tradeadexchange

Thank you for your quick response.

Okay so we don't get lost, use the tools that Jacee recommends and post the results she request.
I don't see where she recommended Spyhunter.

If you follow her instruction exactly your odds of fixing this computer will increase by leaps and bounds.

I'm will go back to watching.
 

My Computer My Computer

At a glance

Windows 10 Pro. 64/ version 1709 Windows 7 Pr...Intel i7-6800K @ 4.3Corsair Platinum 16 gig @2400EVGA GTX 1070 OC
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Home made Desktop
OS
Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
CPU
Intel i7-6800K @ 4.3
Motherboard
ASUS X-99 Deluxe II
Memory
Corsair Platinum 16 gig @2400
Graphics Card(s)
EVGA GTX 1070 OC
Monitor(s) Displays
Asus 27" LED LCD/VE278Q
Screen Resolution
1920-1080 or 1280-720 HDMI
Hard Drives
INTEL SSD 730-240 Gb Sata 3.0/
PSU
EVGA Platium 1200W
Case
Phanteks Luxe Tempered Glass 8 fans/ one radiator
Cooling
XSPC/ Water Cooled CPU
Keyboard
Das 4 Professional
Mouse
Logitech M705/MX Anywhere 2-S
Internet Speed
100 mbits
Antivirus
Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS
Browser
I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum
Other Info
LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
I have just tried Spyhunter, not offending Jacee.

Ran in another problem
If I open Google Chrome, you must have a central search-bar and a search-button underneath.
Normally you type into that bar, what you want, after enter or search your search-results pop up in the large list of google.
However, if I only try to type a single character, google immediately jumps to the page with search-results.

url]


I again did a restore from 2 days ago, where it was still al-right, hoping tot get rid of it, but since my accounts are coupled, the same problem showed up on my laptop GRRRRRR. So somewhere on the server or my account putted it in a cookie perhaps to behave odd?

I hope you may have some clou about it?

About the subject tradeadexchange, I think that it is related with Tinypic.
Since I addressed the album to post the image it popped up immediately.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
The problem with the searchbar is solved, caused by an extension to customise the background.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
So, you've fixed the problem with tradeadexchange?

Do you have AdBlock Super installed?
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
No no, Jacee the problem is still there.

I only solved the problem with the searchbar.

Do you have AdBlock Super installed?

Yes and UBlock

The problem appeared yet again by clicking on this site.
I made a sheet of it with notepad, maybe you could tell me more about that?
https://drive.google.com/file/d/0B5I63khwZV1rU3h0dVMtUzU2a0k/view?usp=sharing

It lead me this time to a fake site, which looked like a simplified Javaupdate.
With the faked message that my Java was outdated and should be upgraded.
You can't do anything with Chrome when it pops up.
Just shut Chrome down with taskmanager.
The webadress itself was clear enough fake, from a malicious site
fugdownload126.com
(with possible fishing intentions).

I have also tried without any adblocker or addon, but it didn't cause or solved anything.

I discovered that the website also distributes ABPlus.
So who knows, is that the culprit?
 

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
I've read that adblock plus and adblock super are both involved.

First, I'd like you to flush the DNS cache and restore MS's Hosts file:

batch file---> Save it to the desk top Vista and Windows 7 need to run as Administrator
Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0


Save as flush.bat to your desktop. Right click on the flush.bat file to run it as Administrator. Your computer will reboot itself.



Next, download DDS from one of these links:
DDS.com
DDS.pif
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.

Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.

DDS only shows me what's running .... it doesn't remove or alter any files or programs.
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Hoi Jacee

Appreciate your help much, thank you.
Hope I did it correct with the attachments?

I can see that there is no Host file available after this procedure, only a backup.
Will it recreate a new Host file?
Spybot is using that file normally.
 

Attachments

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Hello Jacee
I ran the tool
zone alarm gave 2 heuristic infections?
Treated.

The file is still there, C:\Program Files\winarchiver\waservice.exe with the following Hash check

Naam: WAService.exe
CRC-32: f7712cb7
MD4: 76b71ef112bc0eb0a6d5e3d7b0cc94b5
MD5: c089f377deffb78e9e3523fe3289b77a
SHA-1: 0ffb7dbbc039cb3bf943159e268cbbe4770a7581


What shell I do with it?

Spybot's new pre windows 10 version, required an temporary uncheck of the Zone alarm firewall to get excess to the hosts file. but created indeed a new Hosts file.
Don't know what program deleted or at least backed up the older Hosts file?
Had several backups all the same. Perhaps spybot?

