Znikomo ujawniający się ale chyba jednak wirus

[losyart]

Nie wiedziałem jak nazwać ten temat bo problem dość nietypowy jakiś czas temu tydzień lub dwa oglądając jakieś strony wyskoczył mi parokrotnie komunikat że Eset Smart Security zablokował połączenie z jakimś tam adresem url i że poddał kwarantannie chyba no nie pamiętam. No i spoko od tego czasu co prawda prawie nic się nie dzieje prócz tego że co chwila eset wysyła komunikat o jakimś dziwnym pliku i mam wrażenie że cały czas o tym samym plus co jakiś czas wyskakuje dziwne okienko ale za chwilę sie zamyka.Ignorowałem to aż do dziś kiedy po włączeniu kompa zmieniło mi tapetę znów wyskoczyło okienko i znów komunikat a więc boję się czy coś się nie rozwinie dlatego zdecydowałem się spróbować podesłać logi żeby eksperci ocenili

[code]GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-07-26 19:14:06
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e ST3250410AS rev.3.AAC
Running: ooy1sw3h.exe; Driver: C:\DOCUME~1\GRECKI~1\USTAWI~1\Temp\pxtdapob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xB3E6E610]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xB80F887E]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xB3E6EC10]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xB3E6E730]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0xB3E6E4B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenThread [0xB3E6E570]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xB3E6E6D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xB3E6E790]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xB3E6E690]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xB3E6E650]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xB3E6E7D0]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xB80F8BFE]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xB3E6E510]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xB3E6E590]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xB3E6E4D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xB3E6E5D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xB3E6E750]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6E173A0, 0x5CC259, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[628] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 4 Bytes [C2, 04, 00, 00]
? C:\WINDOWS\system32\svchost.exe[2008] image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: DNSAPI.dll
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2792] USER32.dll!SetWindowLongA 7E37C29D 5 Bytes JMP 1068EDA6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2792] USER32.dll!SetWindowLongW 7E37C2BB 5 Bytes JMP 1068ED38 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2792] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 104A5451 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2792] USER32.dll!TrackPopupMenu 7E3B531E 5 Bytes JMP 104A5A99 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3340] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 00401410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3340] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 104AC3EA C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!RegQueryValueExW] [77DC7842] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorDacl] [77DC6C17] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!SetEntriesInAclW] [77DCEAD7] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorGroup] [77DC7AAB] C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!SetSecurityDescriptorOwner] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!InitializeSecurityDescriptor] [76F15AD3] C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!GetTokenInformation] [76F24BF2] C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!OpenProcessToken] [76F2684B] C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!OpenThreadToken] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!SetServiceStatus] [7C801E1A] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!RegisterServiceCtrlHandlerW] [7C92ABA5] C:\WINDOWS\system32\ntdll.dll (Biblioteka NT Layer DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!RegCloseKey] [7C80DE85] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!RegOpenKeyExW] [7C863E6A] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ADVAPI32.dll!StartServiceCtrlDispatcherW] [7C8449FD] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!WideCharToMultiByte] [7C8350D7] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!lstrlenW] [7C830D64] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LocalFree] [7C809E91] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetCurrentProcess] [7C81CAFA] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetCurrentThread] [7C80932E] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [7C802446] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C80C0E8] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LCMapStringW] [7C919B80] C:\WINDOWS\system32\ntdll.dll (Biblioteka NT Layer DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [7C9100A4] C:\WINDOWS\system32\ntdll.dll (Biblioteka NT Layer DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!lstrcpyW] [7C813123] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!ExpandEnvironmentStringsW] [7C802530] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!lstrcmpiW] [7C812C46] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!ExitProcess] [7C809F09] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetCommandLineW] [7C8097B8] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!InitializeCriticalSection] [7C8024B7] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcessHeap] [7C809BD7] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!SetErrorMode] [7C80EAAB] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!SetUnhandledExceptionFilter] [7C80E9CF] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!RegisterWaitForSingleObject] [7C81126A] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!InterlockedCompareExchange] [7C810BAC] C:\WINDOWS\system32\kernel32.dll (Biblioteka DLL klienta Windows NT BASE API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!QueryPerformanceCounter] [77F74EE6] C:\WINDOWS\system32\SHLWAPI.dll (Biblioteka dodatkowych narzędzi powłoki/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetTickCount] [77F8C4CE] C:\WINDOWS\system32\SHLWAPI.dll (Biblioteka dodatkowych narzędzi powłoki/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetCurrentThreadId] [77F6827C] C:\WINDOWS\system32\SHLWAPI.dll (Biblioteka dodatkowych narzędzi powłoki/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetCurrentProcessId] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetSystemTimeAsFileTime] [7E36A8AD] C:\WINDOWS\system32\USER32.dll (Biblioteka DLL klienta Windows XP USER API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!TerminateProcess] [7E378717] C:\WINDOWS\system32\USER32.dll (Biblioteka DLL klienta Windows XP USER API/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!UnhandledExceptionFilter] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LocalAlloc] [771C5BAA] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!lstrcmpW] [771C160A] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!DelayLoadFailureHook] [771C7519] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtQuerySecurityObject] [771BE85D] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlFreeHeap] [771BD778] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtOpenKey] [771C1C6A] C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!wcscat] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!wcscpy] [71A56A55] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlAllocateHeap] [71A52FF7] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlCompareUnicodeString] [71A53D10] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlInitUnicodeString] [71A54521] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlInitializeSid] [71A52F51] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlLengthRequiredSid] [71A5676F] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlSubAuthoritySid] [71A54211] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!NtClose] [71A53E2B] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlSubAuthorityCountSid] [71A54C27] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlGetDaclSecurityDescriptor] [71A52EE1] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlQueryInformationAcl] [71A52E53] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlGetAce] [71A546EA] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlImageNtHeader] [71A545C1] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!wcslen] [71A54A07] C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation)
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlUnhandledExceptionFilter] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [ntdll.dll!RtlCopySid] 00000000
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIfEx] 00007525
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcMgmtWaitServerListen] 00000023
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcMgmtSetServerStackSize] 0000002E
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcServerUnregisterIf] 2E777777
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcServerListen] 7263696D
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcServerUseProtseqEpW] 666F736F
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcServerRegisterIf] 6F632E74
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!I_RpcMapWin32Status] 0000006D
IAT C:\WINDOWS\system32\svchost.exe[2008] @ C:\WINDOWS\system32\svchost.exe [RPCRT4.dll!RpcMgmtStopServerListening] 2E766564

