All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8ADE4849-A52E-41F3-BF71-D45AE21306E1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ADE4849-A52E-41F3-BF71-D45AE21306E1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. Registry key HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry key HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6C729D2B-A519-4B5B-8449-CD90B61D1ED2}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C729D2B-A519-4B5B-8449-CD90B61D1ED2}\ not found. Registry key HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8ADE4849-A52E-41F3-BF71-D45AE21306E1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ADE4849-A52E-41F3-BF71-D45AE21306E1}\ not found. Registry key HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found. Registry key HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry value HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. 64bit-Registry value HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RpcPing deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\simpdata deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\systemcpl deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WPDShextAutoplay deleted successfully. C:\Users\aaa\AppData\Local\Microsoft\Windows\1316\WPDShextAutoplay.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Browsers Protector deleted successfully. Registry value HKEY_USERS\S-1-5-21-4074269055-1640596425-1734543178-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon\ not found. ========== FILES ========== C:\Users\Anetka\AppData\Local\Microsoft\Windows\495 folder moved successfully. C:\Users\Rafał\AppData\Local\Microsoft\Windows\2582 folder moved successfully. C:\Users\Paweł\AppData\Local\Microsoft\Windows\1866 folder moved successfully. C:\Users\aaa\AppData\Local\Microsoft\Windows\1316 folder moved successfully. C:\Users\aaa\AppData\Roaming\hellomoto folder moved successfully. C:\Users\Anetka\AppData\Roaming\hellomoto folder moved successfully. C:\Users\Paweł\AppData\Roaming\hellomoto folder moved successfully. C:\Users\Rafał\AppData\Roaming\hellomoto folder moved successfully. C:\Users\Paweł\AppData\Roaming\Babylon\updates folder moved successfully. C:\Users\Paweł\AppData\Roaming\Babylon\Content\icons folder moved successfully. C:\Users\Paweł\AppData\Roaming\Babylon\Content folder moved successfully. C:\Users\Paweł\AppData\Roaming\Babylon folder moved successfully. C:\Program Files (x86)\mozilla firefox\extensions\{2ab9fc46-89c1-61e8-c203-8779d827ff6b}\components folder moved successfully. C:\Program Files (x86)\mozilla firefox\extensions\{2ab9fc46-89c1-61e8-c203-8779d827ff6b}\chrome folder moved successfully. C:\Program Files (x86)\mozilla firefox\extensions\{2ab9fc46-89c1-61e8-c203-8779d827ff6b} folder moved successfully. C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll moved successfully. C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml moved successfully. C:\Program Files (x86)\Common Files\AskToolbarInstaller.exe moved successfully. C:\Windows\Tasks\{0D88FD0A-97D1-4206-B923-A98BD0C6A69A}.job moved successfully. C:\Windows\Tasks\{385E6D88-4A8B-49E3-BE6C-C18C5B293D63}.job moved successfully. C:\Windows\Tasks\{9502F5D6-E1A1-498A-A38D-85AB84E96944}.job moved successfully. C:\Windows\Tasks\{9D18196C-755E-4BA4-AD29-7A3029A10FCD}.job moved successfully. C:\Windows\Tasks\{AC0846C3-6597-42D7-8CB1-9B6E2ADA7609}.job moved successfully. C:\Windows\Tasks\{EE9A4572-3746-496C-AE64-DEFED56E3079}.job moved successfully. [color=#A23BEC]< netsh advfirewall reset /C >[/color] Ok. C:\Users\Paweł\Downloads\cmd.bat deleted successfully. C:\Users\Paweł\Downloads\cmd.txt deleted successfully. ========== REGISTRY ========== HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: aaa ->Temp folder emptied: 260318 bytes ->Temporary Internet Files folder emptied: 580040 bytes User: All Users User: Anetka ->Temp folder emptied: 13128683 bytes ->Temporary Internet Files folder emptied: 617334 bytes ->Java cache emptied: 124057001 bytes ->FireFox cache emptied: 48005330 bytes ->Opera cache emptied: 68589550 bytes ->Flash cache emptied: 4469409 bytes User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: PaweB User: Paweł ->Temp folder emptied: 4813525 bytes ->Temporary Internet Files folder emptied: 775710 bytes ->Java cache emptied: 44711290 bytes ->Google Chrome cache emptied: 228201819 bytes ->Opera cache emptied: 55578678 bytes ->Flash cache emptied: 145968 bytes User: Pawe� User: Public User: RafaB User: Rafał ->Temp folder emptied: 1102920 bytes ->Temporary Internet Files folder emptied: 2121123 bytes ->Java cache emptied: 191565 bytes ->FireFox cache emptied: 56069935 bytes ->Opera cache emptied: 71342903 bytes ->Flash cache emptied: 118483 bytes User: Rafa� User: TEMP User: TEMP.Paweł-Komputer User: TEMP.Paweł-Komputer.000 User: TEMP.Paweł-Komputer.001 User: TEMP.Paweł-Komputer.002 User: TEMP.Paweł-Komputer.003 User: TEMP.Paweł-Komputer.004 User: TEMP.Paweł-Komputer.005 User: TEMP.Paweł-Komputer.006 User: TEMP.Paweł-Komputer.007 User: TEMP.Paweł-Komputer.008 User: TEMP.Paweł-Komputer.009 User: TEMP.Paweł-Komputer.010 User: TEMP.Paweł-Komputer.011 %systemdrive% .tmp files removed: 7034 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58516259 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 747,00 mb OTL by OldTimer - Version 3.2.61.3 log created on 09132012_174017 Files\Folders moved on Reboot... C:\Users\Paweł\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...