All processes killed ========== FILES ========== C:\Windows\%APPDATA%\Microsoft\Windows\IETldCache folder moved successfully. C:\Windows\%APPDATA%\Microsoft\Windows folder moved successfully. C:\Windows\%APPDATA%\Microsoft folder moved successfully. C:\Windows\%APPDATA% folder moved successfully. C:\Users\Pecet\AppData\Roaming\suspectphoto.jpg moved successfully. C:\Users\Pecet\AppData\Roaming\bg2.jpg moved successfully. C:\Users\Pecet\AppData\Roaming\B1Toolbar folder moved successfully. File\Folder C:\Users\Pecet\AppData\Roaming\BabSolution not found. C:\Users\Pecet\AppData\Roaming\Babylon folder moved successfully. C:\Users\Pecet\AppData\Roaming\Yontoo\dat\update folder moved successfully. C:\Users\Pecet\AppData\Roaming\Yontoo\dat folder moved successfully. C:\Users\Pecet\AppData\Roaming\Yontoo folder moved successfully. C:\Users\Pecet\AppData\Local\B1E folder moved successfully. C:\Users\Pecet\AppData\Local\TempAT1284.html moved successfully. C:\Users\Pecet\AppData\Local\Tempbw5208.html moved successfully. C:\Users\Pecet\AppData\Local\TempCg2920.html moved successfully. C:\Users\Pecet\AppData\Local\TempFp5484.html moved successfully. C:\Users\Pecet\AppData\Local\Temphj5236.html moved successfully. C:\Users\Pecet\AppData\Local\Tempho7704.html moved successfully. C:\Users\Pecet\AppData\Local\Tempi27844.html moved successfully. C:\Users\Pecet\AppData\Local\TempiD4336.html moved successfully. C:\Users\Pecet\AppData\Local\Tempmm5208.html moved successfully. C:\Users\Pecet\AppData\Local\TempmO3860.html moved successfully. C:\Users\Pecet\AppData\Local\TempNi3012.html moved successfully. C:\Users\Pecet\AppData\Local\TempNx3012.html moved successfully. C:\Users\Pecet\AppData\Local\TempPa3108.html moved successfully. C:\Users\Pecet\AppData\Local\TempPO2132.html moved successfully. C:\Users\Pecet\AppData\Local\TempPS4848.html moved successfully. C:\Users\Pecet\AppData\Local\TempqK4900.html moved successfully. C:\Users\Pecet\AppData\Local\Tempql4336.html moved successfully. C:\Users\Pecet\AppData\Local\TempR27844.html moved successfully. C:\Users\Pecet\AppData\Local\TempRP2668.html moved successfully. C:\Users\Pecet\AppData\Local\TempRXm992.html moved successfully. C:\Users\Pecet\AppData\Local\TempSw2196.html moved successfully. C:\Users\Pecet\AppData\Local\TempTO6004.html moved successfully. C:\Users\Pecet\AppData\Local\TempTp1284.html moved successfully. C:\Users\Pecet\AppData\Local\Tempud2496.html moved successfully. C:\Users\Pecet\AppData\Local\TempugR948.html moved successfully. C:\Users\Pecet\AppData\Local\TempuJ3316.html moved successfully. C:\Users\Pecet\AppData\Local\TempUZ7704.html moved successfully. C:\Users\Pecet\AppData\Local\TempVK2132.html moved successfully. C:\Users\Pecet\AppData\Local\TempXq3860.html moved successfully. C:\Users\Pecet\AppData\Local\Tempyd2496.html moved successfully. C:\Users\Pecet\AppData\Local\TempyD4900.html moved successfully. C:\Users\Pecet\AppData\Local\TempzG3512.html moved successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\bProtector Start Page not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page Before deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Before deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.7\ deleted successfully. ========== OTL ========== Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found. Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Internet Explorer\SearchScopes\{68B98452-5FF4-4BD9-B5C3-618CBDCC411D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68B98452-5FF4-4BD9-B5C3-618CBDCC411D}\ not found. Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found. HKU\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf00e119-21a3-4fd1-b178-3b8537e75c92}\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Pobierz za pomocą Mega Manager...\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully. Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSetFolders deleted successfully. Registry value HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoStartMenuMorePrograms deleted successfully. Registry value HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoChangeStartMenu deleted successfully. Registry value HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel deleted successfully. Registry key HKEY_USERS\S-1-5-21-3441852442-2004521568-503359352-1012\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found. Service DgiVecp stopped successfully! Service DgiVecp deleted successfully! File C:\Windows\system32\Drivers\DgiVecp.sys not found. Service XDva401 stopped successfully! Service XDva401 deleted successfully! File C:\Windows\system32\XDva401.sys not found. Service XDva398 stopped successfully! Service XDva398 deleted successfully! File C:\Windows\system32\XDva398.sys not found. Service USBCCID stopped successfully! Service USBCCID deleted successfully! File system32\DRIVERS\RtsUCcid.sys not found. Service RtsUIR stopped successfully! Service RtsUIR deleted successfully! File system32\DRIVERS\Rts516xIR.sys not found. Service NETw5s32 stopped successfully! Service NETw5s32 deleted successfully! File system32\DRIVERS\NETw5s32.sys not found. Service EagleXNt stopped successfully! Service EagleXNt deleted successfully! File C:\Windows\system32\drivers\EagleXNt.sys not found. Service EagleNT stopped successfully! Service EagleNT deleted successfully! File C:\Windows\system32\drivers\EagleNT.sys not found. Service cpuz130 stopped successfully! Service cpuz130 deleted successfully! File C:\Users\Pecet\AppData\Local\Temp\cpuz130\cpuz_x32.sys not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\Windows\system32\config\SYSTEM~1\AppData\Local\Temp\catchme.sys not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Bartek ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 294871 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 1608723 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 1458 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes ->FireFox cache emptied: 5656747 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes User: Pecet ->Temp folder emptied: 3434826 bytes ->Temporary Internet Files folder emptied: 3023754 bytes ->Java cache emptied: 207428 bytes ->FireFox cache emptied: 2427606 bytes ->Google Chrome cache emptied: 41849602 bytes ->Opera cache emptied: 21832094 bytes ->Flash cache emptied: 52465 bytes User: Public ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 536384 bytes RecycleBin emptied: 88155628 bytes Total Files Cleaned = 161,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05212013_201348 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. C:\Windows\temp\TMP0000170F0CC8ACCD857B938C moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...