All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\crrss deleted successfully. C:\Windows\System32\crrss.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-412897267-3341309841-359887831-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SMBHelper deleted successfully. C:\Users\User\AppData\Local\Microsoft\Windows\4481\SMBHelper.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-412897267-3341309841-359887831-1000\Software\Microsoft\Windows\CurrentVersion\Run\\winlogon deleted successfully. C:\Users\User\winlogon.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Windows\system32\crrss.exe deleted successfully. File C:\Windows\System32\crrss.exe not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LogonInit\ deleted successfully. C:\Program Files\Common Files\logonInit.dll moved successfully. Service VBoxNetFlt stopped successfully! Service VBoxNetFlt deleted successfully! File system32\DRIVERS\VBoxNetFlt.sys not found. Service IntcAzAudAddService stopped successfully! Service IntcAzAudAddService deleted successfully! File system32\drivers\RTKVHDA.sys not found. Service gdrv stopped successfully! Service gdrv deleted successfully! File C:\Windows\gdrv.sys not found. Service EverestDriver stopped successfully! Service EverestDriver deleted successfully! File D:\Programy\EVEREST Home Edition\kerneld.wnt not found. ========== FILES ========== C:\Windows\System32\KBDPL4.dll moved successfully. C:\Windows\tasks\sdtdhmn.job moved successfully. C:\Users\User\AppData\Local\Microsoft\Windows\4481 folder moved successfully. C:\Users\User\AppData\Roaming\hellomoto folder moved successfully. C:\Users\User\uidsave.dat moved successfully. C:\Users\User\uz.dat moved successfully. [color=#A23BEC]< netsh advfirewall reset /C >[/color] Ok. D:\cmd.bat deleted successfully. D:\cmd.txt deleted successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\ not found. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: User ->Temp folder emptied: 1267587798 bytes ->Temporary Internet Files folder emptied: 107225085 bytes ->Java cache emptied: 57673874 bytes ->Opera cache emptied: 185437354 bytes ->Flash cache emptied: 1899798 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 113390636 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 116239 bytes RecycleBin emptied: 5726301024 bytes Total Files Cleaned = 7 114,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07062012_131536 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...