All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Yfyzohoh deleted successfully. C:\Users\Romek\AppData\Roaming\Ozatq\ykitz.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\7531CC920056590E48AB4201F875F002 deleted successfully. C:\ProgramData\7531CC920056590E48AB4201F875F002\7531CC920056590E48AB4201F875F002.exe moved successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully. ========== FILES ========== C:\ProgramData\7531CC920056590E48AB4201F875F002 folder moved successfully. C:\Users\Romek\AppData\Roaming\Zuxe folder moved successfully. C:\Users\Romek\AppData\Roaming\Ucmovy folder moved successfully. C:\Users\Romek\AppData\Roaming\Ozatq folder moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Romek ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 38204 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.59.1 log created on 09012012_092229 Files\Folders moved on Reboot... C:\Users\Romek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...