All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-1710393817-1163594516-1520260726-1003\Software\Microsoft\Windows\CurrentVersion\Run\\TSTheme deleted successfully. C:\Users\dom\AppData\Local\Microsoft\Windows\3952\TSTheme.exe moved successfully. Prefs.js: "Ask.com" removed from browser.search.defaultengine Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_USERS\S-1-5-21-1710393817-1163594516-1520260726-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry key HKEY_USERS\S-1-5-21-1710393817-1163594516-1520260726-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\Users\dom\AppData\Local\Temp\catchme.sys not found. Service VMC302 stopped successfully! Service VMC302 deleted successfully! File System32\Drivers\VMC302.sys not found. Service btwrchid stopped successfully! Service btwrchid deleted successfully! File system32\DRIVERS\btwrchid.sys not found. Service btwavdt stopped successfully! Service btwavdt deleted successfully! File system32\drivers\btwavdt.sys not found. Service btwaudio stopped successfully! Service btwaudio deleted successfully! File system32\drivers\btwaudio.sys not found. ========== FILES ========== C:\Users\dom\AppData\Local\Microsoft\Windows\3952 folder moved successfully. C:\Users\dom\AppData\Roaming\hellomoto folder moved successfully. C:\Users\dom\AppData\Roaming\OpenCandy\OpenCandy_E166F86C06B147E28A69F88EF218D080 folder moved successfully. C:\Users\dom\AppData\Roaming\OpenCandy folder moved successfully. C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\np67w0xo.default\searchplugins\askcom.xml moved successfully. C:\Program Files\Common Files\ApnToolbarInstaller.exe moved successfully. C:\Program Files\Common Files\ApnStub.exe moved successfully. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: dom ->Temp folder emptied: 259633 bytes ->Temporary Internet Files folder emptied: 15943623 bytes ->Java cache emptied: 1542696 bytes ->FireFox cache emptied: 289675615 bytes ->Google Chrome cache emptied: 16750852 bytes ->Opera cache emptied: 51294751 bytes ->Flash cache emptied: 10129473 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 368,00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07182012_165745 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...