All processes killed ========== OTL ========== HKU\S-1-5-21-2395896153-584362893-2675653115-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully! HKU\S-1-5-21-2395896153-584362893-2675653115-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKU\S-1-5-21-2395896153-584362893-2675653115-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully! HKU\S-1-5-21-2395896153-584362893-2675653115-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Default_Page_URL| /E : value set successfully! HKU\S-1-5-21-2395896153-584362893-2675653115-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-21-2395896153-584362893-2675653115-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully! HKU\S-1-5-21-2395896153-584362893-2675653115-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Search Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-2395896153-584362893-2675653115-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found. Registry value HKEY_USERS\S-1-5-21-2395896153-584362893-2675653115-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GProton deleted successfully. C:\ProgramData\GProton.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-2395896153-584362893-2675653115-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BlazeServoTool deleted successfully. Registry value HKEY_USERS\S-1-5-21-2395896153-584362893-2675653115-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully. Registry value HKEY_USERS\S-1-5-21-2395896153-584362893-2675653115-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RMF FM Miasto Muzyki deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 56502 bytes User: Default User ->Flash cache emptied: 0 bytes User: Marcin ->Flash cache emptied: 795187 bytes User: Public User: UpdatusUser ->Flash cache emptied: 56502 bytes Total Flash Files Cleaned = 1,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Marcin ->Temp folder emptied: 726436340 bytes ->Temporary Internet Files folder emptied: 84742985 bytes ->Java cache emptied: 5256317 bytes ->Opera cache emptied: 311840311 bytes ->Flash cache emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 200704 bytes %systemroot%\System32 .tmp files removed: 6476352 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 75835076 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85262 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1 155,00 mb OTL by OldTimer - Version 3.2.27.0 log created on 09042011_120028 Files\Folders moved on Reboot... C:\Users\Marcin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...