All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. Registry value HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5c81f57f-3cf7-4785-b4ef-11ace31aec4f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c81f57f-3cf7-4785-b4ef-11ace31aec4f}\ not found. Registry value HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{93a3111f-4f74-4ed8-895e-d9708497629e} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e}\ not found. Registry value HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86eb8a9-ccc2-4b6c-b75d-73576ed591bf}\ not found. Registry value HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{d43723ae-1ae1-4a25-a6a4-bf0929273cab} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43723ae-1ae1-4a25-a6a4-bf0929273cab}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2C236004-32D2-43D9-A7FE-F97EE4E83EAA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C236004-32D2-43D9-A7FE-F97EE4E83EAA}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{761DEC22-8F7E-4EC4-8907-B389101E7D88}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761DEC22-8F7E-4EC4-8907-B389101E7D88}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{ACE1C71D-303C-4013-A43F-50415841CFF0}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ACE1C71D-303C-4013-A43F-50415841CFF0}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C0C5F543-902B-42AF-83A9-B3754B4734FB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0C5F543-902B-42AF-83A9-B3754B4734FB}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C16753E8-52C4-4EBA-9D48-164AA74FD87D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C16753E8-52C4-4EBA-9D48-164AA74FD87D}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D0B47094-DA52-4240-86A0-F4ED4CF527F6}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0B47094-DA52-4240-86A0-F4ED4CF527F6}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\bxcz deleted successfully. C:\Users\Public\SysSettings\bxcz.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ActiveUpdate deleted successfully. File C:\ProgramData\ActiveU0\jafpdndnn.exe not found. Registry value HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Upzyo deleted successfully. C:\Users\a\AppData\Roaming\Usyhw\qeyzr.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ActiveUpdate deleted successfully. File C:\ProgramData\ActiveU0\jafpdndnn.exe not found. Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found. Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found. Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery\ not found. Registry key HKEY_USERS\S-1-5-21-660962998-478180604-2645924109-1000\Software\Policies\Microsoft\Internet Explorer\Recovery\ deleted successfully. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Service InterBaseServer stopped successfully! Service InterBaseServer deleted successfully! File C:\Program Files\borland\interbase\bin\ibserver.exe not found. Service InterBaseGuardian stopped successfully! Service InterBaseGuardian deleted successfully! File C:\Program Files\borland\interbase\bin\ibguard.exe not found. Service hwdatacard stopped successfully! Service hwdatacard deleted successfully! File system32\DRIVERS\ewusbmdm.sys not found. Service huawei_enumerator stopped successfully! Service huawei_enumerator deleted successfully! File system32\DRIVERS\ew_jubusenum.sys not found. Service huawei_cdcacm stopped successfully! Service huawei_cdcacm deleted successfully! File system32\DRIVERS\ew_jucdcacm.sys not found. Service ew_hwusbdev stopped successfully! Service ew_hwusbdev deleted successfully! File system32\DRIVERS\ew_hwusbdev.sys not found. Service cpuz132 stopped successfully! Service cpuz132 deleted successfully! File C:\Users\a\AppData\Local\Temp\cpuz132\cpuz132_x32.sys not found. ========== FILES ========== C:\ProgramData\rundll32.exe moved successfully. C:\ProgramData\deodod.pad moved successfully. C:\ProgramData\28tmwoJ.dat moved successfully. C:\ProgramData\CFH3IO4x.exe_.b moved successfully. C:\ProgramData\CFH3IO4x.exe.b moved successfully. File\Folder C:\ProgramData\CFH3IO4x.exe not found. C:\ProgramData\ActiveU0 folder moved successfully. C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully. C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully. C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully. C:\ProgramData\BrowserProtect\2.6.1249.132 folder moved successfully. C:\ProgramData\BrowserProtect folder moved successfully. C:\Users\a\AppData\Roaming\AutoUpdate folder moved successfully. C:\Users\a\AppData\Roaming\Axwuva folder moved successfully. File\Folder C:\Users\a\AppData\Roaming\BabSolution not found. C:\Users\a\AppData\Roaming\Babylon folder moved successfully. C:\Users\a\AppData\Roaming\Cuse folder moved successfully. C:\Users\a\AppData\Roaming\Elobov folder moved successfully. C:\Users\a\AppData\Roaming\Eposu folder moved successfully. C:\Users\a\AppData\Roaming\Lyirfe folder moved successfully. C:\Users\a\AppData\Roaming\maxup folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\searchplugins folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\minidumps folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\defaults\preferences folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\defaults folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content\images folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\49ffxtbr@UtilityChest_49.com\chrome folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions\49ffxtbr@UtilityChest_49.com folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\extensions folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\chrome folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default\bookmarkbackups folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\abnaub0s.default folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox\Crash Reports folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Firefox folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla\Extensions folder moved successfully. C:\Users\a\AppData\Roaming\Mozilla folder moved successfully. C:\Users\a\AppData\Roaming\Myhem folder moved successfully. C:\Users\a\AppData\Roaming\Omomu folder moved successfully. C:\Users\a\AppData\Roaming\OpenCandy\OpenCandy_CDAC2DA0D9D54D42B3BA8FCC1BDAB5FF folder moved successfully. C:\Users\a\AppData\Roaming\OpenCandy folder moved successfully. C:\Users\a\AppData\Roaming\PeerNetworking folder moved successfully. C:\Users\a\AppData\Roaming\Program Files\tele.ring Verbindungsmanager folder moved successfully. C:\Users\a\AppData\Roaming\Program Files folder moved successfully. C:\Users\a\AppData\Roaming\Sevoa folder moved successfully. C:\Users\a\AppData\Roaming\System32 folder moved successfully. C:\Users\a\AppData\Roaming\Usyhw folder moved successfully. C:\Users\a\AppData\Local\svcxdcl32.dat moved successfully. C:\Users\a\AppData\Local\svcxdcl32_v.dll moved successfully. C:\Users\Public\SysSettings folder moved successfully. C:\Windows\removeark.exe moved successfully. [color=#A23BEC]< netsh advfirewall reset /C >[/color] Ok. C:\Users\a\Downloads\cmd.bat deleted successfully. C:\Users\a\Downloads\cmd.txt deleted successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank"[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2][-HKEY_CURRENT_USER\Software\Mozilla][-HKEY_CURRENT_USER\Software\MozillaPlugins][-HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla][-HKEY_LOCAL_MACHINE\SOFTWARE\mozilla.org][-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins] /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: a ->Temp folder emptied: 20846109 bytes ->Temporary Internet Files folder emptied: 245332220 bytes ->Java cache emptied: 36161702 bytes ->FireFox cache emptied: 20820433 bytes ->Google Chrome cache emptied: 17401933 bytes ->Flash cache emptied: 60351 bytes User: Agnieszka dodatkowe ->Temp folder emptied: 956410 bytes ->Temporary Internet Files folder emptied: 223905 bytes ->Google Chrome cache emptied: 12905097 bytes ->Flash cache emptied: 56502 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 5311 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 122290544 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 455,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05232013_155127 Files\Folders moved on Reboot... C:\Users\a\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...