========== OTL ==========
Prefs.js: a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com:0.91.17 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211951147}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211951147}\ deleted successfully.
C:\Program Files\Advertising\Advertising.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Common User Runtime deleted successfully.
C:\Program Files\Common Files\Common User Runtime.{2227A280-3AEA-1069-A2DE-08002B30309D}\lgzovopie.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\smwcore deleted successfully.
C:\WINDOWS\system32\actxprxy.exe moved successfully.
Registry value HKEY_USERS\Master.SREDNI_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Common User Runtime deleted successfully.
Registry value HKEY_USERS\Master.SREDNI_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\EXPLORER.EXE deleted successfully.
Item C:\WINDOWS\system32\EXPLORER.EXE is whitelisted and cannot be moved.
Registry value HKEY_USERS\Master.SREDNI_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Komunikator deleted successfully.
Registry value HKEY_USERS\Master.SREDNI_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Windows NT Login Application deleted successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\winlogons.exe moved successfully.
Registry value HKEY_USERS\Master.SREDNI_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\wsctf.exe deleted successfully.
C:\Documents and Settings\Master.SREDNI\Menu Start\Programy\Autostart\NG4YIHc1dzGo.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Menu Start\Programy\Autostart\PaExt9YuRqI9.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Menu Start\Programy\Autostart\Rnda9OonB7Vs.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\50369 deleted successfully.
C:\Documents and Settings\All Users.WINDOWS\Local Settings\Temp\msqhhv.scr moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan:C:\Documents and Settings\Master.SREDNI\fvjwsc.exe deleted successfully.
C:\Documents and Settings\Master.SREDNI\fvjwsc.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:Explorer.exe deleted successfully.
Item C:\WINDOWS\system32\EXPLORER.EXE is whitelisted and cannot be moved.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:EXPLORER.EXE deleted successfully.
Item C:\WINDOWS\system32\EXPLORER.EXE is whitelisted and cannot be moved.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\housecalllauncher.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\\SecurityProviders:AyvomzugKutw.dll deleted successfully.
C:\WINDOWS\system32\AyvomzugKutw.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BNDMSS deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSPORT deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kwflower deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DgiVecp deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\aic32p deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vsdatant deleted successfully.
C:\WINDOWS\system32\vsdatant.sys moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kvpndev deleted successfully.
C:\WINDOWS\system32\drivers\kvpndrv.sys moved successfully.
========== FILES ==========
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\3522.exe moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\3D4C.exe moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\7851.exe moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\BB13.exe moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\FA48.exe moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\FBFD.exe moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ESET\ESET Smart Security\Stats folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\ESET folder moved successfully.
C:\Documents and Settings\Master.SREDNI\bv2.exe moved successfully.
C:\Documents and Settings\Master.SREDNI\bvd32.exe moved successfully.
C:\Documents and Settings\Master.SREDNI\same.scr moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\ndcT46WWT4R.exe moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\windows.exe moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\coinutil.dll moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\miner.dll moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\usft_ext.dll moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\__0002bec4.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\__00032696.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\__0003ea56.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\__0003ec5f.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\__0004fda8.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\__00404bff.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\__00404cdb.lnk moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\skype.dat moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\skype.ini moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\bits folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\ESET\ESET Smart Security\Antispam folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\ESET\ESET Smart Security folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\ESET folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\Kerio\Admin folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\Kerio folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\naBXj folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\dclogs folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\Rnda9OonB7Vs.bak moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\skin folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\locale\en-US folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\locale folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\defaults folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\chrome\content\extensionCode folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\chrome\content\core folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\chrome\content\api folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\chrome\content folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com\chrome folder moved successfully.
C:\Documents and Settings\Master.SREDNI\Dane aplikacji\mozilla\Firefox\Profiles\byhy6gxr.default\extensions\a4d41df3-b0e7-40f2-abab-120615dcf791@43f0c24d-2e1c-4165-8a5e-f1d7bfcfaf82.com folder moved successfully.
C:\Program Files\Common Files\Common User Runtime.{2227A280-3AEA-1069-A2DE-08002B30309D} folder moved successfully.
C:\WINDOWS\System32\drivers\817.exe moved successfully.
C:\WINDOWS\System32\drivers\359.exe moved successfully.
C:\WINDOWS\System32\ajSavReg.dll moved successfully.
C:\WINDOWS\System32\ajSavReg.exe moved successfully.
File\Folder C:\WINDOWS\System32\actxprxy.exe not found.
C:\WINDOWS\System32\6to4svc.exe moved successfully.
C:\WINDOWS\System32\adsnt.exe moved successfully.
C:\WINDOWS\System32\atkctrs.exe moved successfully.
C:\WINDOWS\System32\adptif.exe moved successfully.
C:\WINDOWS\System32\imon1.dat moved successfully.
C:\autorun.inf moved successfully.
D:\autorun.inf moved successfully.
E:\autorun.inf moved successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\Master.SREDNI_ON_C\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell deleted successfully.
Registry key HKEY_USERS\Master.SREDNI_ON_C\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\\EnableLUA deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf\\""|"@SYS:DoesNotExist" /E : value set successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: All Users.WINDOWS
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService.ZARZĄDZANIE NT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Master
->Temp folder emptied: 2924503 bytes
->Temporary Internet Files folder emptied: 88620 bytes
 
User: Master.SREDNI
->Temp folder emptied: 1109687683 bytes
->Temporary Internet Files folder emptied: 24794410 bytes
->FireFox cache emptied: 57786179 bytes
->Flash cache emptied: 3159637 bytes
 
User: MASTER~1~SRE
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService.ZARZĄDZANIE NT
->Temp folder emptied: 1359872 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1140548 bytes
 
Total Files Cleaned = 1,145.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05222013_005026