|
[ Talino @ 30.03.2013. 19:55 ] @
[ TeslaElectronic @ 30.03.2013. 20:28 ] @
Pa gde si naišao na to?
[ BBS @ 30.03.2013. 20:30 ] @
[ kristi1 @ 30.03.2013. 20:38 ] @
Citat: Može li mi neko pomoći informacijom kako mogu da očistim ovaj virus? Sistem mi je XP SP3, napominjem da ne znam engleski. Hvala. Preuzmi OTL na desktop http://oldtimer.geekstogo.com/OTL.exe Dvoklikom pokreni OTL; klikni Run Scan; Po završetku skeniranja, izveštaj ce se otvoriti u Notepad-u. Kopiraj mi log. [ cyBerManIA @ 30.03.2013. 21:04 ] @
Sasser i Blaster i dalje aktivni?
[ superbaka @ 30.03.2013. 22:45 ] @
tesko na SP3... vidjao sam da neki adware ima te zezancije, neki Antivirus XP ili tako nesto...
zaboravili su da ti kazu kako da zaustavis restart, jer cime god pocnes da cistis, moze da ti prekine radnju... kad si na desktopu, pritisni i zadrzi Win dugme na tastaturi, i pritisni slovo r; iskocice ti prozorcic u kome ces da ukucas shutdown -a... to ce privremeno spreciti restart, i pomoci da zavrsis ciscenje od virusa... [ Talino @ 01.04.2013. 22:34 ] @
Ljudi, ja vas ništa ne razumijem, napišite malo jednostavnije, oprostite.
kristi1, jel da ti iskopiram Extras.txt ili ili OTL.txt? [ kristi1 @ 01.04.2013. 23:28 ] @
Citat: Talino: Ljudi, ja vas ništa ne razumijem, napišite malo jednostavnije, oprostite. kristi1, jel da ti iskopiram Extras.txt ili ili OTL.txt? OTL.txt kopiraj. [ Talino @ 05.04.2013. 04:23 ] @
kristi1, ima mnogo, evo ti cijeli fajl u atachmentu. Pozdrav
[ kristi1 @ 05.04.2013. 09:48 ] @
Pokreni OTL
U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeci tekst: Nemoj da kopiras ovo Code: Code: :OTL O20 - Winlogon\Notify\iifcBtUo: DllName - (iifcBtUo.dll) - C:\WINDOWS\System32\iifcBtUo.dll () O28 - HKLM ShellExecuteHooks: {47080957-7903-41FC-B655-CEBA0A65E64A} - C:\WINDOWS\system32\iifcBtUo.dll () O33 - MountPoints2\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\Shell\AutoRun\command - "" = G:\RavMon.exe O33 - MountPoints2\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\Shell\explore\Command - "" = G:\RavMon.exe -e O33 - MountPoints2\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\Shell\open\Command - "" = G:\RavMon.exe O33 - MountPoints2\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\Shell\AutoRun\command - "" = N:\RavMon.exe O33 - MountPoints2\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\Shell\explore\Command - "" = N:\RavMon.exe -e O33 - MountPoints2\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\Shell\open\Command - "" = N:\RavMon.exe O33 - MountPoints2\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\Shell\AutoRun\command - "" = J:\RavMon.exe O33 - MountPoints2\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\Shell\explore\Command - "" = J:\RavMon.exe -e O33 - MountPoints2\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\Shell\open\Command - "" = J:\RavMon.exe O33 - MountPoints2\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\Shell\AutoRun\command - "" = J:\RavMon.exe O33 - MountPoints2\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\Shell\explore\Command - "" = J:\RavMon.exe -e O33 - MountPoints2\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\Shell\open\Command - "" = J:\RavMon.exe O33 - MountPoints2\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{70b19c03-c020-11e1-b314-0018f38b6dc8}\Shell\AutoRun\command - "" = J:\RavMon.exe O33 - MountPoints2\{70b19c03-c020-11e1-b314-0018f38b6dc8}\Shell\explore\Command - "" = J:\RavMon.exe -e O33 - MountPoints2\{70b19c03-c020-11e1-b314-0018f38b6dc8}\Shell\open\Command - "" = J:\RavMon.exe O33 - MountPoints2\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O33 - MountPoints2\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\Shell\Auto\command - "" = fun.xls.exe O33 - MountPoints2\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe O2 - BHO: (Reg Error: Value error.) - {47080957-7903-41FC-B655-CEBA0A65E64A} - C:\WINDOWS\system32\iifcBtUo.dll () IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?Sear...58161665428&ctid=CT3176921 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/Resu...21&CUI=UN39927958161665428 IE - HKCU\..\SearchScopes\{DE66F866-B092-420F-90DB-56F4A7D1E9F2}: "URL" = http://search.softonic.com/INF...archSource=4&cc=&r=453 FF - prefs.js..browser.search.defaultthis.engineName: "express-files Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/Resu...s}&CUI=UN64030814914541130" FF - prefs.js..browser.search.selectedEngine: "express-files Customized Web Search" [2012.08.08 03:55:43 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} [2013.03.27 22:46:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions [2013.03.27 22:46:14 | 000,000,000 | ---D | M] (express-files) -- C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d} [2013.03.14 23:08:37 | 000,011,510 | ---- | M] () (No name found) -- C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\[email protected] [2013.02.25 04:10:06 | 000,001,082 | ---- | M] () -- C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\searchplugins\express-files-customized-web-search.xml [2013.02.13 21:13:31 | 000,002,060 | ---- | M] () -- C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\searchplugins\softonic.xml CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\Shady\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh\10.14.40.128_0\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Documents and Settings\Shady\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh\10.14.40.128_0\plugins/np-cwmp.dll :files C:\WINDOWS\System32\nnnkIaBq.dll C:\WINDOWS\System32\mlJDurSi.dll C:\WINDOWS\System32\wvUmmNgd.dll C:\WINDOWS\System32\byXRhfET.dll C:\WINDOWS\System32\yayxusRH.dll C:\WINDOWS\System32\iifcBtUo.dll C:\WINDOWS\system32\iifcBtUo.dll C:\Documents and Settings\Shady\Application Data\.17356192ABB8C36B.sys C:\Documents and Settings\Shady\Application Data\.1735619272B730B3.sys C:\Documents and Settings\Shady\Application Data\.173561926659B183.sys C:\Documents and Settings\Shady\Application Data\.173561924A06AB74.sys C:\Documents and Settings\Shady\Application Data\.173561924A06AB73.sys C:\Documents and Settings\Shady\Application Data\.173561924A84BAF5.sys C:\Documents and Settings\Shady\Application Data\.173561924A84BAF4.sys C:\Documents and Settings\Shady\Application Data\.17356192D8910D51.sys C:\Documents and Settings\Shady\Application Data\.17356192D8910D50.sys C:\Documents and Settings\Shady\Application Data\.1735619206385595.sys C:\Documents and Settings\Shady\Application Data\.17356192571BECEE.sys C:\Documents and Settings\Shady\Application Data\.17356192859F7D89.sys C:\Documents and Settings\Shady\Application Data\.17356192571BECED.sys C:\Documents and Settings\Shady\Application Data\.17356192EEEA39DE.sys :commands [CREATERESTOREPOINT] [emptytemp] Klikni taster Run Fix; Log koji dobiješ iskopiraj ovde u poruci. ------------------ Preuzmi ComboFix sa sledece adrese na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Iskljuci AV Pokreni Combofix iskljucivo sa desktopa (I Agree) Na svaki popup prozor klikci Yes \ Ok Kad zavrsi skeniranje izbacice ti log na desktop Kopiraj mi log ovde [ Talino @ 05.04.2013. 22:52 ] @
Prvi dio tvoje poruke.. Evo u atachmentu novog OTL.txt fajla.
A ovaj ComboFix.exe... piše: "Failed - Network Eror" i ne može se skinuti. [ kristi1 @ 05.04.2013. 23:04 ] @
Nisi dobro odradio skriptu.
