Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
My browser opens "login.lataminternet.com" and usb shows a trash folder
Message
<blockquote data-quote="Rohr35" data-source="post: 291613" data-attributes="member: 29426"><p>Zoek.exe v5.0.0.0 Updated 03-November-2014</p><p>Tool run by Andres on 03/11/2014 at 12:58:08.98.</p><p>Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\Andres\Desktop\zoek.exe [Scan all users] [Script inserted] </p><p></p><p>==== Older Logs ======================</p><p></p><p>C:\zoek-results2014-10-27-213310.log 818 bytes</p><p></p><p>==== System Restore Info ======================</p><p></p><p>03/11/2014 13:00:38 Zoek.exe System Restore Point Created Succesfully.</p><p></p><p>==== Deleting CLSID Registry Keys ======================</p><p></p><p></p><p>==== Deleting CLSID Registry Values ======================</p><p></p><p></p><p>==== Deleting Services ======================</p><p></p><p>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater3.2.0 deleted successfully</p><p>HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater3.2.0 deleted successfully</p><p></p><p>==== Batch Command(s) Run By Tool======================</p><p></p><p></p><p>==== Deleting Files \ Folders ======================</p><p></p><p>C:\Users\Andres\AppData\Local\cache deleted</p><p>C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted</p><p>C:\Windows\system32\config\systemprofile\Searches deleted</p><p>C:\Windows\system32\GroupPolicy\Machine deleted</p><p>C:\Windows\system32\GroupPolicy\User deleted</p><p>C:\Windows\system32\GroupPolicy\gpt.ini deleted</p><p>C:\Windows\System32\InstallUtil.InstallLog deleted</p><p>C:\Windows\System32\AI_RecycleBin deleted</p><p>C:\Windows\System32\searchplugins deleted</p><p>C:\Windows\System32\Extensions deleted</p><p></p><p>==== Firefox Extensions ======================</p><p></p><p>==== Firefox Plugins ======================</p><p></p><p></p><p>==== Chromium Look ======================</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22]</p><p></p><p>Google Voice Search Hotword (Beta) - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn</p><p>News Feed Eradicator for Facebook - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg</p><p>Follow - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkakfimgbmogkpmjokgnbbanmmemcdij</p><p>LastPass - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd</p><p>Motivation - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofdgfpchbidcgncgfpdlpclnpaemakoj</p><p>Sidekick - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd</p><p></p><p>==== Chromium Fix ======================</p><p></p><p>C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_<a href="http://www.metrolyrics.com_0.localstorage" target="_blank">www.metrolyrics.com_0.localstorage</a> deleted successfully</p><p>C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully</p><p>C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd deleted successfully</p><p>C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oiiaigjnkhngdbnoookogelabohpglmd_0.localstorage deleted successfully</p><p>C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oiiaigjnkhngdbnoookogelabohpglmd deleted successfully</p><p></p><p>==== Set IE to Default ======================</p><p></p><p>Old Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>"</p><p>"Use Search Asst"="yes"</p><p>[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]</p><p>"Default"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]</p><p>"Default"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>@="<a href="http://login.lataminternet.com/search.php?q=%s" target="_blank">http://login.lataminternet.com/search.php?q=%s</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]</p><p>"Default_Search_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"SearchAssistant"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p></p><p>New Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>"</p><p>"Use Search Asst"="no"</p><p>[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]</p><p>"(Default)"="<a href="http://search.msn.com/results.asp?q=%s" target="_blank">http://search.msn.com/results.asp?q=%s</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]</p><p>"(Default)"="<a href="http://search.msn.com/results.asp?q=%s" target="_blank">http://search.msn.com/results.asp?q=%s</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]</p><p>"Default_Search_URL"="<a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>"</p><p>"SearchAssistant"="<a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" target="_blank">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm</a>"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"</p><p>{012E1000-F331-11DB-8314-0800200C9A66} Google Url="<a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>"</p><p>{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC</a>"</p><p></p><p>==== Empty IE Cache ======================</p><p></p><p>C:\Users\Andres\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p></p><p>==== Empty FireFox Cache ======================</p><p></p><p>No FireFox Cache found</p><p></p><p>==== Empty Chrome Cache ======================</p><p></p><p>C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully</p><p></p><p>==== Empty All Flash Cache ======================</p><p></p><p>Flash Cache Emptied Successfully</p><p></p><p>==== Empty All Java Cache ======================</p><p></p><p>Java Cache cleared successfully</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=487 folders=34 6543849 bytes)</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Users\Andres\AppData\Local\Temp will be emptied at reboot</p><p>C:\Users\Default\AppData\Local\Temp emptied successfully</p><p>C:\Users\Default User\AppData\Local\Temp emptied successfully</p><p>C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot</p><p>C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully</p><p>C:\Windows\Temp will be emptied at reboot</p><p></p><p>==== After Reboot ======================</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Windows\Temp successfully emptied</p><p>C:\Users\Andres\AppData\Local\Temp successfully emptied</p><p></p><p>==== Empty Recycle Bin ======================</p><p></p><p>C:\$RECYCLE.BIN successfully emptied</p><p></p><p>==== Deleting Files / Folders ======================</p><p></p><p>"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted</p><p></p><p>==== EOF on 03/11/2014 at 13:19:53.78 ======================</p></blockquote><p></p>
[QUOTE="Rohr35, post: 291613, member: 29426"] Zoek.exe v5.0.0.0 Updated 03-November-2014 Tool run by Andres on 03/11/2014 at 12:58:08.98. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Andres\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-10-27-213310.log 818 bytes ==== System Restore Info ====================== 03/11/2014 13:00:38 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater3.2.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater3.2.0 deleted successfully ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Users\Andres\AppData\Local\cache deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\InstallUtil.InstallLog deleted C:\Windows\System32\AI_RecycleBin deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22] Google Voice Search Hotword (Beta) - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn News Feed Eradicator for Facebook - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg Follow - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkakfimgbmogkpmjokgnbbanmmemcdij LastPass - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Motivation - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofdgfpchbidcgncgfpdlpclnpaemakoj Sidekick - Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd ==== Chromium Fix ====================== C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_[url="http://www.metrolyrics.com_0.localstorage"]www.metrolyrics.com_0.localstorage[/url] deleted successfully C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd deleted successfully C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oiiaigjnkhngdbnoookogelabohpglmd_0.localstorage deleted successfully C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oiiaigjnkhngdbnoookogelabohpglmd deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="[url]http://www.google.com[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="[url]http://www.google.com[/url]" @="[url]http://login.lataminternet.com/search.php?q=%s[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="[url]http://www.google.com[/url]" "SearchAssistant"="[url]http://www.google.com[/url]" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="[url]http://search.msn.com/results.asp?q=%s[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="[url]http://search.msn.com/results.asp?q=%s[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="[url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]" "SearchAssistant"="[url]http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[/url]" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="[url]http://www.google.com/search?q={searchTerms}[/url]" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="[url]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url]" ==== Empty IE Cache ====================== C:\Users\Andres\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Andres\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=487 folders=34 6543849 bytes) ==== Empty Temp Folders ====================== C:\Users\Andres\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Andres\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on 03/11/2014 at 13:19:53.78 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top