Have read on google reports, that the problem with tradeadexchange.com was a DNS hack.
At least that member got rid of the problem.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
I've uninstalled winarchiver and Waservice.exe completely and scrambled all of it's registerkeys.
Never used it and wasn't even aware that is was ever installed.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
Have read on google reports, that the problem with tradeadexchange.com was a DNS hack.

That's why I had you run the batch file to flush the DNS cache and restore Microsofts Hosts file.
This may have interfered with Spybot's hosts file, but sometimes Spybot will interfere/protect what we're trying to 'fix' or get rid of!

If you didn't pay for IObit, then uninstall it. It will really mess with your registry :zip:


Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
That's why I had you run the batch file to flush the DNS cache and restore Microsofts Hosts file.

Hai Jacee

I understand.

Here is the log.

The problem is still there
I've got this page
Code:
[url]http://www.trafficnado.com/KroonCasino/champions-league-betting/?utm_source=ac&utm_medium=DigitalMarketing&utm_campaign=KCS-NL-2015_03_prospecting&utm_content=barca[/url]
 

Attachments

Last edited:

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
Let me just say
Aarggh.gif


This adware came in with something you downloaded and has stayed! Are you still backing up your files and programs? If you are, you're also backing this up too!

Why is this in your startup?
C:\ProgramData\microsoft\windows\start menu\programs\startup\wordpadfix.exe
See the link:
https://herdprotect.com/wordpadfix.exe-f4931462b1e3914aa82897beecd3eecfb42f1421.aspx

Do you know if this was ever deleted? HKU\S-1-5-21-4182600377-2336131417-2761949497-1000_Classes\Wow6432Node\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\
(UniDeals) -> PendingDelete


Please download CKScanner by askey127 from HERE

Important - Save it to your desktop.

Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
I see that you have some P2P apps... :(
µTorrent
BitComet 1.35 64-bit
mIRC

Did you uninstall these?
Some keys have not been deleted
Sleutel Niet Verwijderd : [x64] HKCU\Software\Bitberry Software
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\Bitberry
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\Conduit
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\Escolade
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\GoforFiles
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\ParetoLogic
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\powerpack
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\Search Settings
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\Softonic
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\Video Player
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\IObit Apps
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\cain
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\PRODUCTSETUP
[!] Sleutel Niet Verwijderd : [x64] HKCU\Software\WEBAPP
[!] Sleutel Niet Verwijderd : HKU\S-1-5-21-4182600377-2336131417-2761949497-1000\Software\AppDataLow\Software\Search Settings
[!] Sleutel Niet Verwijderd : HKU\S-1-5-21-4182600377-2336131417-2761949497-1000\Software\AppDataLow\Software\IObit Apps

You also, might want to take a look at this:
Autonomous System
https://www.virustotal.com/en-gb/ip-address/104.27.138.97/information/
13335 (CloudFlare, Inc.)
104.27.138.97
Name Server: CORTNEY.NS.CLOUDFLARE.COM
Name Server: SRI.NS.CLOUDFLARE.COM
HKU\S-1-5-21-4182600377-2336131417-2761949497-1000_Classes\Wow6432Node\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\
(UniDeals) -> PendingDelete ..... ProxyStubClsid
(Default){00020424-0000-0000-C000-000000000046}
Adware.BrowserPlugin
adobe-photoshop-cs6.exe (5920783cc221a08ed4d8eb647be55b936c8e7059)
Programs\Startup\wordpadfix.exe
C:\ProgramData\microsoft\windows\start menu\programs\startup\wordpadfix.exe
https://herdprotect.com/wordpadfix.exe-f4931462b1e3914aa82897beecd3eecfb42f1421.aspx
apppatch\acwow64.dll
Fix acwow64.dll Error and File Free Download - DLL Suite/DLLSuite.com

Daum Cloud
EZ Backup Ultimate

Plus the fact, that your Adobe Creative Suite 6 appears to be a 'crack'/Keygen
that was bundled with "crossrider"
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
I have to find out what this items are?
Maybe leftovers?
Never heared of crossrider?
The list "niet verwijderd" contains strings I didn't know about.
Not even why they were not deleted?
But I'll do a search with regseeker.

Asky didn't find any malicious keys or files.

Oh and wordpadfix is a recently installed tiny program, that disables the mad spacings in wordpad (very handy) But I don't know if it's safe?

