Problem z TornTv v10 1.1

mil3k25 · 4 Grudzień 2014 18:04

Witam. Proszę o pomoc w usunięciu tego syfu.

Oto logi z Farbar Recovery Scan Tool

Acorus · 4 Grudzień 2014 18:38

Otwórz Notatnik i wklej:

Task: C:\Windows\Tasks\DQIXJHCK.job = C:\Users\Miý˙osz\AppData\Roaming\DQIXJHCK.exe
Task: C:\Windows\Tasks\UFTQD.job = C:\Users\Miý˙osz\AppData\Roaming\UFTQD.exe
Task: C:\Windows\Tasks\XTKWS.job = C:\Users\Miý˙osz\AppData\Roaming\XTKWS.exe
Task: C:\Windows\Tasks\YMX.job = C:\Users\Miý˙osz\AppData\Roaming\YMX.exe
HKU\S-1-5-21-3496827523-617315779-2901978971-1000\...\Policies\Explorer: []
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF Extension: TheTorntv V10 - C:\Users\Miłosz\AppData\Roaming\Mozilla\Firefox\Profiles\og273nrw.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-11-08]
FF Extension: Website Counselor - C:\Users\Miłosz\AppData\Roaming\Mozilla\Firefox\Profiles\og273nrw.default\Extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} [2014-09-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-11-08 04:36 - 2014-11-08 04:36 - 01957272 _____ (esc) C:\Users\Miłosz\AppData\Roaming\XTKWS.exe
2014-11-08 04:36 - 2014-11-08 04:36 - 01481624 _____ (esc) C:\Users\Miłosz\AppData\Roaming\UFTQD.exe
2014-11-08 04:36 - 2014-11-08 04:36 - 00001340 _____ () C:\Windows\Tasks\XTKWS.job
2014-11-08 04:36 - 2014-11-08 04:36 - 00001340 _____ () C:\Windows\Tasks\UFTQD.job
2014-11-08 04:33 - 2014-11-08 04:33 - 00000000 ____ D () C:\Users\Miłosz\AppData\Local\Comodo
2014-11-08 04:33 - 2014-11-08 04:33 - 00000000 ____ D () C:\Users\Gość\AppData\Local\Google
2014-11-08 04:33 - 2014-11-08 04:33 - 00000000 ____ D () C:\Users\Gość\AppData\Local\Comodo
2014-11-08 04:33 - 2014-11-08 04:33 - 00000000 ____ D () C:\Users\Gość
2014-11-08 04:33 - 2014-11-08 04:33 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Google
2014-11-08 04:33 - 2014-11-08 04:33 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Comodo
2014-11-08 04:33 - 2014-11-08 04:33 - 00000000 ____ D () C:\Users\Administrator
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.