Witam.
Wykryłem w LOG’ u z OTl’ a dziwne wpisy, świadczące o infekcji wirusem ZeroAccess. Proszę o pomoc w pozbyciu się tego. Niżej log z OTL’a:
========== ZeroAccess Check ==========
[2012-12-21 17:59:05 | 000,000,227 | RHS- | M] () – C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
“” = %SystemRoot%\system32\shdocvw.dll – [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
“” = C:\WINDOWS\system32\wbem\fastprox.dll – [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
“” = C:\WINDOWS\system32\wbem\wbemess.dll – [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Both
LOGI: