All processes killed ========== OTL ========== Prefs.js: "Web Search" removed from browser.search.defaultengine Prefs.js: "Search" removed from browser.search.defaultenginename Prefs.js: "Web Search" removed from browser.search.order.1 Prefs.js: "http://isearch.avg.com/search?cid=%7B5aba5e7d-9ef3-4fee-815b-e8a1bb05d39d%7D&mid=f4fc5acefe3747d09fd981ac0f7119ec-a8fce5cacd5f7a9b0ce4a505afc408dde784e030&ds=yu011&v=11.1.0.12&lang=en&pr=sa&d=2012-07-07%2014%3A10%3A25&sap=ku&q=" removed from keyword.URL Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E267BC69-3070-49BE-90F8-768356B0DE89}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E267BC69-3070-49BE-90F8-768356B0DE89}\ not found. HKU\S-1-5-21-515967899-1177238915-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-515967899-1177238915-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-515967899-1177238915-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{15FC327B-42B9-4787-9013-92F5740B864F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15FC327B-42B9-4787-9013-92F5740B864F}\ not found. Registry key HKEY_USERS\S-1-5-21-515967899-1177238915-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{7BE6F2BD-0EA5-42B2-9431-31F079DFCB1D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7BE6F2BD-0EA5-42B2-9431-31F079DFCB1D}\ not found. Registry key HKEY_USERS\S-1-5-21-515967899-1177238915-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-515967899-1177238915-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{ADBEEF54-B58E-49EF-B1F8-ABA490F2D242}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADBEEF54-B58E-49EF-B1F8-ABA490F2D242}\ not found. Registry key HKEY_USERS\S-1-5-21-515967899-1177238915-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{C54B14AF-202C-411E-B30F-8CE357E64B89}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C54B14AF-202C-411E-B30F-8CE357E64B89}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8feef751-fa3e-121f-b300-285a7df4fc62}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8feef751-fa3e-121f-b300-285a7df4fc62}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\winipsec deleted successfully. C:\Documents and Settings\QUO\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3827\winipsec.exe moved successfully. Service SenFiltService stopped successfully! Service SenFiltService deleted successfully! File system32\drivers\Senfilt.sys not found. Service gdrv stopped successfully! Service gdrv deleted successfully! File C:\WINDOWS\gdrv.sys not found. Service AEAudioService stopped successfully! Service AEAudioService deleted successfully! File system32\drivers\AEAudio.sys not found. Service ADIHdAudAddService stopped successfully! Service ADIHdAudAddService deleted successfully! File system32\drivers\ADIHdAud.sys not found. ========== FILES ========== C:\Documents and Settings\QUO\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\3827 folder moved successfully. C:\Documents and Settings\QUO\Dane aplikacji\hellomoto folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\529C54410000255F00011FB58DB91C90 folder moved successfully. C:\Documents and Settings\QUO\Dane aplikacji\Mozilla\Firefox\Profiles\hfbqm4pi.default\searchplugins\funmoods.xml moved successfully. C:\Documents and Settings\QUO\Dane aplikacji\Mozilla\Firefox\Profiles\hfbqm4pi.default\searchplugins\startsear.xml moved successfully. C:\Program Files\Mozilla Firefox\extensions\{1224d315-d34b-45e0-e765-3f803cb700b5}\components folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{1224d315-d34b-45e0-e765-3f803cb700b5}\chrome folder moved successfully. C:\Program Files\Mozilla Firefox\extensions\{1224d315-d34b-45e0-e765-3f803cb700b5} folder moved successfully. [color=#A23BEC]< netsh firewall reset /C >[/color] Ok. C:\Documents and Settings\QUO\Moje dokumenty\Pobieranie\cmd.bat deleted successfully. C:\Documents and Settings\QUO\Moje dokumenty\Pobieranie\cmd.txt deleted successfully. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{A4DFA78C-6FBC-42C2-967F-92B8EADB7503}" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{A4DFA78C-6FBC-42C2-967F-92B8EADB7503}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: QUO ->Temp folder emptied: 1167530 bytes ->Temporary Internet Files folder emptied: 33366 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 88775190 bytes ->Google Chrome cache emptied: 0 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 1093 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 106626 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 86,00 mb OTL by OldTimer - Version 3.2.54.1 log created on 07262012_132614 Files\Folders moved on Reboot... C:\WINDOWS\temp\Perflib_Perfdata_310.dat moved successfully. PendingFileRenameOperations files... File C:\WINDOWS\temp\Perflib_Perfdata_310.dat not found! Registry entries deleted on Reboot...