All processes killed ========== OTL ========== Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0395030-A627-48A4-8A51-76F0998D5BB0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A0395030-A627-48A4-8A51-76F0998D5BB0}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\tdonpqqgxlxzohw deleted successfully. C:\ProgramData\tdonpqqg.exe moved successfully. C:\ProgramData\oqivtdyoxkqyzdr folder moved successfully. C:\ProgramData\viemmiwtpxzzuaz moved successfully. C:\Users\Radek\0.5665367227818316.exe moved successfully. Service PEVSystemStart stopped successfully! Service PEVSystemStart deleted successfully! C:\ComboFix\pev.3XE moved successfully. Service catchme stopped successfully! Service catchme deleted successfully! C:\Users\Radek\AppData\Local\Temp\catchme.sys moved successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{70D3CC41-2865-4E25-8554-BDE797B834FE}" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{70D3CC41-2865-4E25-8554-BDE797B834FE}" /E : value set successfully! Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Radek ->Temp folder emptied: 1439125128 bytes ->Temporary Internet Files folder emptied: 599433659 bytes ->Java cache emptied: 57830493 bytes ->Flash cache emptied: 68795 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 247523134 bytes RecycleBin emptied: 51976 bytes Total Files Cleaned = 2 235,00 mb OTL by OldTimer - Version 3.2.54.1 log created on 07262012_180557 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...