:OTL DRV - [2013/04/11 17:12:24 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\autjrctk.sys – (autjrctk) DRV - [2013/04/02 20:31:28 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\rnrnizjm.sys – (rnrnizjm) DRV - [2013/04/02 15:08:00 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\mmcatcff.sys – (mmcatcff) DRV - [2013/04/02 13:07:56 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\tuicyxli.sys – (tuicyxli) DRV - [2013/04/02 08:42:25 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\ucbgaffo.sys – (ucbgaffo) DRV - [2013/04/02 06:14:53 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\mnjwzchj.sys – (mnjwzchj) DRV - [2013/04/01 21:32:02 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\rrcqskxv.sys – (rrcqskxv) DRV - [2013/04/01 19:31:55 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\asknxrin.sys – (asknxrin) DRV - [2013/04/01 17:31:48 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\robgijwb.sys – (robgijwb) DRV - [2013/04/01 12:44:34 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\rnmjeyuv.sys – (rnmjeyuv) DRV - [2013/04/01 10:44:29 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\ojmoatzq.sys – (ojmoatzq) DRV - [2013/04/01 01:48:18 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\oefrfoib.sys – (oefrfoib) DRV - [2013/03/31 23:19:04 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\ntzarhqp.sys – (ntzarhqp) DRV - [2013/03/31 20:32:24 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\bfombjvi.sys – (bfombjvi) DRV - [2013/03/31 12:06:22 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\cjnkebva.sys – (cjnkebva) DRV - [2013/03/31 00:07:05 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\fdghwtpm.sys – (fdghwtpm) DRV - [2013/03/30 23:51:11 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\onyhtrik.sys – (onyhtrik) DRV - [2013/03/30 21:34:44 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\dwxsjrer.sys – (dwxsjrer) DRV - [2013/03/30 18:14:39 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\fuvconie.sys – (fuvconie) DRV - [2013/03/30 13:24:23 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\inzfcudl.sys – (inzfcudl) DRV - [2013/03/30 07:46:37 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\lcnpmqjg.sys – (lcnpmqjg) DRV - [2013/03/29 23:26:50 | 000,000,568 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\uirkzrlz.sys – (uirkzrlz) DRV - [2013/03/29 15:23:03 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\nmzyzirb.sys – (nmzyzirb) DRV - [2013/03/29 11:59:11 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\sroovxxh.sys – (sroovxxh) DRV - [2013/03/28 20:17:43 | 000,078,848 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysWow64\drivers\arercarm.sys – (arercarm) [2013/02/21 23:31:50 | 000,000,000 | —D | M] (Search-NewTab) – C:\Users\małgosia\AppData\Roaming\mozilla\Firefox\Profiles\3mqrnp0o.default\extensions\512691be51f18@512691be51f52.com O4 - HKLM…\Run: [AutoStart] C:\Users\małgosia\3xtb.exe () O4 - HKU\S-1-5-21-3953819830-622224066-1830746929-1000…\Run: [fagmocefwoqn] C:\Users\małgosia\fagmocefwoqn.exe File not found O4 - HKU\S-1-5-21-3953819830-622224066-1830746929-1000…\Run: [rypusaqizzea] C:\Users\małgosia\rypusaqizzea.exe File not found O4 - HKU\S-1-5-21-3953819830-622224066-1830746929-1000…\Run: [wqjueq] C:\Users\małgosia\wqjueq.exe /z File not found O4 - HKU\S-1-5-19…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20…\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 54445 = c:\progra~3\dxoajrs.exe [2013/04/14 20:07:13 | 000,000,000 | ---- | C] () – C:\Windows\SysWow64\drivers\bsvyfmdp.sys [2013/04/14 17:24:50 | 000,000,000 | ---- | C] () – C:\Windows\SysWow64\drivers\cjuazbtl.sys [2013/04/14 17:24:49 | 000,000,544 | -H-- | C] () – C:\ProgramData\common.data [2013/04/14 17:00:18 | 000,000,000 | ---- | C] () – C:\Windows\SysWow64\drivers\ofdcnkru.sys [2013/04/14 16:57:04 | 000,000,000 | ---- | C] () – C:\Windows\SysWow64\drivers\oobkorjc.sys [2013/04/14 16:42:56 | 000,000,000 | ---- | C] () – C:\Windows\SysWow64\drivers\mnokffji.sys [2013/04/14 15:58:57 | 000,000,000 | ---- | C] () – C:\Windows\SysWow64\drivers\bdznrfxu.sys [2013/04/11 17:12:21 | 000,078,848 | ---- | C] () – C:\Windows\SysWow64\drivers\autjrctk.sys [2013/04/02 20:44:36 | 000,000,000 | ---- | C] () – C:\Windows\SysWow64\drivers\sqtjoxuj.sys [2013/04/14 16:39:55 | 000,000,000 | —D | M] – C:\Users\małgosia\AppData\Roaming\Abyre [2013/04/14 16:42:11 | 000,000,000 | —D | M] – C:\Users\małgosia\AppData\Roaming\Onxy :Files C:\Users\małgosia*.exe C:\ProgramData*.exe C:\Users\małgosia\AppData\Roaming\xeosteibaxavgadzsk1pmh1aabbgs1re2 C:\Users\małgosia\AppData\Roaming\xpx2sswyr2trxn3navpyvfvrqkus2nbl2 C:\ProgramData\B8C634296905D4AD0000B8C57B6ADB9B :Commands [emptytemp]