All processes killed ========== OTL ========== Prefs.js: "ooVoo Video Chat Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1572363&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "ooVoo Video Chat Customized Web Search" removed from browser.search.selectedEngine Prefs.js: engine@conduit.com:3.2.1.3 removed from extensions.enabledItems Prefs.js: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.1.3 removed from extensions.enabledItems Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\3X1U3G4C4CUF8G5DPYK deleted successfully. C:\svchost\3D1A36425D5.exe moved successfully. ========== FILES ========== C:\svchost folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: user ->Temp folder emptied: 3953048 bytes ->Temporary Internet Files folder emptied: 32902 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 5893375 bytes ->Google Chrome cache emptied: 8436464 bytes ->Flash cache emptied: 405 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16384 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 18,00 mb OTL by OldTimer - Version 3.2.59.1 log created on 08312012_081408 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot. File move failed. C:\WINDOWS\temp\Perflib_Perfdata_604.dat scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...