All processes killed ========== FILES ========== C:\WINDOWS\System32\winadm.exe moved successfully. C:\WINDOWS\System32\Regsvr16.exe moved successfully. C:\WINDOWS\System32\winprogdel.exe moved successfully. C:\WINDOWS\System32\comsysh.exe moved successfully. C:\WINDOWS\System32\Mswinmask32.dll moved successfully. C:\autorun.PNF moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\_winadm deleted successfully. Invalid CLSID key: _winadm ========== OTL ========== HKEY_LOCAL_MACHINE\Software\Classes\.exe\shell\open\command\\|"%1" %* /E : value set successfully! HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-1383899346-1881932254-3062596676-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found. Registry value HKEY_USERS\S-1-5-21-1383899346-1881932254-3062596676-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found. Registry value HKEY_USERS\S-1-5-21-1383899346-1881932254-3062596676-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{74A49269-9779-48B4-A0E6-3A5AF2A3ADE6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74A49269-9779-48B4-A0E6-3A5AF2A3ADE6}\ not found. Registry value HKEY_USERS\S-1-5-21-1383899346-1881932254-3062596676-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found. Registry value HKEY_USERS\S-1-5-21-1383899346-1881932254-3062596676-1009\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found. Registry value HKEY_USERS\S-1-5-21-1383899346-1881932254-3062596676-1009\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found. Starting removal of ActiveX control {0000000A-0000-0010-8000-00AA00389B71} C:\WINDOWS\Downloaded Program Files\WMAVAX.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0000000A-0000-0010-8000-00AA00389B71}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0000000A-0000-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0000000A-0000-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0000000A-0000-0010-8000-00AA00389B71}\ not found. Starting removal of ActiveX control {33564D57-0000-0010-8000-00AA00389B71} C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{33564D57-0000-0010-8000-00AA00389B71}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{33564D57-0000-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33564D57-0000-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy\ deleted successfully. Service SandraTheSrv stopped successfully! Service SandraTheSrv deleted successfully! ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYFLASH] User: All Users User: Default User User: LocalService User: NetworkService User: Roli ->Flash cache emptied: 613 bytes User: SmartShopper User: UpdatusUser Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 65984 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Roli ->Temp folder emptied: 1592685 bytes ->Temporary Internet Files folder emptied: 1245600 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 4110519 bytes ->Google Chrome cache emptied: 64591928 bytes ->Flash cache emptied: 0 bytes User: SmartShopper User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 3164499 bytes %systemroot%\System32 .tmp files removed: 190585117 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 17048 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 253,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 05082011_064609 Files\Folders moved on Reboot... Registry entries deleted on Reboot...