:Commands [CreateRestorePoint] [Emptytemp] :OTL SRV:64bit: - [2015-08-19 09:57:32 | 007,743,472 | ---- | M] (Reimage®) [Disabled] -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe -- (ReimageRealTimeProtector) SRV:64bit: - [2013-09-07 01:33:10 | 000,527,360 | -HS- | M] () [Disabled] -- C:\Program Files\KMSpico\Service_KMS.exe -- (Service KMSELDI) SRV - [2016-01-31 00:03:02 | 000,000,000 | ---D | M] [Disabled] -- C:\Program Files (x86)\Google\Desktop\Install\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\ \...\? [WARNING: C:\Program Files (x86)\Google\Desktop\Install\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\ \...\?] -- (?etadpug) Google Update Service (gupdate) SRV - [2015-06-29 22:58:28 | 000,039,368 | ---- | M] (Optimal Software s.r.o.) [Disabled] -- C:\Program Files (x86)\Accelerer PC\SpeedCheckerService.exe -- (SCService) SRV - [2015-06-29 22:58:22 | 000,445,384 | ---- | M] (Optimal Software s.r.o.) [Disabled] -- C:\Program Files (x86)\Accelerer PC\PCSUService.exe -- (PCSUService) SRV - [2015-04-16 09:49:43 | 000,118,048 | ---- | M] (Elex do Brasil Participações Ltda) [Auto] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe -- (iSafeService) DRV:64bit: - [2015-09-10 02:55:42 | 000,067,976 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System] -- C:\Windows\System32\drivers\iSafeNetFilter.sys -- (iSafeNetFilter) DRV:64bit: - [2015-04-16 09:55:45 | 000,053,568 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | On_Demand] -- C:\Windows\System32\drivers\iSafeKrnlBoot.sys -- (iSafeKrnlBoot) DRV - [2015-09-11 10:56:04 | 000,103,904 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys -- (iSafeKrnlR3) DRV - [2015-08-20 04:10:09 | 000,061,832 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys -- (iSafeKrnlMon) DRV - [2015-08-20 04:10:08 | 000,110,112 | ---- | M] (Elex do Brasil Participações Ltda) [Kernel | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys -- (iSafeKrnlKit) DRV - [2015-05-14 04:50:13 | 000,260,856 | ---- | M] (Elex do Brasil Participações Ltda) [File_System | System] -- C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys -- (iSafeKrnl) O4 - HKU\VM_ON_C..\Run: [Google Update] C:\Users\VM\AppData\Local\Google\Desktop\Install\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\???\???\???\{54ea0dce-1abd-14d2-896b-1dd2ce562286}\GoogleUpdate.exe (RedShift IT SRL) O20 - HKU\VM_ON_C Winlogon: Shell - ("C:\Users\VM\AppData\Local\Temp\alvua.exe") - C:\Users\VM\AppData\Local\Temp\alvua.exe File not found MsConfig:64bit - StartUpReg: PCSpeedUp - hkey= - key= - C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe (Optimal Software s.r.o.) :Files C:\Users\VM\AppData\Roaming\hrt54is56ijfgte.exe C:\Users\VM\AppData\Roaming\ide56 C:\Users\VM\AppData\Roaming\Owtuqy C:\Users\VM\AppData\Roaming\Imzon C:\Users\VM\AppData\Roaming\Ilipy C:\Users\VM\Desktop\Emotet + Zbot C:\Users\VM\Documents\OneSafe PC Cleaner C:\Users\VM\AppData\Roaming\OneSafe PC Cleaner C:\Program Files\KMSpico C:\temp C:\Users\VM\Documents\PCSpeedUp C:\Program Files (x86)\Accelerer PC C:\Users\VM\Desktop\trojan C:\Users\VM\Desktop\pup C:\Users\VM\Desktop\trojan3 C:\Program Files\Reimage C:\rei C:\Program Files (x86)\HiDefMedia C:\Program Files (x86)\OneSafe PC Cleaner C:\Users\VM\AppData\Roaming\0C1F1L1G1L1B0R1P2X0S1M1T1C1P C:\Users\VM\Desktop\pup4 C:\Program Files (x86)\Elex-tech C:\Users\VM\AppData\Roaming\Elex-tech C:\Users\VM\AppData\Roaming\Uniblue C:\Program Files (x86)\Uniblue C:\Users\VM\Desktop\malware C:\Program Files (x86)\SearchProtect C:\Users\VM\Desktop\FFASKToolbarInstaller_ASK_tbr_1.6.2.0.exe C:\Users\VM\Desktop\SpeedUpMyPC-standalone-setup.exe C:\Windows\tasks\SpeedUpMyPC Startup.job C:\Windows\tasks\PC SpeedUp Service Deactivator.job C:\Users\VM\Desktop\OneSafe PC Cleaner.lnk C:\Users\VM\Desktop\Accelerer PC.lnk C:\Users\VM\AppData\Local\overhmacead.exe C:\Windows\tasks\SpeedUpMyPC Maintenance.job C:\Windows\Reimage.ini C:\Windows\tasks\ReimageUpdater.job C:\Users\VM\AppData\Local\{A7B1F934-B2CA-476D-934A-550FDE2C40E9} C:\Users\VM\Desktop\yet_another_cleaner_sfto.exe C:\Windows\SysWow64\pqcovwqpu.exe C:\Windows\SysWow64\kkmikegltyyzo.exe C:\Windows\SysWow64\lfgkzcaevqlq.exe C:\Windows\SysWow64\fgjgutmo.exe C:\Windows\SysWow64\uqoelieotttrpb.exe C:\Program Files (x86)\Google\Desktop C:\Users\VM\AppData\Local\Google\Desktop