All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinSCard deleted successfully. C:\Users\Bartek\AppData\Local\Microsoft\Windows\2225\WinSCard.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7B664DF-3AF9-4C8E-8148-F42BB7831D27}\ not found. File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. ========== FILES ========== C:\Users\Bartek\AppData\Local\Microsoft\Windows\2225 folder moved successfully. C:\Users\Bartek\AppData\Roaming\hellomoto folder moved successfully. C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\a4m52e0v.default\searchplugins\daemon-search.xml moved successfully. C:\Users\Bartek\AppData\Local\TempeV3784.html moved successfully. C:\Users\Bartek\AppData\Local\TempIXe804.html moved successfully. C:\Users\Bartek\AppData\Local\TempjN1188.html moved successfully. C:\Users\Bartek\AppData\Local\TempOW3340.html moved successfully. C:\Users\Bartek\AppData\Local\TempvF2260.html moved successfully. C:\Users\Bartek\AppData\Local\TempvS2880.html moved successfully. C:\Users\Bartek\AppData\Local\TempWr2260.html moved successfully. ========== SERVICES/DRIVERS ========== Error: No service named Catchme was found to stop! Service\Driver key Catchme not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Bartek ->Temp folder emptied: 343231 bytes ->Temporary Internet Files folder emptied: 25127613 bytes ->Java cache emptied: 7607979 bytes ->FireFox cache emptied: 195851397 bytes ->Google Chrome cache emptied: 25907562 bytes ->Flash cache emptied: 14636 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 524288 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 244,00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07132012_175543 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...