All processes killed ========== COMMANDS ========== Restore point Set: OTL Restore Point ========== OTL ========== Service WDICA stopped successfully! Service WDICA deleted successfully! Service PDRFRAME stopped successfully! Service PDRFRAME deleted successfully! Service PDRELI stopped successfully! Service PDRELI deleted successfully! Service PDFRAME stopped successfully! Service PDFRAME deleted successfully! Service PDCOMP stopped successfully! Service PDCOMP deleted successfully! Service PCIDump stopped successfully! Service PCIDump deleted successfully! Service lbrtfdc stopped successfully! Service lbrtfdc deleted successfully! Service i2omgmt stopped successfully! Service i2omgmt deleted successfully! Service Changer stopped successfully! Service Changer deleted successfully! Service catchme stopped successfully! Service catchme deleted successfully! File C:\ComboFix\catchme.sys not found. Error: Unable to stop service amsint32! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amsint32 deleted successfully. File C:\WINDOWS\system32\drivers\utrnn.sys not found. ========== FILES ========== File\Folder [2017-10-07 11:59:37 | 000,000,000 | ---D | C] -- C:\b3a27ecc04d5882eee511fb3 not found. File\Folder [2017-10-08 16:27:51 | 000,103,140 | ---- | M] () -- C:\ndgx.exe not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_AMSINT32\ not found. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\amsint32\ not found. HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\amsint32\\"Authentication Packages"|hex(7):6d,73,76,31,5f,30,00,00 /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP not found. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User User: Gebruiker User: LocalService User: NetworkService Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Gebruiker ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 5276173 bytes ->Google Chrome cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2351678 bytes %systemroot%\System32 .tmp files removed: 2845 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 290 bytes Total Files Cleaned = 7,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10122017_170053 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...