Procitaj jos jednom sta sam napisao i ponovi fix a zatim mi postavi izvestaj koji dobijes posle fixa. [ Talino @ 05.04.2013. 23:33 ] @
Aha.. ja kliknuo na RUN SCAN umjesto na Rum FIX
Sad sam uradio kako treba i ovo mi je izzbacilo: _____________________________________________ All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifcBtUo\ deleted successfully. File move failed. C:\WINDOWS\system32\iifcBtUo.dll scheduled to be moved on reboot. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{47080957-7903-41FC-B655-CEBA0A65E64A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47080957-7903-41FC-B655-CEBA0A65E64A}\ deleted successfully. File move failed. C:\WINDOWS\system32\iifcBtUo.dll scheduled to be moved on reboot. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03cd2a3b-de82-11dd-8b76-a5ecabd2d5f3}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\ not found. File G:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\ not found. File G:\RavMon.exe -e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{072c4a5e-042c-11dc-aa08-8b4d372feb63}\ not found. File G:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\ not found. File N:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\ not found. File N:\RavMon.exe -e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2d27c116-2a66-11dd-8d5d-e581087b06e0}\ not found. File N:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{311f7b76-28cb-11de-8c47-fc5715fccc2a}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\ not found. File J:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\ not found. File J:\RavMon.exe -e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e41801-c5e0-11e1-b324-0018f38b6dc8}\ not found. File J:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\ not found. File J:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\ not found. File J:\RavMon.exe -e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e41807-c5e0-11e1-b324-0018f38b6dc8}\ not found. File J:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39ebd5cd-de9f-11dd-8b77-bf1e61182bbd}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bc0f8f5-03c6-11df-8d12-0018f38b6dc8}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4bc0f8f8-03c6-11df-8d12-0018f38b6dc8}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70b19c03-c020-11e1-b314-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70b19c03-c020-11e1-b314-0018f38b6dc8}\ not found. File J:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70b19c03-c020-11e1-b314-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70b19c03-c020-11e1-b314-0018f38b6dc8}\ not found. File J:\RavMon.exe -e not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70b19c03-c020-11e1-b314-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70b19c03-c020-11e1-b314-0018f38b6dc8}\ not found. File J:\RavMon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbe1-0c1e-11df-8d1c-0018f38b6dc8}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbe8-0c1e-11df-8d1c-0018f38b6dc8}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9944bbeb-0c1e-11df-8d1c-0018f38b6dc8}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7461f94-e3c4-11dd-8b9d-0018f38b6dc8}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\ not found. File fun.xls.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c37e3c39-ebfa-11de-8cf5-0018f38b6dc8}\ not found. File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47080957-7903-41FC-B655-CEBA0A65E64A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47080957-7903-41FC-B655-CEBA0A65E64A}\ deleted successfully. File move failed. C:\WINDOWS\system32\iifcBtUo.dll scheduled to be moved on reboot. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DE66F866-B092-420F-90DB-56F4A7D1E9F2}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE66F866-B092-420F-90DB-56F4A7D1E9F2}\ not found. Prefs.js: "express-files Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/Resu...s}&CUI=UN64030814914541130" removed from browser.search.defaulturl Prefs.js: "express-files Customized Web Search" removed from browser.search.selectedEngine C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Plugins folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\modules folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\Plugins folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\modules folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\META-INF folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\lib folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\defaults\preferences folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\defaults folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\sl folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\lib\jquery.alerts\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\lib\jquery.alerts folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\lib folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\core folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\WEATHER\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\WEATHER\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\WEATHER folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\TWITTER\resources folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\TWITTER\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\TWITTER\img folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\TWITTER folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\view\style folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\view\script folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\view folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\resources folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\Css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH\buildSettings folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\SEARCH folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\RADIO_PLAYER folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\PRICE_GONG\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\PRICE_GONG\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\PRICE_GONG folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\Optimizer\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\Optimizer folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\NOTIFICATION\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\NOTIFICATION\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\NOTIFICATION\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\NOTIFICATION folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\MULTI_RSS\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\MULTI_RSS\img folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\MULTI_RSS\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\MULTI_RSS folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\HIGHLIGHTER folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa\404 folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\wa folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\menu\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\menu\img folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\menu\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\menu folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\gf\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\gf\img folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\gf\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\gf folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\gadgetFrame folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\dlg\ftd\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\dlg\ftd folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui\dlg folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ui folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\sp\spsd\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\sp\spsd folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\sp\spbd\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\sp\spbd folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\sp\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\sp folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\options\js\resources folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\options\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\options\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\options\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\options folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\msd folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\api folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ac\res folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ac\img folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ac\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\ac folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\aboutBox\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\aboutBox\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al\aboutBox folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb\al folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\tb folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\logic\uninstall\dialog\js folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\logic\uninstall\dialog\images folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\logic\uninstall\dialog\css folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\logic\uninstall\dialog folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\logic\uninstall folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content\logic folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921\content folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome\CT3176921 folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\chrome folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d} folder moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions folder moved successfully. Folder C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\{88ac3cb6-596b-4217-964c-b6757ef9602d}\ not found. File C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\extensions\[email protected] not found. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\searchplugins\express-files-customized-web-search.xml moved successfully. C:\Documents and Settings\Shady\Application Data\Mozilla\Firefox\Profiles\fmhcmxpo.default\searchplugins\softonic.xml moved successfully. File C:\Documents and Settings\Shady\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh\10.14.40.128_0\plugins/ConduitChromeApiPlugin.dll not found. File C:\Documents and Settings\Shady\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh\10.14.40.128_0\plugins/np-cwmp.dll not found. ========== FILES ========== C:\WINDOWS\System32\nnnkIaBq.dll moved successfully. C:\WINDOWS\System32\mlJDurSi.dll moved successfully. C:\WINDOWS\System32\wvUmmNgd.dll moved successfully. C:\WINDOWS\System32\byXRhfET.dll moved successfully. C:\WINDOWS\System32\yayxusRH.dll moved successfully. File move failed. C:\WINDOWS\System32\iifcBtUo.dll scheduled to be moved on reboot. File move failed. C:\WINDOWS\system32\iifcBtUo.dll scheduled to be moved on reboot. C:\Documents and Settings\Shady\Application Data\.17356192ABB8C36B.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.1735619272B730B3.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.173561926659B183.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.173561924A06AB74.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.173561924A06AB73.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.173561924A84BAF5.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.173561924A84BAF4.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.17356192D8910D51.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.17356192D8910D50.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.1735619206385595.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.17356192571BECEE.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.17356192859F7D89.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.17356192571BECED.sys moved successfully. C:\Documents and Settings\Shady\Application Data\.17356192EEEA39DE.sys moved successfully. ========== COMMANDS ========== Restore point Set: OTL Restore Point [EMPTYTEMP] User: Administrator ->Temp folder emptied: 9388045 bytes ->Temporary Internet Files folder emptied: 3441129 bytes ->FireFox cache emptied: 985299 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes User: Shady ->Temp folder emptied: 1050818225 bytes ->Temporary Internet Files folder emptied: 98864374 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 361549750 bytes ->Google Chrome cache emptied: 245490781 bytes ->Flash cache emptied: 34358 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 2972689 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 60248061 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 254571275 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 116611538 bytes Total Files Cleaned = 2.103,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 04062013_002616 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\system32\iifcBtUo.dll scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... _______________ To je sve. Izgleda da je očistio mnogo toga. :) [ kristi1 @ 06.04.2013. 09:25 ] @
Probaj sada da preuzmes i pokrenes Combofix.
[ Talino @ 06.04.2013. 20:02 ] @
Ne može.
[ kristi1 @ 06.04.2013. 20:39 ] @
Preuzmi odavde reimenovani Combofix i pokreni ga sa desktopa
http://www.speedyshare.com/uxcjp/svchost.exe Pre pokretanja iskljuci Antivirus. [ Talino @ 12.04.2013. 14:18 ] @
Piše: Failed - Network Error. Nekoliko puta sam pokušao.
Copyright (C) 2001-2024 by www.elitesecurity.org. All rights reserved.
|
