All processes killed ========== FILES ========== C:\Documents and Settings\Stach\Menu Start\Programy\Autostart\ctfmon.lnk moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\lsass.exe moved successfully. C:\Documents and Settings\All Users\Dane aplikacji\0tbpw.pad moved successfully. ADS C:\WINDOWS\Temp:temp deleted successfully. C:\Documents and Settings\Stach\Dane aplikacji\Mozilla\Firefox\Profiles\eqjvrzlx.default\searchplugins\startsear.xml moved successfully. C:\Documents and Settings\Stach\Dane aplikacji\Mozilla\Firefox\Profiles\eqjvrzlx.default\searchplugins\sweetim.xml moved successfully. C:\Documents and Settings\Stach\Dane aplikacji\Mozilla\Firefox\Profiles\eqjvrzlx.default\searchplugins\web-search.xml moved successfully. [color=#A23BEC]< netsh firewall reset /C >[/color] Ok. K:\cmd.bat deleted successfully. K:\cmd.txt deleted successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\"ProxyEnable"|dword:00000000 /E : value set successfully! HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"about:blank" /E : value set successfully! ========== OTL ========== Prefs.js: "127.0.0.1" removed from network.proxy.http Prefs.js: 56020 removed from network.proxy.http_port Prefs.js: 1 removed from network.proxy.type Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Intel Display Control deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockIES deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockOCTuner deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSConfig deleted successfully. Service rvnshzfl stopped successfully! Service rvnshzfl deleted successfully! File C:\WINDOWS\system32\drivers\rvnshzfl.sys not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 778 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 11555010 bytes ->Opera cache emptied: 10170 bytes ->Flash cache emptied: 456 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Dom ->Temp folder emptied: 241352183 bytes ->Temporary Internet Files folder emptied: 2067986 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 119796966 bytes ->Opera cache emptied: 138384 bytes ->Flash cache emptied: 1524 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 2262098 bytes User: Stach ->Temp folder emptied: 1846337634 bytes ->Temporary Internet Files folder emptied: 125002454 bytes ->Java cache emptied: 13059898 bytes ->FireFox cache emptied: 1053483834 bytes ->Google Chrome cache emptied: 343463676 bytes ->Opera cache emptied: 7735300 bytes ->Flash cache emptied: 119487 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2148726 bytes %systemroot%\System32 .tmp files removed: 2596 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 459300077 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 4 032,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10272012_003816 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...