All processes killed
========== OTL ==========
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: "http://start.facemoods.com/results.php?f=5&a=ddr&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
C:\Documents and Settings\Viamot\Dane aplikacji\Mozilla\Firefox\Profiles\o3eyn82n.default\searchplugins\ask.xml moved successfully.
C:\Documents and Settings\Viamot\Dane aplikacji\Mozilla\Firefox\Profiles\o3eyn82n.default\searchplugins\daemon-search.xml moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-3391594494-2921880992-2782886935-1009\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3391594494-2921880992-2782886935-1009\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{043C5167-00BB-4324-AF7E-62013FAEDACF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
Registry value HKEY_USERS\S-1-5-21-3391594494-2921880992-2782886935-1009\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-3391594494-2921880992-2782886935-1009\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f24dbf24-3d5f-11de-a54e-001c25900756}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f24dbf24-3d5f-11de-a54e-001c25900756}\ not found.
File E:\ysep1.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f24dbf24-3d5f-11de-a54e-001c25900756}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f24dbf24-3d5f-11de-a54e-001c25900756}\ not found.
File E:\ysep1.exe not found.
C:\WINDOWS\system32\shimg.dll moved successfully.
C:\WINDOWS\system32\drivers\str.sys moved successfully.
C:\Documents and Settings\Viamot\Dane aplikacji\pdfforge\temp folder moved successfully.
C:\Documents and Settings\Viamot\Dane aplikacji\pdfforge\res folder moved successfully.
C:\Documents and Settings\Viamot\Dane aplikacji\pdfforge folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SopCast\adv\SopAdver.exe deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: admviamot
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: Konrad Wójcik
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 328160 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Viamot
->Temp folder emptied: 47940867 bytes
->Temporary Internet Files folder emptied: 10899750 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 53021944 bytes
->Flash cache emptied: 2916 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 4370980 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6640794 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 118,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 10192011_195408

Files\Folders moved on Reboot...
C:\Documents and Settings\Viamot\Ustawienia lokalne\Temporary Internet Files\Content.Word\~WRS{67C383CE-D77A-469D-9A03-47AF20CD6594}.tmp moved successfully.
C:\Documents and Settings\Viamot\Ustawienia lokalne\Temporary Internet Files\Content.Word\~WRS{82154128-A8A3-4494-804F-237063298D4C}.tmp moved successfully.
File\Folder C:\Documents and Settings\Viamot\Ustawienia lokalne\Temporary Internet Files\Content.Word\~WRS{D5C36331-5B17-40E7-A8D3-5F4A9B3227F2}.tmp not found!

Registry entries deleted on Reboot...