All processes killed ========== OTL ========== Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "www.v9.com/vlt/vlt_1329126746_587505" removed from browser.startup.homepage Registry key HKEY_USERS\S-1-5-21-1417001333-1284227242-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry key HKEY_USERS\S-1-5-21-1417001333-1284227242-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry value HKEY_USERS\S-1-5-21-1417001333-1284227242-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry value HKEY_USERS\S-1-5-21-1417001333-1284227242-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\WINDOWS\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Service ZDPSp50 stopped successfully! Service ZDPSp50 deleted successfully! File System32\Drivers\ZDPSp50.sys not found. Service ZDCndis5 stopped successfully! Service ZDCndis5 deleted successfully! File C:\WINDOWS\system32\ZDCndis5.SYS not found. Service PCANDIS5 stopped successfully! Service PCANDIS5 deleted successfully! File C:\WINDOWS\system32\PCANDIS5.SYS not found. ========== FILES ========== C:\Documents and Settings\Kajka\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\1348 folder moved successfully. C:\Documents and Settings\Kajka\Dane aplikacji\hellomoto folder moved successfully. C:\Documents and Settings\Kajka\Dane aplikacji\OpenCandy\OpenCandy_F8895DFF01F844DFA8C8DEC1C0432EBD folder moved successfully. C:\Documents and Settings\Kajka\Dane aplikacji\OpenCandy folder moved successfully. C:\Documents and Settings\Kajka\Dane aplikacji\Mozilla\Firefox\Profiles\jtwwmgsb.default\searchplugins\askcom.xml moved successfully. C:\Program Files\mozilla firefox\searchplugins\v9.xml moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\pOlObMd04300 folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Kajka ->Temp folder emptied: 4729779 bytes ->Temporary Internet Files folder emptied: 40698028 bytes ->Java cache emptied: 2577453 bytes ->FireFox cache emptied: 73481821 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 624 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 7150 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 844209 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 117,00 mb OTL by OldTimer - Version 3.2.59.1 log created on 08282012_094432 Files\Folders moved on Reboot... C:\Documents and Settings\Kajka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\ZMFZ6BZB\search[5].htm moved successfully. C:\Documents and Settings\Kajka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\QE75AUTY\fastbutton[1].htm moved successfully. C:\Documents and Settings\Kajka\Ustawienia lokalne\Temporary Internet Files\Content.IE5\QE75AUTY\page__fromsearch__1[1].htm moved successfully. C:\Documents and Settings\Kajka\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. C:\Documents and Settings\Kajka\Ustawienia lokalne\Temporary Internet Files\SuggestedSites.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...