but this thing is way faster than my phenom x4 at 2.6ghz...
Hardware & Devices
Zoek Results Help
Once, again, I am needing assistance with my Zoek results. Attached is the results from Zoek. I am experiencing too many ads and pop up tabs of all sorts. I'm also experiencing those text ads within a web page's text. One of the more aggressive ones is "Ads by Ad Remover." I am running Windows 7...
System Security
LadieLyrix Zoek Results
Here is the Zoek Results attachment for LadieLyrix laptop. She is running Windows 7.
System Security
Zoek scan results assistance
Zoek.exe v5.0.0.0 Updated 23-11-2014 Tool run by user01 on Sat 12/13/2014 at 9:41:16.94. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\user01\Downloads\zoek.exe ==== Older Logs ====================== ...
System Security
Is running a GTX760 4gbvideoram at 71C safe?
Hello Seven-forums, i am wondering if running a GTX760 at 71C for long periods of time is safe? I just want to make sure. I am mining something similar to bit coin if your wondering why.
Graphic Cards

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:46.
Twitter Facebook