Podívej se do:
C:\_OTL složky
Notebook plný Rootkitu
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43339
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Notebook plný Rootkitu
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Notebook plný Rootkitu
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: Unable to stop service ccSet_NARA!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccSet_NARA deleted successfully.
C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE24DC42-D4C7-4C6B-9229-6BB265F6D679}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE24DC42-D4C7-4C6B-9229-6BB265F6D679}\ not found.
Prefs.js: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.5.3 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2\ deleted successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\samples\Macros folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\samples\Datasources folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\samples folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\modules folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\defaults\preferences folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\defaults folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\chrome folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LManager scheduled to be deleted on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ not found.
File "D:\setup.exe" not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
ADS C:\ProgramData\Temp:9638A27E deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\found.003\dir0000.chk folder moved successfully.
C:\found.003 folder moved successfully.
C:\found.002 folder moved successfully.
C:\found.001 folder moved successfully.
C:\found.000\dir_00000001.chk folder moved successfully.
C:\found.000 folder moved successfully.
C:\Users\Roman\AppData\Local\xc341db93fc3c3195\CDImage.exe_Url_gjxj1ikfai3jcrnw1ofnkwc0m2yfl3dh\1.0.0.0 folder moved successfully.
C:\Users\Roman\AppData\Local\xc341db93fc3c3195\CDImage.exe_Url_gjxj1ikfai3jcrnw1ofnkwc0m2yfl3dh folder moved successfully.
C:\Users\Roman\AppData\Local\xc341db93fc3c3195 folder moved successfully.
C:\Program Files (x86)\Symantec\Norton Online Backup folder moved successfully.
C:\Program Files (x86)\Symantec folder moved successfully.
C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File\Folder C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Public
User: Roman
->Temp folder emptied: 2979518 bytes
->Temporary Internet Files folder emptied: 8837765 bytes
->Java cache emptied: 741797 bytes
->FireFox cache emptied: 1791796 bytes
->Google Chrome cache emptied: 355344352 bytes
->Flash cache emptied: 853 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 201556 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 353,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11152013_182008
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: Unable to stop service ccSet_NARA!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccSet_NARA deleted successfully.
C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ED96990-4810-4F04-9E5F-1B897391C0A0}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE24DC42-D4C7-4C6B-9229-6BB265F6D679}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE24DC42-D4C7-4C6B-9229-6BB265F6D679}\ not found.
Prefs.js: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.5.3 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2\ deleted successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\samples\Macros folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\samples\Datasources folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\samples folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\modules folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\defaults\preferences folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\defaults folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\chrome folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} folder moved successfully.
C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LManager scheduled to be deleted on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\ not found.
File "D:\setup.exe" not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
ADS C:\ProgramData\Temp:9638A27E deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\found.003\dir0000.chk folder moved successfully.
C:\found.003 folder moved successfully.
C:\found.002 folder moved successfully.
C:\found.001 folder moved successfully.
C:\found.000\dir_00000001.chk folder moved successfully.
C:\found.000 folder moved successfully.
C:\Users\Roman\AppData\Local\xc341db93fc3c3195\CDImage.exe_Url_gjxj1ikfai3jcrnw1ofnkwc0m2yfl3dh\1.0.0.0 folder moved successfully.
C:\Users\Roman\AppData\Local\xc341db93fc3c3195\CDImage.exe_Url_gjxj1ikfai3jcrnw1ofnkwc0m2yfl3dh folder moved successfully.
C:\Users\Roman\AppData\Local\xc341db93fc3c3195 folder moved successfully.
C:\Program Files (x86)\Symantec\Norton Online Backup folder moved successfully.
C:\Program Files (x86)\Symantec folder moved successfully.
C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File\Folder C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys not found.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Public
User: Roman
->Temp folder emptied: 2979518 bytes
->Temporary Internet Files folder emptied: 8837765 bytes
->Java cache emptied: 741797 bytes
->FireFox cache emptied: 1791796 bytes
->Google Chrome cache emptied: 355344352 bytes
->Flash cache emptied: 853 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 201556 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 353,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11152013_182008
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43339
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Notebook plný Rootkitu
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 20 hostů