All processes killed ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2\ deleted successfully. ========== OTL ========== Registry key HKEY_USERS\S-1-5-21-730641660-455201627-3786116511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ not found. Registry key HKEY_USERS\S-1-5-21-730641660-455201627-3786116511-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9FB59279-E5BD-4C5C-92AC-AE029564EAC4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FB59279-E5BD-4C5C-92AC-AE029564EAC4}\ not found. Registry value HKEY_USERS\S-1-5-21-730641660-455201627-3786116511-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\ not found. Registry value HKEY_USERS\S-1-5-21-730641660-455201627-3786116511-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_USERS\S-1-5-21-730641660-455201627-3786116511-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7473B6BD-4691-4744-A82B-7854EB3D70B6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. C:\ProgramData\drqgjtexqinpfel folder moved successfully. C:\ProgramData\gjmbyyccivwqeft moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Jola ->Temp folder emptied: 9123464 bytes ->Temporary Internet Files folder emptied: 7497271 bytes ->Java cache emptied: 28391 bytes ->FireFox cache emptied: 73580606 bytes ->Google Chrome cache emptied: 5050736 bytes ->Flash cache emptied: 712 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1248 bytes RecycleBin emptied: 49512345 bytes Total Files Cleaned = 138,00 mb OTL by OldTimer - Version 3.2.68.0 log created on 09262012_175851 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...