если у вас есть то сгодится любой Live CD на основе виндоус (либо можете скачать в интернете Alkid Live CD), либо можете поискать в гугле и скачать WinPE&uVS 3.81 это уже готовый Live CD с интегрированным uVS - это оптимальный вариант.Для создания диска нам понадобятся:
;uVS v3.81.7 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
OFFSGNSAVE
; C:\DOCUMENTS AND SETTINGS\LEXUS\LOCAL SETTINGS\TEMP\CFEXT.EXE
addsgn 1A5D639A5583358CF42B254E3143FE53DABFF456C9FA944DFD4385BCAF00F48C573662539E159DCAD37FF08816E97CF2DD9FE88D832560A9ED03ACA447FE2373 8 Trojan.Win32.Inject.gucf [Kaspersky]
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\LEXUS\LOCAL SETTINGS\TEMP\CFEXT.EXE
bl 92B62630B3418905D7FC90C1F7132D57 152064
; zoo %SystemDrive%\DOCUMENTS AND SETTINGS\LEXUS\LOCAL SETTINGS\TEMP\CFEXT.EXE
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\LEXUS\START MENU\PROGRAMS\STARTUP\312.EXE
; C:\DOCUMENTS AND SETTINGS\LEXUS\START MENU\PROGRAMS\STARTUP\312.EXE
bl 1953C71B061C41A2778EB291EBCADB5D 385024
delall %SystemDrive%\DOCUMENTS AND SETTINGS\LEXUS\START MENU\PROGRAMS\STARTUP\312.EXE
czoo
chklst
delvir
Бекап?Суперважные файлы из документов все погибли, но с фотографиями эта гадина не успела особо ничего.
(!) Обнаружен запрет на запуск Диспетчера задач (как минимум для одного из пользователей)
(!) Обнаружен запрет на запуск Редактора реестра (как минимум для одного из пользователей)
Нет, ничего не устнавливал. Я сам единственный пользователь.Сами устанавливали или снимать ограничения?
;uVS v3.81.7 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
OFFSGNSAVE
regt 1
regt 2
restart
Скорее всего из-за работы под liveCDСтранно. Команда рестарт есть, а самого рестарта нет.
;uVS v3.81.7 [http://dsrt.dyndns.org]
;Target OS: NTv6.1
OFFSGNSAVE
; C:\DOCUMENTS AND SETTINGS\LEXUS\APPLICATION DATA\IDIVI\YBMEI.EXE
addsgn 9ACC64DA5582A28DF42BAEB124C81205158AFCF6B1FA1F7885C3C5BC2251D3266CE4C719961176AE72BFA6B3461649FA7DDFE97255DAB02C2D77A42FAA764B1F 8 Trojan-PSW.Win32.Tepfer.sox
zoo %SystemDrive%\DOCUMENTS AND SETTINGS\LEXUS\APPLICATION DATA\IDIVI\YBMEI.EXE
bl AD60F735F26D0BBF52342D365DE7B0A6 1245302
; zoo %SystemDrive%\DOCUMENTS AND SETTINGS\LEXUS\APPLICATION DATA\IDIVI\YBMEI.EXE
chklst
delvir
спасение утопающих дело рук ... (с)проморгал файл
;uVS v3.81.7 [http://dsrt.dyndns.org]
;Target OS: NTv5.1
OFFSGNSAVE
delref HTTP://SEARCH.ORBITDOWNLOADER.COM
restart
Желательно.а не сохраненные в браузерах пароли тоже надо менять ?
