1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83. | All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\\\cdoosoft deleted successfully.
C:\\Documents and Settings\\Siuch(Sylwia)\\Ustawienia lokalne\\Temp\\herss.exe moved successfully.
C:\\autorun.inf moved successfully.
File move failed. D:\\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{3571ad97-e583-11de-8655-806d6172696f}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{3571ad97-e583-11de-8655-806d6172696f}\\ not found.
C:\\xmor.exe moved successfully.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{3571ad97-e583-11de-8655-806d6172696f}\\ not found.
Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{3571ad97-e583-11de-8655-806d6172696f}\\ not found.
File C:\\xmor.exe not found.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{c7efa800-eaea-11de-8427-00014ac7806f}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{c7efa800-eaea-11de-8427-00014ac7806f}\\ not found.
File E:\\xmor.exe not found.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{c7efa800-eaea-11de-8427-00014ac7806f}\\ not found.
Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{c7efa800-eaea-11de-8427-00014ac7806f}\\ not found.
File E:\\xmor.exe not found.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{decb8bd7-e591-11de-841f-a9a1277bd3ed}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{decb8bd7-e591-11de-841f-a9a1277bd3ed}\\ not found.
File F:\\xmor.exe not found.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{decb8bd7-e591-11de-841f-a9a1277bd3ed}\\ not found.
Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{decb8bd7-e591-11de-841f-a9a1277bd3ed}\\ not found.
File F:\\xmor.exe not found.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\F\\ deleted successfully.
File F:\\xmor.exe not found.
Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\F\\ not found.
File F:\\xmor.exe not found.
========== FILES ==========
C:\\Qoobox\\Quarantine\\Registry_backups folder moved successfully.
C:\\Qoobox\\Quarantine folder moved successfully.
C:\\Qoobox folder moved successfully.
C:\\RECYCLER\\S-1-5-21-789336058-113007714-1606980848-1003\\Dc2 folder moved successfully.
C:\\RECYCLER\\S-1-5-21-789336058-113007714-1606980848-1003 folder moved successfully.
C:\\RECYCLER folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\ deleted successfully.
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\\\\"SuperHidden\"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\\\\"Hidden\"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\\\\"ShowSuperHidden\"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Folder\\Hidden\\SHOWALL\\\\\"CheckedValue\"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Folder\\SuperHidden\\Policy\\DontShowSuperHidden\\ deleted successfully.
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\\Folder\\SuperHidden\\Policy\\DontShowSuperHidden\\\\@|\"\" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Siuch(Sylwia)
->Temp folder emptied: 66620719 bytes
->Temporary Internet Files folder emptied: 1291474 bytes
->FireFox cache emptied: 91514775 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\\System32 .tmp files removed: 2596 bytes
Windows Temp folder emptied: 453139 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 155,00 mb
OTL by OldTimer - Version 3.1.19.0 log created on 12222009_172714
Files\\Folders moved on Reboot...
File move failed. D:\\autorun.inf scheduled to be moved on reboot.
C:\\Documents and Settings\\Siuch(Sylwia)\\Ustawienia lokalne\\Temp\\cvasds0.dll moved successfully.
Registry entries deleted on Reboot...
|
