All processes killed ========== SERVICES/DRIVERS ========== Service wxpdrivers stopped successfully! Service wxpdrivers deleted successfully! ========== FILES ========== C:\Windows\update.1 folder moved successfully. C:\Windows\update.tray-15-0 folder moved successfully. C:\Windows\update.tray-15-0-lnk folder moved successfully. C:\Windows\update.tray-2-0 folder moved successfully. C:\Windows\update.tray-2-0-lnk folder moved successfully. C:\Windows\update.tray-7-0 folder moved successfully. C:\Windows\update.tray-7-0-lnk folder moved successfully. C:\Windows\av_ico folder moved successfully. C:\Windows\loader2.exe_ok moved successfully. C:\Windows\services32.exe moved successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Defender.lnk moved successfully. C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\nurkmb04.default\extensions\vshare@toolbar\modules folder moved successfully. C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\nurkmb04.default\extensions\vshare@toolbar\locale\en-US folder moved successfully. C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\nurkmb04.default\extensions\vshare@toolbar\locale folder moved successfully. C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\nurkmb04.default\extensions\vshare@toolbar\components folder moved successfully. C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\nurkmb04.default\extensions\vshare@toolbar\chrome folder moved successfully. C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\nurkmb04.default\extensions\vshare@toolbar folder moved successfully. C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\nurkmb04.default\searchplugins\web-search.xml moved successfully. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers\ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\"AlternateShell"|"cmd.exe" /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\6769972.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\980570.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\tray_ico0 deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\avast5 deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\egui deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\\EnableLUA deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2\ deleted successfully. ========== OTL ========== Prefs.js: "Web Search..." removed from browser.search.defaultenginename Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems Prefs.js: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" removed from keyword.URL ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User: Default User User: hp ->Flash cache emptied: 644 bytes User: Public Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: hp ->Temp folder emptied: 517889 bytes ->Temporary Internet Files folder emptied: 363611 bytes ->FireFox cache emptied: 44599520 bytes ->Google Chrome cache emptied: 594288 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 214555356 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 294912 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 249,00 mb OTL by OldTimer - Version 3.2.26.1 log created on 08032011_192442 Files\Folders moved on Reboot... Registry entries deleted on Reboot...