:Files
C:\Program Files\Antivirus 2009\av2009.exe
C:\Documents and Settings\LEXUS\sys32_nov.exe
C:\WINDOWS\system32\mset.exe
C:\Program Files\plugin.exe
C:\WINDOWS\system32\regedit.exe
C:\WINDOWS\system32\setup2.exe
c:\documents and settings\all users\systems.exe
C:\Documents and Settings\LEXUS\Start Menu\Programs\Startup\ikowin32.exe
:Reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Generic Host for Win32 Services]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\21903633775001181759022298508056]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\braviax]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mset]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\plugin]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\setup2.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\shell]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sys32_nov]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgif32]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^LEXUS^Start Menu^Programs^Startup^ikowin32.exe]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Documents and Settings\LEXUS\Local Settings\Temp\~os1D.tmp\ossproxy.exe"=-
"C:\Documents and Settings\LEXUS\Desktop\rtmpdump-2.2d\rtmpgw.exe"=-
"C:\Documents and Settings\LEXUS\Desktop\rtmpdump-2.2d\rtmpsrv.exe"=-
"C:\Documents and Settings\LEXUS\Local Settings\Temp\~osB.tmp\rlvknlg.exe"=-
"c:\program files\relevantknowledge\rlvknlg.exe"=-
"H:\DIR64.JPG.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\kogw.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winrwlap.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winkglfrw.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winuvxiia.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winwnji.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\sxpsdp.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wef6a821.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winjmfc.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\whrtt.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winigkq.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\ffljxc.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\nlrqs.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\pabjee.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winvhgmj.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\mcumqa.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\windstlbx.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wincedfj.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\w2cc398.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winfnyw.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winxnypqc.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\hhphr.exe"="-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\rogk.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\w83522.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wincloa.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\jiddv.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\xmee.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winanegn.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\pmsgn.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\fwsmrs.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winiuiv.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wa1646.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winsqfxy.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\w1a42a8.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winieofbq.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wfaf03.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winefcc.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wbc108.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wingdnoue.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\ugxi.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winxgxo.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\dcul.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winbvbwkt.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winvenc.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wfxfvb.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wdqd.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winuuid.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\cksyfn.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winusgje.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winhrfco.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winvluuq.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winndwh.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wc3f50.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winykyu.exe"=-
"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winceakk.exe"=-
:Commands
[purity]
[emptytemp]
[Reboot]
All processes killed
========== FILES ==========
File/Folder C:\Program Files\Antivirus 2009\av2009.exe not found.
File/Folder C:\Documents and Settings\LEXUS\sys32_nov.exe not found.
File/Folder C:\WINDOWS\system32\mset.exe not found.
File/Folder C:\Program Files\plugin.exe not found.
File/Folder C:\WINDOWS\system32\regedit.exe not found.
File/Folder C:\WINDOWS\system32\setup2.exe not found.
File/Folder c:\documents and settings\all users\systems.exe not found.
File/Folder C:\Documents and Settings\LEXUS\Start Menu\Programs\Startup\ikowin32.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Generic Host for Win32 Services\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\21903633775001181759022298508056\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\braviax\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mset\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regedit32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\setup2.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\shell\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sys32_nov\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgif32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^LEXUS^Start Menu^Programs^Startup^ikowin32.exe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\LEXUS\Local Settings\Temp\~os1D.tmp\ossproxy.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\LEXUS\Desktop\rtmpdump-2.2d\rtmpgw.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\LEXUS\Desktop\rtmpdump-2.2d\rtmpsrv.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\LEXUS\Local Settings\Temp\~osB.tmp\rlvknlg.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\c:\program files\relevantknowledge\rlvknlg.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\H:\DIR64.JPG.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\kogw.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winrwlap.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winkglfrw.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winuvxiia.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winwnji.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\sxpsdp.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wef6a821.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winjmfc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\whrtt.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winigkq.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\ffljxc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\nlrqs.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\pabjee.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winvhgmj.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\mcumqa.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\windstlbx.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wincedfj.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\w2cc398.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winfnyw.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winxnypqc.exe deleted successfully.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\DOCUME~1\LEXUS\LOCALS~1\Temp\hhphr.exe"|"- /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\rogk.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\w83522.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wincloa.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\jiddv.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\xmee.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winanegn.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\pmsgn.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\fwsmrs.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winiuiv.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wa1646.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winsqfxy.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\w1a42a8.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winieofbq.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wfaf03.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winefcc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wbc108.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wingdnoue.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\ugxi.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winxgxo.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\dcul.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winbvbwkt.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winvenc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wfxfvb.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wdqd.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winuuid.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\cksyfn.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winusgje.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winhrfco.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winvluuq.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winndwh.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\wc3f50.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winykyu.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\LEXUS\LOCALS~1\Temp\winceakk.exe deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: All Users.WINDOWS
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LEXUS
->Temp folder emptied: 68949696 bytes
->Temporary Internet Files folder emptied: 10176169 bytes
->Java cache emptied: 941441 bytes
->FireFox cache emptied: 399640311 bytes
->Google Chrome cache emptied: 12244528 bytes
->Flash cache emptied: 141555 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: LocalService.NT AUTHORITY
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 196414 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1699661 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2142714 bytes
%systemroot%\System32 .tmp files removed: 21232081 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 206696722 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 383621795 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 35058 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 057,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12192013_043012
Files moved on Reboot...
Registry entries deleted on Reboot...
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?