All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wwancfg deleted successfully. C:\Users\Palik\AppData\Local\Microsoft\Windows\3007\wwancfg.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-334412001-3445786627-2903519504-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Audio Device deleted successfully. C:\Users\Palik\AppData\Roaming\ahekoha.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-334412001-3445786627-2903519504-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully. Registry key HKEY_USERS\S-1-5-21-334412001-3445786627-2903519504-1000_Classes\.com\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-334412001-3445786627-2903519504-1000_Classes\ComFile\ not found. HKEY_LOCAL_MACHINE\Software\Classes\.com\\|comfile /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71C63272-91A7-436a-843D-A1C641D1C626}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71C63272-91A7-436a-843D-A1C641D1C626}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2419}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2419}\ not found. Registry key HKEY_USERS\S-1-5-21-334412001-3445786627-2903519504-1000\Software\Microsoft\Internet Explorer\SearchScopes\{71C63272-91A7-436a-843D-A1C641D1C626}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71C63272-91A7-436a-843D-A1C641D1C626}\ not found. Registry key HKEY_USERS\S-1-5-21-334412001-3445786627-2903519504-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2419}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2419}\ not found. Registry key HKEY_USERS\S-1-5-21-334412001-3445786627-2903519504-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. Prefs.js: "MyStart Search" removed from browser.search.defaultenginename Prefs.js: "http://mystart.incredibar.com/mb139/?loc=IB_DS&a=6OyGO2gZCR&&i=26&search=" removed from keyword.URL Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Service mlxuxnk stopped successfully! Service mlxuxnk deleted successfully! Service lmtoylhj stopped successfully! Service lmtoylhj deleted successfully! Service heuawd stopped successfully! Service heuawd deleted successfully! Service USBADVAU stopped successfully! Service USBADVAU deleted successfully! File system32\drivers\cm112.sys not found. Error: No service named mlxuxnk was found to stop! Service\Driver key mlxuxnk not found. Error: No service named lmtoylhj was found to stop! Service\Driver key lmtoylhj not found. Error: No service named heuawd was found to stop! Service\Driver key heuawd not found. ========== FILES ========== C:\Users\Palik\AppData\Local\Microsoft\Windows\3007 folder moved successfully. C:\Users\Palik\AppData\Roaming\hellomoto folder moved successfully. C:\Users\Palik\AppData\Roaming\dclogs folder moved successfully. C:\Users\Palik\AppData\Roaming\OpenCandy\OpenCandy_951B744108AA442093EDD5A6D043E05B folder moved successfully. C:\Users\Palik\AppData\Roaming\OpenCandy\951B744108AA442093EDD5A6D043E05B folder moved successfully. C:\Users\Palik\AppData\Roaming\OpenCandy folder moved successfully. C:\Users\Palik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum folder moved successfully. C:\Users\Palik\Desktop\Live Security Platinum.lnk moved successfully. C:\ProgramData\F4D55F17000170E5000B6B65570F1C8B folder moved successfully. C:\ProgramData\Premium\Setup folder moved successfully. C:\ProgramData\Premium folder moved successfully. C:\user.js moved successfully. C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml moved successfully. C:\Users\Palik\AppData\Roaming\Mozilla\Firefox\Profiles\6zzpnp0x.default\searchplugins\MyStart Search.xml moved successfully. C:\Users\Palik\AppData\Roaming\Mozilla\Firefox\Profiles\6zzpnp0x.default\searchplugins\Search_Results.xml moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum\ deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56466 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Palik ->Temp folder emptied: 179367574 bytes ->Temporary Internet Files folder emptied: 7189710 bytes ->Java cache emptied: 31333598 bytes ->FireFox cache emptied: 50479641 bytes ->Google Chrome cache emptied: 6704814 bytes ->Opera cache emptied: 51437412 bytes ->Flash cache emptied: 59826 bytes User: Public ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 41620 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 37132403 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 347,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07082012_115502 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...