Surfvox - jak usunąć?

Dla specjalistów Bezpieczeństwo
#1

Witam,

 

Wstawiam logi z FRST(wklej.org wywalało):

#2

Odinstaluj McAfee Security Scan Plus.Otwórz notatnik systemowy i wklej:

Task: {94F74D40-915C-43F0-8A41-9CEE0769BBF2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1371915817-2026084283-3354847764-1000UA = C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {878E4893-1A89-47B2-B699-202BB4B91813} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1371915817-2026084283-3354847764-1000Core = C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1371915817-2026084283-3354847764-1000Core.job = C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1371915817-2026084283-3354847764-1000UA.job = C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
AlternateDataStreams: C:\Users\PC\Cookies:DUxsK6IxNZOQmLiLw
AlternateDataStreams: C:\Users\PC\Cookies:ffmIkdKGfurveDYw2GmoK
AlternateDataStreams: C:\Users\PC\AppData\Local\mxtFbjNHc2LRXvX:vVEpPDvD0kJTmiFXhEN0PN4
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-1371915817-2026084283-3354847764-1000\...\Run: [Facebook Update] = C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-1371915817-2026084283-3354847764-1000\...\Run: [nvxasync] = C:\Users\PC\AppData\Roaming\nvxasync\nvxasync.exe [142679040 2014-12-31] ()
HKU\S-1-5-21-1371915817-2026084283-3354847764-1000\...\MountPoints2: {079dd3a8-81ab-11e1-bc14-50e5499dcb3a} - G:\Autorun.exe
HKU\S-1-5-21-1371915817-2026084283-3354847764-1000\...\MountPoints2: {a880f494-7b02-11e1-9e18-50e5499dcb3a} - G:\AutoRun.exe
HKU\S-1-5-21-1371915817-2026084283-3354847764-1000\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [142679040 2014-12-31] () ==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (No File)
HKU\S-1-5-21-1371915817-2026084283-3354847764-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Homepage: hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\bcotqqfm.default\searchplugins\starter.xml
FF HKU\S-1-5-21-1371915817-2026084283-3354847764-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 easytether; system32\DRIVERS\easytthr.sys [X]
S3 GGSAFERDriver; \\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
2015-01-01 19:32 - 2015-01-01 19:32 - 00000000 _RSHD () C:\ProgramData\nvxasync
2014-12-31 13:49 - 2014-12-31 13:49 - 40068694 _____ () C:\Users\PC\AppData\Roaming\fpacked.exe
2014-12-31 13:49 - 2014-12-31 13:49 - 00000000 _RSHD () C:\Users\PC\AppData\Roaming\nvxasync
2014-12-31 13:49 - 2014-09-22 04:39 - 00000000 ____ D () C:\Users\PC\AppData\Roaming\fportable
2014-12-25 01:01 - 2014-12-25 01:01 - 00003016 _____ () C:\Windows\System32\Tasks\{845D8199-2CD1-4AE3-B570-F9B90D723FD4}
2014-12-25 01:01 - 2014-12-25 01:01 - 00003016 _____ () C:\Windows\System32\Tasks\{6742A933-DBE2-4851-A922-7FBF880E381B}
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

#3

Dziękuję drogi przyjacielu, ratujesz mi przysłowiową “du*ę”. Życzę szczodrego 2015 roku, bądź zdrów.

#4

Skasuj folder C:\FRST