All processes killed ========== OTL ========== Error: No service named SpyHunter 4 Service was found to stop! Service\Driver key SpyHunter 4 Service not found. File C:\PROGRAM Files\Enigma Software Group\SpyHunter\SH4Service.exe not found. Service esgiguard stopped successfully! Service esgiguard deleted successfully! File C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys not found. Registry value HKEY_USERS\S-1-5-21-3484592011-385650997-741581504-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F298EB5-D8E9-84A1-15BA-9D3E88446552}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F298EB5-D8E9-84A1-15BA-9D3E88446552}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52906AFD-B5BF-3EAD-F366-D520963DF2EF}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52906AFD-B5BF-3EAD-F366-D520963DF2EF}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F298EB5-D8E9-84A1-15BA-9D3E88446552}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F298EB5-D8E9-84A1-15BA-9D3E88446552}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52906AFD-B5BF-3EAD-F366-D520963DF2EF}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52906AFD-B5BF-3EAD-F366-D520963DF2EF}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\S-1-5-21-3484592011-385650997-741581504-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview not found. C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoEmpire.bat moved successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&ksportuj do programu Microsoft Excel\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Wyślij &do programu OneNote\ deleted successfully. Folder C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\ not found. C:\Program Files\Enigma Software Group\SpyHunter\Log folder moved successfully. C:\Program Files\Enigma Software Group\SpyHunter folder moved successfully. C:\Program Files\Enigma Software Group folder moved successfully. C:\ProgramData\97c20d6c2baff476 folder moved successfully. C:\Users\Tomek\AppData\Local\Packages\windows_ie_ac_001\AC\{61B375F4-CDA1-514B-04FE-5B13B274635A} folder moved successfully. C:\Users\Tomek\AppData\Local\Packages\windows_ie_ac_001\AC\{52906AFD-B5BF-3EAD-F366-D520963DF2EF} folder moved successfully. C:\Users\Tomek\AppData\Local\Packages\windows_ie_ac_001\AC\{29E2C554-8661-6B42-7E42-3E9FD2C2E921} folder moved successfully. C:\Users\Tomek\AppData\Local\Packages\windows_ie_ac_001\AC folder moved successfully. C:\Users\Tomek\AppData\Local\Packages\windows_ie_ac_001 folder moved successfully. C:\Users\Tomek\AppData\Local\Packages folder moved successfully. File C:\Users\Tomek\Desktop\SpyHunter.lnk not found. ========== FILES ========== File\Folder C:\Program Files (x86)\NextCCoup not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope not found. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. Registry value HKEY_USERS\S-1-5-21-3484592011-385650997-741581504-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Gość User: HomeGroupUser$ User: Public User: Tomek ->Temp folder emptied: 63464708 bytes ->Temporary Internet Files folder emptied: 19962677 bytes ->Java cache emptied: 298164 bytes ->Flash cache emptied: 2727 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1715678 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 8945377 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 55310098 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 143.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 08072014_103234 Files\Folders moved on Reboot... C:\Users\Tomek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot. File\Folder C:\Windows\temp\TMP0000000318636E23D5189E67 not found! File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...