All processes killed ========== OTL ========== Service aspnet_state stopped successfully! Service aspnet_state deleted successfully! File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe not found. Service USBModem stopped successfully! Service USBModem deleted successfully! File system32\DRIVERS\lgusbmodem.sys not found. Service UsbDiag stopped successfully! Service UsbDiag deleted successfully! File system32\DRIVERS\lgusbdiag.sys not found. Service usbbus stopped successfully! Service usbbus deleted successfully! File system32\DRIVERS\lgusbbus.sys not found. Service SBRE stopped successfully! Service SBRE deleted successfully! File C:\WINDOWS\system32\drivers\SBREdrv.sys not found. Service rtl8139 stopped successfully! Service rtl8139 deleted successfully! File system32\DRIVERS\RTL8139.SYS not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\ComboFix\catchme.sys not found. Service Amps2prt stopped successfully! Service Amps2prt deleted successfully! File system32\DRIVERS\Amps2prt.sys not found. Service gmer stopped successfully! Service gmer deleted successfully! C:\WINDOWS\system32\drivers\gmer.sys moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully. Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71} C:\WINDOWS\Downloaded Program Files\wvc1dmo.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found. Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: All Users User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Marcin ->Temp folder emptied: 123080492 bytes ->Temporary Internet Files folder emptied: 24643423 bytes ->Java cache emptied: 27155834 bytes ->FireFox cache emptied: 2539538 bytes ->Opera cache emptied: 282187 bytes ->Flash cache emptied: 1169253 bytes User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 34044 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 4229168 bytes %systemroot%\System32 .tmp files removed: 12475940 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 262144 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 187,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05112013_193946 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found! C:\WINDOWS\temp\Perflib_Perfdata_620.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...