All processes killed ========== FILES ========== C:\Users\Szot.d-PC\AppData\Local\operaprefs.ini moved successfully. C:\Users\Szot.d-PC\AppData\Local\Codecs.exe moved successfully. C:\Users\Szot.d-PC\AppData\Local\jushed.exe moved successfully. C:\Users\Szot.d-PC\AppData\Local\nircmd.exe moved successfully. C:\ProgramData\operaprefs.ini moved successfully. C:\ProgramData\nircmd.exe moved successfully. C:\ProgramData\jushed.exe moved successfully. C:\ProgramData\datesavefile moved successfully. C:\ProgramData\varsavefile moved successfully. C:\ProgramData\timerxfile moved successfully. ========== OTL ========== HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Prefs.js: "Conduit Engine Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "Conduit Engine Customized Web Search" removed from browser.search.selectedEngine Prefs.js: "http://search.conduit.com/?ctid=&SearchSource=13" removed from browser.startup.homepage Prefs.js: DTToolbar@toolbarnet.com:1.0.8.0552 removed from extensions.enabledItems Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q=" removed from keyword.URL C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\lib folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\DTToolbar@toolbarnet.com folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com\searchplugin folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com\META-INF folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com\lib folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com\DualPackage folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com\defaults folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com\components folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com\chrome folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\mozilla\Firefox\Profiles\3v7vypqh.default\extensions\engine@conduit.com folder moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\Mozilla\Firefox\Profiles\3v7vypqh.default\searchplugins\conduit.xml moved successfully. C:\Users\Szot.d-PC\AppData\Roaming\Mozilla\Firefox\Profiles\3v7vypqh.default\searchplugins\daemon-search.xml moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CCUTRAYICON deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\jushed deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend\\"Start"|dword:00000004 /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 41044 bytes User: Default User ->Flash cache emptied: 0 bytes User: IUSR_NMPR User: Public User: Szot.d-PC ->Flash cache emptied: 101150 bytes User: SZOT~1~D-P User: UpdatusUser ->Flash cache emptied: 41044 bytes Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: IUSR_NMPR ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Szot.d-PC ->Temp folder emptied: 178699838 bytes ->Temporary Internet Files folder emptied: 19790475 bytes ->Java cache emptied: 42976770 bytes ->FireFox cache emptied: 108133606 bytes ->Opera cache emptied: 90744 bytes ->Flash cache emptied: 0 bytes User: SZOT~1~D-P ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 894652 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 401408 bytes %systemroot%\System32 .tmp files removed: 4208170 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 79951881 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 415,00 mb OTL by OldTimer - Version 3.2.24.1 log created on 06292011_134856 Files\Folders moved on Reboot... C:\Users\Szot.d-PC\AppData\Local\Temp\~DF6BE1.tmp moved successfully. File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot. File move failed. C:\Windows\temp\nmsmc_DQLWinService.log scheduled to be moved on reboot. File\Folder C:\Windows\temp\ZLT05906.TMP not found! Registry entries deleted on Reboot...