All processes killed ========== FILES ========== C:\Documents and Settings\ADMIN\Dane aplikacji\Media Finder\Temp folder moved successfully. C:\Documents and Settings\ADMIN\Dane aplikacji\Media Finder\Extensions folder moved successfully. C:\Documents and Settings\ADMIN\Dane aplikacji\Media Finder folder moved successfully. C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\r95g1c2b.default\searchplugins\conduit.xml moved successfully. C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\r95g1c2b.default\searchplugins\web-search.xml moved successfully. C:\Program Files\mozilla firefox\searchplugins\babylon.xml moved successfully. [color=#A23BEC]< rd /s /q C:\RECYCLER /C >[/color] C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.bat deleted successfully. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.txt deleted successfully. [color=#A23BEC]< rd /s /q D:\RECYCLER /C >[/color] C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.bat deleted successfully. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.txt deleted successfully. [color=#A23BEC]< rd /s /q F:\Recycled /C >[/color] C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.bat deleted successfully. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.txt deleted successfully. [color=#A23BEC]< rd /s /q F:\RECYCLER /C >[/color] C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.bat deleted successfully. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.txt deleted successfully. [color=#A23BEC]< rd /s /q F:\$RECYCLE.BIN /C >[/color] C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.bat deleted successfully. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.txt deleted successfully. [color=#A23BEC]< rd /s /q F:\found.000 /C >[/color] C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.bat deleted successfully. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.txt deleted successfully. [color=#A23BEC]< attrib /d /s -s -h F:\* /C >[/color] Nie moľna odnale«† ˜cieľki - F:\. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.bat deleted successfully. C:\Documents and Settings\ADMIN\Pulpit\logi itd dysk\cmd.txt deleted successfully. File\Folder F:\*.lnk not found. File\Folder F:\*.exe not found. ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKU\S-1-5-21-2000478354-1677128483-1801674531-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-2000478354-1677128483-1801674531-500\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ not found. Registry key HKEY_USERS\S-1-5-21-2000478354-1677128483-1801674531-500\Software\Microsoft\Internet Explorer\SearchScopes\{33D59858-89D9-4AC2-A956-93875EB02323}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33D59858-89D9-4AC2-A956-93875EB02323}\ not found. Prefs.js: "Reganam Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1601497&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "LocalStrike Search" removed from browser.search.selectedEngine Prefs.js: "http://search.babylon.com/?babsrc=SP_ss&mntrId=acd31bb1000000000000001e8c85ec06&tlver=1.4.19.19&instlRef=sst&affID=17160&q=" removed from keyword.URL Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/BILLARD8,version=1.0\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/DARTS,version=1.0\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/MAHJONG,version=1.0\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/PIRATE,version=1.0\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/BILLARD8,version=1.0\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/DARTS,version=1.0\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/MAHJONG,version=1.0\ not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ganymede/PIRATE,version=1.0\ not found. Registry value HKEY_USERS\S-1-5-21-2000478354-1677128483-1801674531-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-2000478354-1677128483-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Run\\Media Finder deleted successfully. Registry value HKEY_USERS\S-1-5-21-2000478354-1677128483-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Run\\MediaGet2 deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}\ deleted successfully. File C:\Documents and Settings\ADMIN\Dane aplikacji\Media Finder\Extensions\gencrawler_gc.dll not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksport do programu Microsoft Excel\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Funkcja Google Sidewiki\ deleted successfully. Error: No service named GEARAspiWDM was found to stop! Service\Driver key GEARAspiWDM not found. File system32\DRIVERS\GEARAspiWDM.sys not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\DOCUME~1\ADMIN\USTAWI~1\Temp\catchme.sys not found. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: ADMIN ->Temp folder emptied: 101798604 bytes ->Temporary Internet Files folder emptied: 31151641 bytes ->Java cache emptied: 5323201 bytes ->FireFox cache emptied: 43088654 bytes ->Google Chrome cache emptied: 273010659 bytes ->Flash cache emptied: 37227 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56475 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 32969 bytes ->FireFox cache emptied: 3939916 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 13714724 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 5761065 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 456,00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07262012_181709 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...