I've been deleting programs which are indicated as not reliable.
So that list cant be found in the register anymore.

After deleting Adblock and Adblockplus it seems to run al-right until now.

Chrome was sluggish lately, but now it runs much faster.
Also starting much faster.

Do you know if this was ever deleted? HKU\S-1-5-21-4182600377-2336131417-2761949497-1000_Classes\Wow6432Node\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}\
(UniDeals) -> PendingDelete
This string is no longer there.
 
Last edited:

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
Can I see the CKFiles.txt that askey127 gave you?
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Hallo Jacee

I have deleted the list with odd programs and did more scans.
Even Malwarebytes didn't find something suspicious.

Here is the latest result of cfkFiles

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\xxxxx\favorites\koppelingen\uit firefox\software\wep--wpa-keygen.url
scanner sequence 3.BC.11.RILBIA
----- EOF -----

I think that it is just a web generator to generate a wireless key which I indeed used once.

The system seems to run OK at the moment.
No more problems with Chrome until now.
Chrome is running so much faster.
I recreated a new backup.
If it stays all-right, I will be very thankful for your support.

With regards.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
You have about/close to 17 additional security risks ... You need to uninstall all of them. ;) You know what they are.
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Hai Jacee

I've checked your recommendations over and over again.
These 17 strings are no longer there.
I searched the whole register with regseeker to trace that list.
Maybe they were related to your list of programs I deleted?
Anyway, it's still running fine now.

The odd thing is, that Tinypic showed a lot of unwanted ads and pop ups which now disappeared.
I'm using Ublock only.
Since Adblock and Adblock Plus were removed and of course the previous mentioned programs, I can use Tinypic again without these annoying ads. (blocking them, made the image-links also invisible)

I'm using also a plugin which forces secure HTPPS. in the browsers.

If there in anyway a DNS hack may have taken place, is there a safe way to control that or detect?
I've checked the settings of the internet-connection, but since it's set to dynamic addresses provided by the router, there is little I can check. It's all blank.
Some recommend to use a fixed DNS. Or at least a restricted range.
A router however is already a hardware firewall for what I know.

Here is a list with junkware removaltool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Ultimate x64
Ran by ******** on ma 26-10-2015 at 19:42:47,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (********)
Successfully deleted: [Task] C:\Windows\system32\tasks\Uninstaller_SkipUac_********



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\********\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\********\AppData\Roaming\productdata



~~~ Chrome

Successfully deleted: [Folder] C:\Users\********\Appdata\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna

[C:\Users\********\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\********\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
icpgjfneehieebagbmdbhnlpiopdcmna

[C:\Users\********\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\********\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
icpgjfneehieebagbmdbhnlpiopdcmna
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ma 26-10-2015 at 19:49:14,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Driver booster is no longer installed on my PC.

Thank you so much for your help.
 

My Computer My Computer

At a glance

Microsoft Windows 7 Ultimate 64-bits 7601 Mul...Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz8,00 GB(1) Intel(R) G41 Express Chipset (2) Intel(R)...
Computer type
PC/Desktop
OS
Microsoft Windows 7 Ultimate 64-bits 7601 Multiprocessor Free Service Pack 1
CPU
Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Motherboard
ASRock G41MH/USB3.
Memory
8,00 GB
Graphics Card(s)
(1) Intel(R) G41 Express Chipset (2) Intel(R) G41 Express
Sound Card
(1) VIA High Definition Audio (2) Intel(R) High Definition
Monitor(s) Displays
S24B350 Samsung
Screen Resolution
1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
(1) ST31000528AS ATA Device (2) Generic- Compact Flash USB Device (3) Generic- MS/MS-Pro USB Device (4) Generic- SD/MMC USB Device (5) Generic- SM/xD-Picture USB Device
Antivirus
ZoneAlarm Free Antivirus + Firewall version: 12.0.104.000 Vs
The only thing I can advise you about, is not to use "dubious" P2P downloads!

It's really important, if you value your PC at all, to stay away from P2P file sharing programs,
like utorrent, Bittorrent, Azureus, Limewire, Vuze.
They are "planted" with thousands upon thousands of infections in the "free" shared files.
Some of the recent infections can turn your machine into a doorstop.

It's also very important to avoid any "cracks" or "Keygens" that allow unauthorized use of programs.
Besides being illegal, these files also are loaded with "planted" malware
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Back
Top