All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1495B365-273C-4677-9384-4FE904E11572}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1495B365-273C-4677-9384-4FE904E11572}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1495B365-273C-4677-9384-4FE904E11572}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1495B365-273C-4677-9384-4FE904E11572}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{77131D86-49D5-42BA-9F7C-BD9196B83691}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77131D86-49D5-42BA-9F7C-BD9196B83691}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ECFE5DAF-F50E-43AC-A3E4-7A8C1EF308FE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECFE5DAF-F50E-43AC-A3E4-7A8C1EF308FE}\ not found. Registry key HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}\ deleted successfully. C:\Program Files (x86)\DealPly\DealPlyIE.dll moved successfully. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\A4786424 deleted successfully. C:\Users\Toshiba\AppData\Roaming\A4786424.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\falcon deleted successfully. C:\Windows\SysWOW64\87p3MrKn.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateShield deleted successfully. C:\Windows\SysWOW64\r2c\mirc.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VVSN deleted successfully. C:\Program Files (x86)\VVSN\VVSN.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update deleted successfully. C:\Program Files (x86)\Common Files\System\win32.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\A4786424 deleted successfully. File C:\Users\Toshiba\AppData\Roaming\A4786424.exe not found. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Carup deleted successfully. C:\Users\Toshiba\AppData\Roaming\Eqby\xiofi.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ChomikBox deleted successfully. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\IniciarProgramas deleted successfully. C:\Windows\system\run.bat moved successfully. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Mnamay deleted successfully. C:\Users\Toshiba\AppData\Roaming\Mnamay.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\A4786424 deleted successfully. File C:\Users\Toshiba\AppData\Roaming\A4786424.exe not found. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\A4786424 deleted successfully. File C:\Users\Toshiba\AppData\Roaming\A4786424.exe not found. c:\Windows\SysWOW64\Explorer\scvhost.exe moved successfully. 64bit-Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Run:c:\windows\syswow64\explorer\scvhost.exe deleted successfully. File c:\Windows\SysWOW64\Explorer\scvhost.exe not found. Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Run:c:\windows\syswow64\explorer\scvhost.exe deleted successfully. Registry value HKEY_USERS\S-1-5-21-2754264385-1261652437-1540506145-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ deleted successfully. Service Sshdaemon stopped successfully! Service Sshdaemon deleted successfully! C:\Windows\SysWOW64\Ji9Tf6jV.exe moved successfully. Service BannerBlocker2 stopped successfully! Service BannerBlocker2 deleted successfully! C:\Windows\SysWOW64\adblock.exe moved successfully. Service ssv stopped successfully! Service ssv deleted successfully! C:\Windows\SysWOW64\inetcfg\sd.exe moved successfully. Service lsass stopped successfully! Service lsass deleted successfully! File C:\Windows\SysWOW64\inetcfg\sd.exe not found. ========== FILES ========== C:\Windows\SysWow64\wmpktb32.exe moved successfully. C:\Windows\SysWow64\8rHvBLjB.exe moved successfully. C:\Windows\SysWow64\Explorer\download folder moved successfully. C:\Windows\SysWow64\Explorer folder moved successfully. C:\Windows\SysWow64\inetcfg\pax folder moved successfully. C:\Windows\SysWow64\inetcfg folder moved successfully. C:\Windows\SysWow64\r2c\sounds folder moved successfully. C:\Windows\SysWow64\r2c\logs folder moved successfully. C:\Windows\SysWow64\r2c\download folder moved successfully. C:\Windows\SysWow64\r2c\channels folder moved successfully. C:\Windows\SysWow64\r2c folder moved successfully. C:\Windows\SysWow64\logs folder moved successfully. C:\Windows\SysWow64\inst.bat moved successfully. C:\Windows\SysWow64\libcurl-4.dll moved successfully. C:\Windows\SysWow64\libidn-11.dll moved successfully. C:\Windows\SysWow64\librtmp.dll moved successfully. C:\Windows\SysWow64\zlib1.dll moved successfully. C:\Windows\SysWow64\libgcc_s_dw2-1.dll moved successfully. C:\Windows\SysWow64\mingwm10.dll moved successfully. C:\Windows\SysWow64\adnav.exe moved successfully. C:\Windows\SysWow64\adstop.exe moved successfully. C:\Windows\SysWow64\ltserial.dll moved successfully. C:\Windows\System\system.lg moved successfully. C:\Windows\System\system.lg.2013-05-14 moved successfully. C:\Windows\System\system.lg.2013-05-21 moved successfully. C:\Windows\System\system.xdcc moved successfully. C:\Windows\System\system.state moved successfully. C:\Windows\System\system.xdcc~ moved successfully. C:\Windows\System\system.state~ moved successfully. C:\Windows\System\lsass.dll moved successfully. C:\Windows\System\svchost.dll moved successfully. C:\Windows\System\cygwin1.dll moved successfully. C:\Windows\System\cygiconv-2.dll moved