All processes killed ========== OTL ========== ADS C:\Windows:DE7CA630653230F0 deleted successfully. Service EagleXNt stopped successfully! Service EagleXNt deleted successfully! File C:\windows\system32\drivers\EagleXNt.sys not found. Service EagleNT stopped successfully! Service EagleNT deleted successfully! File C:\windows\system32\drivers\EagleNT.sys not found. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{804efe7d-a8d7-4351-a6df-014d1ed7c6fc}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{804efe7d-a8d7-4351-a6df-014d1ed7c6fc}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95525BD9-6136-4A26-8263-9CEE295D442D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95525BD9-6136-4A26-8263-9CEE295D442D}\ deleted successfully. C:\Program Files\4Shared Toolbar\4sharedExt32.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95080B13-AA71-4EE8-B951-7E98221E1ED5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95080B13-AA71-4EE8-B951-7E98221E1ED5}\ deleted successfully. C:\Program Files\4Shared Toolbar\4sharedbar32.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-21-2092716530-3474641769-2676177707-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C86EB8A9-CCC2-4B6C-B75D-73576ED591BF}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AnyProtect deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AnyProtect Tray deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ConvertAd deleted successfully. C:\Users\szczepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TorpedoCopy.lnk moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\bitguard\261694~1.246\{c16c1~2\bitguard.dll deleted successfully. C:\Users\szczepan\AppData\Roaming\0C1I1L1R1J0M1P0I1G\VuuPC Packages folder moved successfully. C:\Users\szczepan\AppData\Roaming\0C1I1L1R1J0M1P0I1G folder moved successfully. C:\Users\szczepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals folder moved successfully. C:\Program Files\BonanzaDeals folder moved successfully. C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job moved successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"|"{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" /E : value set successfully! Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope not found. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. Registry value HKEY_USERS\S-1-5-21-2092716530-3474641769-2676177707-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. Registry key HKEY_USERS\S-1-5-21-2092716530-3474641769-2676177707-1000\Software\Microsoft\Internet Explorer\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: szczepan ->Temp folder emptied: 114897624 bytes ->Temporary Internet Files folder emptied: 109136046 bytes ->Java cache emptied: 38130774 bytes ->Google Chrome cache emptied: 450162015 bytes ->Opera cache emptied: 3314231 bytes ->Flash cache emptied: 12808773 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 78814871 bytes RecycleBin emptied: 1532437860 bytes Total Files Cleaned = 2,231.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10092013_225529 Files\Folders moved on Reboot... C:\Users\szczepan\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...