All processes killed ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Iwawcuyfte deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ deleted successfully. ========== FILES ========== [color=#A23BEC]< netsh firewall reset /C >[/color] OK. C:\Documents and Settings\Administrator\Desktop\cmd.bat deleted successfully. C:\Documents and Settings\Administrator\Desktop\cmd.txt deleted successfully. C:\Documents and Settings\All Users\Desktop\eBay Startseite.lnk moved successfully. C:\Documents and Settings\Administrator\Desktop\Continue SweetIM Installation.lnk moved successfully. C:\Documents and Settings\Administrator\Dati applicazioni\OpenCandy\OpenCandy_19CA20D54AD04C61A1683CF44F8DF9A9 folder moved successfully. C:\Documents and Settings\Administrator\Dati applicazioni\OpenCandy folder moved successfully. ========== OTL ========== zskbdrva removed from NetSvcs value successfully! Service zskbdrva stopped successfully! Service zskbdrva deleted successfully! Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\WINDOWS\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\catchme.sys not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 1959923 bytes ->Temporary Internet Files folder emptied: 117724279 bytes ->Java cache emptied: 1495681 bytes ->Google Chrome cache emptied: 6283294 bytes ->Flash cache emptied: 3941616 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 49286 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2114303 bytes %systemroot%\System32 .tmp files removed: 2885 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 185794 bytes RecycleBin emptied: 274869 bytes Total Files Cleaned = 128,00 mb OTL by OldTimer - Version 3.2.49.0 log created on 06062012_133845 Files\Folders moved on Reboot... C:\WINDOWS\temp\Perflib_Perfdata_ae8.dat moved successfully. Registry entries deleted on Reboot...