All processes killed
========== OTL ==========
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "http://zinkwink.com/?clid=bcffa60b7dec4d1fbc122345283dd23c&prt=corsairzwbho&tmp=nemo_results&keywords=" removed from keyword.URL
Registry value HKEY_USERS\S-1-5-21-1960408961-1972579041-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B4FBA8C3-2083-4ED8-A35B-148478739826} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4FBA8C3-2083-4ED8-A35B-148478739826}\ not found.
C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\searchplugins\sweetim.xml moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\InstallMate\{AC190791-6385-1CA8-1E15-DDBD987A1E31}\285D27C73E8C943C folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\InstallMate\{AC190791-6385-1CA8-1E15-DDBD987A1E31} folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\InstallMate folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Premium\Setup folder moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\Premium folder moved successfully.
Service PCAMPR5 stopped successfully!
Service PCAMPR5 deleted successfully!
File C:\WINDOWS\system32\PCAMPR5.SYS not found.
Service ISODrive stopped successfully!
Service ISODrive deleted successfully!
File D:\Program Files\UltraISO\drivers\ISODrive.sys not found.
Service hwdatacard stopped successfully!
Service hwdatacard deleted successfully!
File system32\DRIVERS\ewusbmdm.sys not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Krystian
->Temp folder emptied: 596978834 bytes
->Temporary Internet Files folder emptied: 5266703 bytes
->Java cache emptied: 7512553 bytes
->FireFox cache emptied: 72749717 bytes
->Flash cache emptied: 47471250 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352022 bytes
%systemroot%\System32 .tmp files removed: 7150 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81920 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 699,00 mb
 
 
OTL by OldTimer - Version 3.2.53.1 log created on 07102012_144822

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
[2012-07-10 14:50:27 | 000,000,000 | ---- | M] () C:\WINDOWS\temp\_avast5_\Webshlock.txt : Unable to obtain MD5

Registry entries deleted on Reboot...