successfully. C:\Windows\System\cygcrypto-0.9.8.dll moved successfully. C:\Windows\System\cygruby18.dll moved successfully. C:\Windows\System\cyggnutls-26.dll moved successfully. C:\Windows\System\cyggcrypt-11.dll moved successfully. C:\Windows\System\cygcurl-4.dll moved successfully. C:\Windows\System\cygssl-0.9.8.dll moved successfully. C:\Windows\System\cygidn-11.dll moved successfully. C:\Windows\System\cygssh2-1.dll moved successfully. C:\Windows\System\cygz.dll moved successfully. C:\Windows\System\cygtasn1-3.dll moved successfully. C:\Windows\System\cyggcc_s-1.dll moved successfully. C:\Windows\System\cygintl-8.dll moved successfully. C:\Windows\System\cygGeoIP-1.dll moved successfully. C:\Windows\System\cyggpg-error-0.dll moved successfully. C:\Windows\System\cygcrypt-0.dll moved successfully. C:\Users\Toshiba\AppData\Local\Lollipop folder moved successfully. C:\Users\Toshiba\AppData\Roaming\5385.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\5F45.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\6A17.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\6A38.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\F3E8.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\FE7.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\inst.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\BabSolution\Shared folder moved successfully. C:\Users\Toshiba\AppData\Roaming\BabSolution\CR folder moved successfully. C:\Users\Toshiba\AppData\Roaming\BabSolution folder moved successfully. C:\Users\Toshiba\AppData\Roaming\DealPly\UpdateProc folder moved successfully. C:\Users\Toshiba\AppData\Roaming\DealPly folder moved successfully. C:\Users\Toshiba\AppData\Roaming\Eqby folder moved successfully. C:\Users\Toshiba\AppData\Roaming\Ifdat folder moved successfully. C:\Users\Toshiba\AppData\Roaming\Ocuwpy folder moved successfully. C:\Users\Toshiba\AppData\Roaming\PerformerSoft folder moved successfully. C:\Users\Toshiba\AppData\Roaming\Systweak folder moved successfully. C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\A4786424.exe moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\A4786424.exe moved successfully. C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly folder moved successfully. C:\ProgramData\IBUpdaterService folder moved successfully. C:\Program Files (x86)\DealPly folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\searchplugins folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\plugins folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\{8e104e0e-7e23-fd4e-f8f6-706904ea78a5}\components folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\{8e104e0e-7e23-fd4e-f8f6-706904ea78a5}\chrome folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\{8e104e0e-7e23-fd4e-f8f6-706904ea78a5} folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully. C:\Program Files (x86)\Mozilla Firefox folder moved successfully. C:\Program Files (x86)\VVSN\URL1 folder moved successfully. C:\Program Files (x86)\VVSN folder moved successfully. C:\Windows\tasks\Lyrmix Update.job moved successfully. C:\Windows\tasks\DSite.job moved successfully. C:\Windows\tasks\ROC_JAN2013_TB_rmv.job moved successfully. [color=#A23BEC]< netsh advfirewall reset /C >[/color] Ok. C:\Users\Toshiba\Downloads\cmd.bat deleted successfully. C:\Users\Toshiba\Downloads\cmd.txt deleted successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\"BootExecute"|hex(7):"autocheck autochk *" /E : value set successfully! Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Mozilla\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\mozilla.org\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: CURRENT_USER User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 58264 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Toshiba ->Temp folder emptied: 2628536865 bytes ->Temporary Internet Files folder emptied: 587684540 bytes ->Java cache emptied: 7526081 bytes ->Google Chrome cache emptied: 377333419 bytes ->Flash cache emptied: 8188429 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 4293560 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 55532819 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes RecycleBin emptied: 2160068405 bytes Total Files Cleaned = 5 559,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05252013_162553 Files\Folders moved on Reboot... C:\Users\Toshiba\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Toshiba\AppData\Local\Temp\REG1AC0.tmp moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XIPFARDR\afdwidget[4].htm moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XIPFARDR\tlbr[1].htm moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPUN4D4C\index[3].htm moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPUN4D4C\inp_14[1].html moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPUN4D4C\storageiframemanager[2].htm moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7I2QA06\storageiframemanager[2].htm moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1LBU6TB\mnu[1].htm moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1LBU6TB\rd[1].htm moved successfully. C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1LBU6TB\st[3].htm moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...