All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. HKU\S-1-5-21-117609710-484763869-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-117609710-484763869-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found. File C:\Program Files\Winamp Toolbar\winamptb.dll not found. Prefs.js: "Winamp Search" removed from browser.search.defaultenginename Prefs.js: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=" removed from browser.search.defaulturl Prefs.js: DTToolbar@toolbarnet.com:1.1.1.0014 removed from extensions.enabledItems Prefs.js: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=" removed from keyword.URL Folder C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\buch6skk.default\extensions\DTToolbar@toolbarnet.com\ not found. C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\buch6skk.default\searchplugins\daemon-search.xml moved successfully. C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\buch6skk.default\searchplugins\winamp-search.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-117609710-484763869-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BearShare deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RelevantKnowledge not found. File C:\Program Files\RelevantKnowledge\rlvknlg.exe not found. Registry value HKEY_USERS\S-1-5-21-117609710-484763869-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully. Registry value HKEY_USERS\S-1-5-21-117609710-484763869-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Yodm3D deleted successfully. C:\Documents and Settings\Krystian\Menu Start\Programy\Autostart\Adobe Media Player.lnk moved successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Winamp Search\ not found. File C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9275268e-0d75-11dd-a857-00304f20eceb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9275268e-0d75-11dd-a857-00304f20eceb}\ not found. File J:\Recycled\ctfmon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9275268f-0d75-11dd-a857-00304f20eceb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9275268f-0d75-11dd-a857-00304f20eceb}\ not found. File K:\Recycled\ctfmon.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cefd22b4-f047-11dc-a80f-00304f20eceb}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cefd22b4-f047-11dc-a80f-00304f20eceb}\ not found. File H:\Recycled\ctfmon.exe not found. ========== FILES ========== File\Folder C:\Program Files\RelevantKnowledge not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Krystian\Ustawienia lokalne\Temp\~os2C.tmp\ossproxy.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Krystian\Ustawienia lokalne\Temp\~os20.tmp\ossproxy.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Krystian\Ustawienia lokalne\Temp\~os143.tmp\rlvknlg.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Krystian\Ustawienia lokalne\Temp\~os114.tmp\rlvknlg.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Krystian\Ustawienia lokalne\Temp\~osA5.tmp\rlvknlg.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Krystian\Ustawienia lokalne\Temp\~os52.tmp\rlvknlg.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\c:\program files\relevantknowledge\rlvknlg.exe not found. ========== COMMANDS ========== [EMPTYFLASH] User: Default User User: All Users User: NetworkService User: LocalService User: Krystian ->Flash cache emptied: 1056 bytes User: Administrator Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 0 bytes User: Krystian ->Temp folder emptied: 1461805 bytes ->Temporary Internet Files folder emptied: 1377282 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 140113572 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 90112 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 267681 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 137,00 mb OTL by OldTimer - Version 3.2.15.2 log created on 10202010_172131 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found! File\Folder C:\WINDOWS\temp\Perflib_Perfdata_558.dat not found! File\Folder C:\WINDOWS\temp\Perflib_Perfdata_85c.dat not found! Registry entries deleted on Reboot...