All processes killed ========== OTL ========== Prefs.js: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=9969f3ac-3c02-492f-b9eb-bb2176cd9c7b&affid=110774&searchtype=hp&babsrc=lnkry" removed from browser.startup.homepage Prefs.js: "http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=PL&userid=9969f3ac-3c02-492f-b9eb-bb2176cd9c7b&affid=110774&searchtype=ds&babsrc=lnkry&q=" removed from keyword.URL Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found. Registry key HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found. Registry key HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FA2EAF64-CC0B-4582-B9C6-4EC05C0B9C9F}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA2EAF64-CC0B-4582-B9C6-4EC05C0B9C9F}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{26F4E605-F3F0-AD40-01DE-FC9739C1DF8A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26F4E605-F3F0-AD40-01DE-FC9739C1DF8A}\ not found. C:\Users\DM\AppData\Roaming\Udykuh\xibou.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. Registry value HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU deleted successfully. Registry value HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Time deleted successfully. C:\ProgramData\IpmudjiWxodm.dll moved successfully. Registry value HKEY_USERS\S-1-5-21-3256287372-3208080009-2151116292-1000\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot deleted successfully. ========== FILES ========== C:\Users\DM\AppData\Roaming\Muhy folder moved successfully. C:\Users\DM\AppData\Roaming\OpenCandy\99530C272FAA4174928BE6EAB4F79FD7 folder moved successfully. C:\Users\DM\AppData\Roaming\OpenCandy folder moved successfully. C:\Users\DM\AppData\Roaming\Udykuh folder moved successfully. C:\autorun.inf moved successfully. D:\autorun.inf moved successfully. autorun.inf not found in E:\ F:\autorun.inf moved successfully. G:\autorun.inf moved successfully. I:\autorun.inf moved successfully. [color=#A23BEC]< netsh advfirewall reset /C >[/color] Ok. C:\Users\DM\Downloads\cmd.bat deleted successfully. C:\Users\DM\Downloads\cmd.txt deleted successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: DM ->Temp folder emptied: 718081890 bytes ->Temporary Internet Files folder emptied: 45961905 bytes ->Java cache emptied: 2161219 bytes ->FireFox cache emptied: 65590316 bytes ->Google Chrome cache emptied: 289427651 bytes ->Flash cache emptied: 25288 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6869192 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46391734 bytes RecycleBin emptied: 758247 bytes Total Files Cleaned = 1 121,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10102012_175609 Files\Folders moved on Reboot... C:\Users\DM\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...