All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan:D:\RECYCLER\S-1-5-21-9604379466-2783384235-045826979-4882\winmap.exe deleted successfully. Registry value HKEY_USERS\S-1-5-21-1957994488-839522115-854245398-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:D:\RECYCLER\S-1-5-21-9604379466-2783384235-045826979-4882\winmap.exe deleted successfully. Registry value HKEY_USERS\S-1-5-21-1957994488-839522115-854245398-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully. Item D:\WINDOWS\explorer.exe is whitelisted and cannot be moved. Registry value HKEY_USERS\S-1-5-21-1957994488-839522115-854245398-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psysnew.exe deleted successfully. Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr deleted successfully. Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully. Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found. Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools not found. Registry value HKEY_USERS\S-1-5-21-1957994488-839522115-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found. Registry value HKEY_USERS\S-1-5-21-1957994488-839522115-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools not found. Registry value HKEY_USERS\S-1-5-21-1957994488-839522115-854245398-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found. Registry value HKEY_USERS\S-1-5-21-1957994488-839522115-854245398-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-0002-0002-0000-000000000000} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-0002-0002-0000-000000000000}\ not found. File Animation Java Classes file://D:\WINDOWS\Java\classes\dajava.cab not found. Starting removal of ActiveX control DirectAnimation Java Classes Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found. File oft XML Parser for Java file://D:\WINDOWS\Java\classes\xmldso.cab not found. Starting removal of ActiveX control Microsoft XML Parser for Java Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found. Service Speed Disk service stopped successfully! Service Speed Disk service deleted successfully! Service NProtectService stopped successfully! Service NProtectService deleted successfully! Service GhostStartService stopped successfully! Service GhostStartService deleted successfully! ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 35513 bytes User: user ->Temp folder emptied: 257360 bytes ->Temporary Internet Files folder emptied: 20550221 bytes ->Java cache emptied: 5223165 bytes ->FireFox cache emptied: 44036432 bytes ->Flash cache emptied: 1954 bytes User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 84133 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1119674 bytes %systemroot%\System32 .tmp files removed: 9512 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 478901 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 69,00 mb OTL by OldTimer - Version 3.2.6.0 log created on 06122010_023711 Files\Folders moved on Reboot... File\Folder D:\Documents and Settings\user\Ustawienia lokalne\Temp\~DF6CF0.tmp not found! File\Folder D:\Documents and Settings\user\Ustawienia lokalne\Temp\~DF6CFC.tmp not found! File\Folder D:\Documents and Settings\user\Ustawienia lokalne\Temp\~DF6D8F.tmp not found! File\Folder D:\Documents and Settings\user\Ustawienia lokalne\Temp\~DF6D97.tmp not found! File\Folder D:\Documents and Settings\user\Ustawienia lokalne\Temp\~DF7096.tmp not found! File\Folder D:\Documents and Settings\user\Ustawienia lokalne\Temp\~DF709F.tmp not found! D:\Documents and Settings\user\Ustawienia lokalne\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. D:\Documents and Settings\user\Ustawienia lokalne\Temporary Internet Files\Content.IE5\OPQRSTUV\index[1].htm moved successfully. D:\Documents and Settings\user\Ustawienia lokalne\Temporary Internet Files\SuggestedSites.dat moved successfully. Registry entries deleted on Reboot...