All processes killed
========== FILES ==========
[color=#A23BEC]< fsutil reparsepoint delete C:\Windows\$NtUninstallKB27523$ /C >[/color]
C:\Users\remik\Downloads\cmd.bat deleted successfully.
C:\Users\remik\Downloads\cmd.txt deleted successfully.
C:\Users\remik\AppData\Local\{60c709b9-2645-8192-bcaf-889587e69979}\U folder moved successfully.
C:\Users\remik\AppData\Local\{60c709b9-2645-8192-bcaf-889587e69979}\L folder moved successfully.
C:\Users\remik\AppData\Local\{60c709b9-2645-8192-bcaf-889587e69979} folder moved successfully.
C:\Users\remik\AppData\Local\{85AD1521-CC8A-11E1-8270-B8AC6F996F26}\chrome\content folder moved successfully.
C:\Users\remik\AppData\Local\{85AD1521-CC8A-11E1-8270-B8AC6F996F26}\chrome folder moved successfully.
C:\Users\remik\AppData\Local\{85AD1521-CC8A-11E1-8270-B8AC6F996F26} folder moved successfully.
C:\Windows\tasks\At1.job moved successfully.
C:\Windows\tasks\At10.job moved successfully.
C:\Windows\tasks\At11.job moved successfully.
C:\Windows\tasks\At12.job moved successfully.
C:\Windows\tasks\At13.job moved successfully.
C:\Windows\tasks\At14.job moved successfully.
C:\Windows\tasks\At15.job moved successfully.
C:\Windows\tasks\At16.job moved successfully.
C:\Windows\tasks\At17.job moved successfully.
C:\Windows\tasks\At18.job moved successfully.
C:\Windows\tasks\At19.job moved successfully.
C:\Windows\tasks\At2.job moved successfully.
C:\Windows\tasks\At20.job moved successfully.
C:\Windows\tasks\At21.job moved successfully.
C:\Windows\tasks\At22.job moved successfully.
C:\Windows\tasks\At23.job moved successfully.
C:\Windows\tasks\At24.job moved successfully.
C:\Windows\tasks\At25.job moved successfully.
C:\Windows\tasks\At26.job moved successfully.
C:\Windows\tasks\At27.job moved successfully.
C:\Windows\tasks\At28.job moved successfully.
C:\Windows\tasks\At29.job moved successfully.
C:\Windows\tasks\At3.job moved successfully.
C:\Windows\tasks\At30.job moved successfully.
C:\Windows\tasks\At31.job moved successfully.
C:\Windows\tasks\At32.job moved successfully.
C:\Windows\tasks\At33.job moved successfully.
C:\Windows\tasks\At34.job moved successfully.
C:\Windows\tasks\At35.job moved successfully.
C:\Windows\tasks\At36.job moved successfully.
C:\Windows\tasks\At37.job moved successfully.
C:\Windows\tasks\At38.job moved successfully.
C:\Windows\tasks\At39.job moved successfully.
C:\Windows\tasks\At4.job moved successfully.
C:\Windows\tasks\At40.job moved successfully.
C:\Windows\tasks\At41.job moved successfully.
C:\Windows\tasks\At42.job moved successfully.
C:\Windows\tasks\At43.job moved successfully.
C:\Windows\tasks\At44.job moved successfully.
C:\Windows\tasks\At45.job moved successfully.
C:\Windows\tasks\At46.job moved successfully.
C:\Windows\tasks\At47.job moved successfully.
C:\Windows\tasks\At48.job moved successfully.
C:\Windows\tasks\At5.job moved successfully.
C:\Windows\tasks\At6.job moved successfully.
C:\Windows\tasks\At7.job moved successfully.
C:\Windows\tasks\At8.job moved successfully.
C:\Windows\tasks\At9.job moved successfully.
C:\Windows\tasks\BearShareNAG.job moved successfully.
C:\Users\remik\AppData\Roaming\ProgSense folder moved successfully.
C:\ProgramData\t7wq14l2qs1owh moved successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully!
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\ deleted successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ not found.
Registry key HKEY_USERS\S-1-5-21-1385047699-1197689655-504847657-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}\ not found.
Registry key HKEY_USERS\S-1-5-21-1385047699-1197689655-504847657-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA8D6475-50E6-0FAB-D17A-2CE8EC5002F9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA8D6475-50E6-0FAB-D17A-2CE8EC5002F9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1385047699-1197689655-504847657-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD5EF61C-5753-4069-9987-73C0CD9A11DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD5EF61C-5753-4069-9987-73C0CD9A11DA}\ not found.
Registry value HKEY_USERS\S-1-5-21-1385047699-1197689655-504847657-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com deleted successfully.
File C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{85AD1521-CC8A-11E1-8270-B8AC6F996F26} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85AD1521-CC8A-11E1-8270-B8AC6F996F26}\ not found.
File C:\Users\remik\AppData\Local\{85AD1521-CC8A-11E1-8270-B8AC6F996F26}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1385047699-1197689655-504847657-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1385047699-1197689655-504847657-1001\Software\Microsoft\Windows\CurrentVersion\Run\\RMFon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1385047699-1197689655-504847657-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HideSCAHealth deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL:RtlGina2.dll deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr\ deleted successfully.
Service ekrn stopped successfully!
Service ekrn deleted successfully!
File C:\Program Files\ESET\ESET Smart Security\ekrn.exe not found.
Service VMnetAdapter stopped successfully!
Service VMnetAdapter deleted successfully!
File system32\DRIVERS\vmnetadapter.sys not found.
Service soprfm stopped successfully!
Service soprfm deleted successfully!
File System32\drivers\kpjqlham.sys not found.
Service ShldDrv stopped successfully!
Service ShldDrv deleted successfully!
File System32\DRIVERS\ShlDrv51.sys not found.
Service PavProc stopped successfully!
Service PavProc deleted successfully!
File C:\Windows\system32\DRIVERS\PavProc.sys not found.
Service A2DDA stopped successfully!
Service A2DDA deleted successfully!
File C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: remik
->Temp folder emptied: 293885586 bytes
->Temporary Internet Files folder emptied: 7026244 bytes
->Java cache emptied: 14899751 bytes
->FireFox cache emptied: 4477515 bytes
->Google Chrome cache emptied: 244351700 bytes
->Apple Safari cache emptied: 100081664 bytes
->Opera cache emptied: 2081821 bytes
->Flash cache emptied: 119435 bytes
 
User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1278839 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 173642 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 637,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 03172013_143820

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...