All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9C4C973-0779-4094-98BE-89732F6D61CC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9C4C973-0779-4094-98BE-89732F6D61CC}\ not found. Registry key HKEY_USERS\S-1-5-21-2280519345-1645989171-1106866036-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry key HKEY_USERS\S-1-5-21-2280519345-1645989171-1106866036-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}\ not found. Registry key HKEY_USERS\S-1-5-21-2280519345-1645989171-1106866036-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E9C4C973-0779-4094-98BE-89732F6D61CC}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9C4C973-0779-4094-98BE-89732F6D61CC}\ not found. Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "http://pl.v9.com/?utm_source=b&utm_medium=vlt" removed from browser.startup.homepage Prefs.js: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC&o=15000&locale=en_US&apn_uid=64914075-9D17-4E8B-A12E-705E7A1BB6B6&apn_ptnrs=PV&apn_sauid=0595726D-FCCE-4B12-8941-0CD67D48CDF0&apn_dtid=&q=" removed from keyword.URL C:\Users\Emil Walczak\AppData\Roaming\Mozilla\Firefox\Profiles\2v699cbx.default\searchplugins\askcom.xml moved successfully. C:\Users\Emil Walczak\AppData\Roaming\Mozilla\Firefox\Profiles\2v699cbx.default\searchplugins\daemon-search.xml moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\v9.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-2280519345-1645989171-1106866036-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. C:\Users\Emil Walczak\AppData\Local\Temp\ptqlhchbya.exe moved successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Emil Walczak ->Temp folder emptied: 450434 bytes ->Temporary Internet Files folder emptied: 8596720 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 41631954 bytes ->Google Chrome cache emptied: 114620520 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 992 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 51640 bytes RecycleBin emptied: 4229232 bytes Total Files Cleaned = 162,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07102012_201623 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...