---- Devices - GMER 1.0.15 ----

Device \Driver\Beep \Device\Beep 88F3D360

AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)

---- Threads - GMER 1.0.15 ----

Thread System [4:1204] 88F3FBA0
Thread System [4:1208] 88F3C0E0

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x54 0x34 0xA5 0x1E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x6C 0xDD 0x27 0x62 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x1B 0x7E 0xE9 0xFE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x54 0x34 0xA5 0x1E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x6C 0xDD 0x27 0x62 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x1B 0x7E 0xE9 0xFE ...

---- EOF - GMER 1.0.15 ----
[/code]

Niestety nie mogę ściągnąć aplikacji OTL ani exe ani com ani scr za każdym razem wyświetla się ostrzeżenie od Eset Smart Security że dostęp jest zabroniony.Dokładnie brzmi to tak: "Dostęp do strony został zablokowany przez ESS.Strona znajduje się na liście stron zawierających wirusy i inne niebezpieczne aplikacje.Lista jest definowana przez producenta

[NieWiem]

Z tego co widzę to nie jesteś nowym userem na forum, więc tym bardziej nie będzie pomocy dopóki nie poprawisz wklejenia loga.
obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html

Skoro nie chce Ci pobrać OTLa to spróbuj pokazać loga z DDS (opis w temacie poniżej, pod OTLem)
otl-dds-combofix-vt117885.html