All processes killed ========== OTL ========== Service SymIMMP stopped successfully! Service SymIMMP deleted successfully! File system32\DRIVERS\SymIM.sys not found. Service SymIM stopped successfully! Service SymIM deleted successfully! File system32\DRIVERS\SymIM.sys not found. Service h643331 stopped successfully! Service h643331 deleted successfully! File system32\drivers\h643331.sys not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\ComboFix\catchme.sys not found. Prefs.js: "http://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=PL&install_date=20110928&user_guid=A7FBF809972049B0AFE3456BE4A0A443&machine_id=c437cf59b372cb2fa5b510eff13fcc1b&browser=FF&os=win&os_version=6.0-x86-SP1" removed from browser.startup.homepage Prefs.js: "http://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=PL&install_date=20110928&user_guid=A7FBF809972049B0AFE3456BE4A0A443&machine_id=c437cf59b372cb2fa5b510eff13fcc1b&browser=FF&os=win&os_version=6.0-x86-SP1&q=" removed from keyword.URL Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. Registry key HKEY_USERS\S-1-5-21-3870238809-2345765574-931756263-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ not found. Registry key HKEY_USERS\S-1-5-21-3870238809-2345765574-931756263-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. Registry value HKEY_USERS\S-1-5-21-3870238809-2345765574-931756263-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cnhhndgtxvopbso deleted successfully. C:\ProgramData\cnhhndgt.exe moved successfully. C:\ProgramData\xabprqobxqdsion folder moved successfully. C:\ProgramData\asxkkvmgphmthpv moved successfully. C:\Users\terg\AppData\Roaming\Mozilla\Firefox\Profiles\tmgcf3dw.default\searchplugins\yahoo-zugo.xml moved successfully. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: terg ->Temp folder emptied: 65515169 bytes ->Temporary Internet Files folder emptied: 130344833 bytes ->Java cache emptied: 6147488 bytes ->FireFox cache emptied: 690474442 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 3537809 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 134253046 bytes RecycleBin emptied: 1461 bytes Total Files Cleaned = 983,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07182012_131722 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...