All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartNowToolbarHelper deleted successfully. Registry value HKEY_USERS\S-1-5-21-1012394498-1027069046-621167509-1000\Software\Microsoft\Windows\CurrentVersion\Run\\qfymminqwwhscdw deleted successfully. C:\ProgramData\qfymminq.exe moved successfully. C:\ProgramData\lssuuvvywrarjzr folder moved successfully. C:\ProgramData\okolnatdoejwewz moved successfully. File C:\ProgramData\qfymminq.exe not found. C:\Users\Karlajna\ms.exe moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com\content folder moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com\components folder moved successfully. C:\Users\Karlajna\AppData\Roaming\mozilla\Firefox\Profiles\dgx110ly.default\extensions\ffxtlbr@babylon.com folder moved successfully. C:\Users\Karlajna\AppData\Roaming\Mozilla\Firefox\Profiles\dgx110ly.default\searchplugins\aol-web-search.xml moved successfully. C:\Users\Karlajna\AppData\Roaming\Mozilla\Firefox\Profiles\dgx110ly.default\searchplugins\conduit.xml moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully. Prefs.js: "AOL Web Search" removed from browser.search.defaultenginename Prefs.js: "SFT_eng7 Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110909123705872&tb_oid=09-09-2011&tb_mrud=09-09-2011&query=" removed from browser.search.defaulturl Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3031607&SearchSource=2&q=" removed from keyword.URL Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. Registry key HKEY_USERS\S-1-5-21-1012394498-1027069046-621167509-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ not found. Registry key HKEY_USERS\S-1-5-21-1012394498-1027069046-621167509-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-1012394498-1027069046-621167509-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_USERS\S-1-5-21-1012394498-1027069046-621167509-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76577871-04EC-495E-A12B-91F7C3600AFA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ not found. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{09A2470F-C472-49DF-B7EA-4E963F06C0B2}" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{09A2470F-C472-49DF-B7EA-4E963F06C0B2}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Karlajna ->Temp folder emptied: 102010087 bytes ->Temporary Internet Files folder emptied: 498021103 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 73141225 bytes ->Flash cache emptied: 35715 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 160017889 bytes RecycleBin emptied: 510514 bytes Total Files Cleaned = 795,00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07132012_203117 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...