Solved In pursuit of greed

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  • Hello everyone We want to personally apologize to everyone for the downtime that we've experienced. We are working to get everything back up as quickly as possible. Due to the issues we've had, your password will need to be reset. Please click the button that says "Forgot Your Password" and change it. We are working to have things back to normal. Emails are fixed and should now send properly. Thank you all for your patience. Thanks, PCHF Management
Status
Not open for further replies.
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by ILANA on Tue 05/09/2017 at 0:17:42.35.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\ILANA\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

09/05/2017 00:19:13 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2708178567-3500753994-1001134934-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} deleted successfully
HKEY_USERS\S-1-5-21-2708178567-3500753994-1001134934-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} deleted successfully
HKEY_USERS\S-1-5-21-2708178567-3500753994-1001134934-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F4B8786-5502-4803-8EBC-F652A1153BB6} deleted successfully
HKEY_USERS\S-1-5-21-2708178567-3500753994-1001134934-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F4B8786-5502-4803-8EBC-F652A1153BB6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2708178567-3500753994-1001134934-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} deleted successfully
HKEY_USERS\S-1-5-21-2708178567-3500753994-1001134934-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} deleted successfully

==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12/14/2016 09:19 PM]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12/14/2016 09:19 PM]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

Avast SafePrice - ILANA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
UC - ILANA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohcnlaamfpgkdghjlfnhggmgimfolnc
Chrome Media Router - ILANA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ILANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ILANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\ILANA\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=13 folders=15 14991545 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ILANA\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ILANA\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\ILANA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\ILANA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\ILANA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\ILANA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\ILANA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\ILANA\AppData\Local\Google\Chrome\User Data\Default\Cache\data_5" deleted
"C:\Users\ILANA\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on Tue 05/09/2017 at 0:54:02.70 ======================
 
How about the malwarebytes log? Also, how are things running now?
 
We will look at your temps next, then we will update some drivers if needed....

: Speccy Scan.

  • Please go here and download Speccy.
  • Install and run the program.
  • Upon Completion:
  • Hit File
  • Publish Snap Shot
  • A link will appear, post that link.
 
Yes, sorry for the delay, i will pass the results if needed. But first, a little irony. You always say to me run as admin, so, i kind of tried to run dosbox as admin, i didn't believe it'll work but voila, i can save the game again. Do you have any idea why it worked? and, do you still want me to pass the results?
 
Do you want some tea? said:
Do you have any idea why it worked?
Click to expand...


You can right click on the dosbox icon select properties, then click the box that reads run as admin, then click apply. This way it always starts as admin.

upload_2017-5-12_18-49-4.png

Do you want some tea? said:
and, do you still want me to pass the results?
Click to expand...

Your choice, or we can mark this as solved.
 
  • Like
Reactions: Do you want some tea?
Really busy times, slow replies. Anyway you can mark it as solved. And thank you personally, everything works and i did my pc thorough security checks and improves. So, thank you and bye for now mr snake malnutrition.
 
  • Like
Reactions: jmarket
Status
Not open for further replies.
Top Bottom