Proszę o pomoc w usunięciu Surfvox z kompa

Dla specjalistów Bezpieczeństwo
#1

Bardzo proszę o pomoc w usunięciu tego syfu, krok po kroku.

Poczytałem troszkę i wklejam już scany Z FRST, mam też AdvClw, tylko nie wiem czy go używać.

Proszę i czekam na odpowiedzi

 

FRST http://wklej.to/e7Kx7

Addition http://wklej.to/qk9Lo

Shortcut http://wklej.to/pSbsO

 

 

#2

Otwórz Notatnik i wklej:

Task: {4D414782-70A5-4241-96CD-6692D5F2D470} - System32\Tasks\SpyHunter4Startup = E:\Programy\SpyHunter\SpyHunter4.exe [2013-06-07] (Enigma Software Group USA, LLC.)
Task: {88F3D9E5-8431-47F2-AF5C-C84BEA6AEAAF} - System32\Tasks\0214dUpdateInfo = C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe [2014-03-24] ()
HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] = [X]
HKU\S-1-5-21-2698707091-3775079442-3380309987-1001\...\Run: [nvxasync] = C:\Users\Maszyna\AppData\Roaming\nvxasync\nvxasync.exe [142679040 2014-12-07] ()
HKU\S-1-5-21-2698707091-3775079442-3380309987-1001\...\RunOnce: [Adobe Speed Launcher] = 1418902531
HKU\S-1-5-21-2698707091-3775079442-3380309987-1001\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [142679040 2014-12-07] () ==== ATTENTION
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicyUsers\S-1-5-21-2698707091-3775079442-3380309987-1003\User: Group Policy restriction detected ======= ATTENTION
HKU\S-1-5-21-2698707091-3775079442-3380309987-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-2698707091-3775079442-3380309987-1001 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF SearchPlugin: C:\Users\Maszyna\AppData\Roaming\Mozilla\Firefox\Profiles\i49xcidy.default\searchplugins\starter.xml
S3 esgiguard; \\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-12-18 12:42 - 2014-12-18 12:43 - 00000000 ____ D () C:\AdwCleaner
2014-12-15 20:18 - 2014-12-15 20:55 - 00046668 _____ () C:\spyhunter.fix
2014-12-15 20:18 - 2014-12-15 20:18 - 00003220 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-15 20:18 - 2010-05-13 18:34 - 00014232 _____ () C:\Windows\SysWOW64\sh4native.exe
2014-12-10 17:50 - 2014-12-10 17:50 - 00000000 ____ D () C:\Program Files\Enigma Software Group
2014-12-10 17:49 - 2014-12-10 19:22 - 00000000 ____ D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-12-07 20:29 - 2014-12-07 20:29 - 00073728 _____ () C:\Users\Maszyna\AppData\Local\Web Data
2014-12-07 20:29 - 2014-12-07 20:29 - 00000000 _RSHD () C:\ProgramData\nvxasync
2014-12-07 20:29 - 2014-09-22 04:39 - 00000000 ____ D () C:\Users\Maszyna\AppData\Roaming\fportable
2014-12-07 20:21 - 2014-12-08 16:12 - 00000000 _RSHD () C:\Users\Maszyna\AppData\Roaming\nvxasync
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

#3

Dziękuje, wszystko śmiga.

proszę zamknąć temat, lub usunąć

#4

Skasuj folder C:\FRST