All processes killed ========== FILES ========== Unable to replace file: C:\WINDOWS\system32\ws2_32.dll with C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll without a reboot. ADS C:\WINDOWS:F31E46EAB22E5D4C deleted successfully. C:\WINDOWS\system32\windir folder moved successfully. C:\WINDOWS\System32\mypcgaejkguqxgcl.exe moved successfully. C:\WINDOWS\DBHayate.exe moved successfully. C:\WINDOWS\System32\DBHAY.exe moved successfully. C:\WINDOWS\tasks\{2B57B12A-A826-4977-A1F8-738C45D6DEDB}.job moved successfully. C:\Program Files\ContinueToSave folder moved successfully. C:\Program Files\SoftQuick folder moved successfully. C:\Program Files\Portal.2.Update.3.exe moved successfully. C:\Program Files\Common Files\userInit.dll moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG\AWL2012 folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG\AWL\Program Statistics folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG\AWL folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\AVG folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\Common Files folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\continuetosave folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\DownloadnSave folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\InstallMate\{F728BDEE-593D-46A3-A448-111F2CCB9F18} folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\InstallMate\{98AA170A-449C-4473-A698-0CBE434935FC} folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632}\B3975109F0FA5EA7 folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\InstallMate\{16782E9C-E344-47BD-A045-B9BA79870632} folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\InstallMate\ContinueToSave folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\InstallMate folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\Premium\Setup folder moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\Premium folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\AVG\AWL2012\TuningIndex folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\AVG\AWL2012\StartUp Manager folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\AVG\AWL2012\Dashboard folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\AVG\AWL2012\Backups folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\AVG\AWL2012 folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\AVG folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\avdrn.dat moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\chrtmp moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\data.dat moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\dclogs folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\Kamillog.dat moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\Kamil3SQLite3.dll moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\SendSpace folder moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\windows moved successfully. C:\Documents and Settings\Kamil\Dane aplikacji\TESTUJEMY.exe moved successfully. C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\PCHealth\ErrorRep\QSignoff folder moved successfully. C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\PCHealth\ErrorRep folder moved successfully. C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\PCHealth folder moved successfully. C:\Documents and Settings\Kamil\Ustawienia lokalne\Dane aplikacji\promo.exe moved successfully. [color=#A23BEC]< netsh firewall reset /C >[/color] Ok. C:\Documents and Settings\Kamil\Moje dokumenty\Downloads\cmd.bat deleted successfully. C:\Documents and Settings\Kamil\Moje dokumenty\Downloads\cmd.txt deleted successfully. ========== REGISTRY ========== Registry value HKEY_USERS\S-1-5-21-448539723-1500820517-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System\\EnableLUA deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\\EnableLUA not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\"BootExecute"|hex(7):"autocheck autochk *" /E : value set successfully! ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@funwebproducts.com/Plugin\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=8\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=8\ deleted successfully. Registry key HKEY_USERS\S-1-5-21-448539723-1500820517-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found. Registry key HKEY_USERS\S-1-5-21-448539723-1500820517-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-448539723-1500820517-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\ChomikBox deleted successfully. Registry value HKEY_USERS\S-1-5-21-448539723-1500820517-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DC Services deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HKLM deleted successfully. File C:\WINDOWS\system32\windir\Svchost.exe not found. Registry value HKEY_USERS\S-1-5-21-448539723-1500820517-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully. File C:\WINDOWS\system32\windir\Svchost.exe not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully. File C:\WINDOWS\system32\windir\Svchost.exe not found. Registry value HKEY_USERS\S-1-5-21-448539723-1500820517-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully. File C:\WINDOWS\system32\windir\Svchost.exe not found. Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71} C:\WINDOWS\Downloaded Program Files\fhg.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\WINDOWS\SYSTEM32\comglt32a.dll deleted successfully. C:\WINDOWS\system32\comglt32a.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\WINDOWS\system32\DCsvc.exe deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LogonInit\ deleted successfully. C:\Program Files\Common Files\logonInit.dll moved successfully. Service Ventrilo stopped successfully! Service Ventrilo deleted successfully! File G:\Server VT\ventrilo_svc.exe not found. Service Akamai stopped successfully! Service Akamai deleted successfully! File c:\program files\common files\akamai/netsession_win_b5e8a4c.dll not found. Service 4B51B550 stopped successfully! Service 4B51B550 deleted successfully! File C:\WINDOWS\system32\B1855510.EXE not found. Service XDva390 stopped successfully! Service XDva390 deleted successfully! File C:\WINDOWS\system32\XDva390.sys not found. Service XDva387 stopped successfully! Service XDva387 deleted successfully! File C:\WINDOWS\system32\XDva387.sys not found. Service XDva385 stopped successfully! Service XDva385 deleted successfully! File C:\WINDOWS\system32\XDva385.sys not found. Service XDva375 stopped successfully! Service XDva375 deleted successfully! File C:\WINDOWS\system32\XDva375.sys not found. Service XDva370 stopped successfully! Service XDva370 deleted successfully! File C:\WINDOWS\system32\XDva370.sys not found. Service EagleNT stopped successfully! Service EagleNT deleted successfully! File C:\WINDOWS\system32\drivers\EagleNT.sys not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56545 bytes User: Kamil ->Temp folder emptied: 1660363245 bytes ->Temporary Internet Files folder emptied: 37023167 bytes ->Java cache emptied: 74631161 bytes ->FireFox cache emptied: 1098577 bytes ->Google Chrome cache emptied: 424963558 bytes ->Flash cache emptied: 15652733 bytes User: LocalService ->Temp folder emptied: 82513 bytes ->Temporary Internet Files folder emptied: 213394 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2440453 bytes %systemroot%\System32 .tmp files removed: 4984 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 7403362 bytes RecycleBin emptied: 164134 bytes Total Files Cleaned = 2 121,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 01222013_193421 Files\Folders moved on Reboot... PendingFileRenameOperations files... [2011-03-16 16:59:22 | 000,082,944 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll : MD5=B86C440584C13C01CC90FCA6211262A1 Registry entries deleted on Reboot...