Surfvox, problem z przeglądarką

yui1521 · 29 Styczeń 2015 12:54

Witam mam problem z tym wirusem surfvox. Ogólnie przeglądarki mi nie działają oprócz internet explorer, więc jestem bardzo ograniczony w działaniu. Zrobiłem skan FRST dodaje w załączniku i sory z góry, że w txt ale nie dało się wrzucić na wklejto. Proszę o pomoc pozdrawiam

Shortcut.txt

FRST.txt

Addition.txt

Acorus · 29 Styczeń 2015 13:25

Odinstaluj Bundled software uninstaller,Qtrax Player,WebCake 3.00.Otwórz notatnik systemowy i wklej:

Task: {9339329F-B4A7-4930-9A4D-C7B2631FBF4D} - System32\Tasks\BrowserDefendert = Sc.exe start BrowserDefendert ==== ATTENTION
Task: {A09AB511-A48C-4FD6-8D31-A7F2EF2B69D6} - System32\Tasks\QtraxPlayer = 294414964.portal.qtrax.com
HKU\S-1-5-21-3643320859-2859747327-1490101468-1000\...\Run: [nvxasync] = C:\Users\kamil\AppData\Roaming\nvxasync\nvxasync.exe [142679040 2015-01-29] ()
HKU\S-1-5-21-3643320859-2859747327-1490101468-1000\...\Winlogon: [Shell] C:\ProgramData\nvxasync\cvxasync.exe [142679040 2015-01-29] () ==== ATTENTION
HKU\S-1-5-21-3643320859-2859747327-1490101468-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
SearchScopes: HKU\.DEFAULT - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3643320859-2859747327-1490101468-1000 - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}babsrc=SP_ssmntrId=1E364CEDDEF54BBBaffID=119818tt=250613_gr5tsp=4926
SearchScopes: HKU\S-1-5-21-3643320859-2859747327-1490101468-1000 - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3643320859-2859747327-1490101468-1000 - {B4C02DFB-F13C-45CA-8117-5F7795647ADC} URL = https://search.yahoo.com/search?fr=chr-greentree_ieei=utf-8ilc=12type=888596p={searchTerms}
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File
Toolbar: HKU\S-1-5-21-3643320859-2859747327-1490101468-1000 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://search.yahoo.com/search?fr=greentree_ff1ei=utf-8ilc=12type=888596p=
FF Homepage: hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF Homepage: user_pref("extensions.lastPlatformVersion");hxxp://www.surfvox.com
FF DefaultSearchEngine: SurfVox
FF SelectedSearchEngine: SurfVox
FF SearchPlugin: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\o6j354pp.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\o6j354pp.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\o6j354pp.default\searchplugins\starter.xml
FF SearchPlugin: C:\Users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\o6j354pp.default\searchplugins\yahoo_ff.xml
CHR DefaultSearchKeyword: Profile 1 - yahoo.com Search
CHR DefaultSearchURL: Profile 1 - https://search.yahoo.com/search?fr=chr-yo_gcei=utf-8ilc=12type=888596p={searchTerms}
CHR DefaultSuggestURL: Profile 1 - https://ff.search.yahoo.com/gossip?output=fxjsoncommand={searchTerms}
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2015-01-14]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\kamil\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfndaklgolladniicklehhancnlgocpp [2015-01-14]
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\kamil\AppData\Local\Slick Savings\coupons.crx [2014-06-12]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
OPR StartupUrls: "hxxp://www.surfvox.com/"
2015-01-29 04:54 - 2015-01-29 05:02 - 00000000 ____ D () C:\AdwCleaner
2015-01-29 02:32 - 2015-01-29 02:32 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\kamil\Downloads\SpyHunter-Installer.exe
2015-01-29 00:17 - 2015-01-29 00:24 - 00000000 _RSHD () C:\ProgramData\nvxasync
2015-01-29 00:17 - 2015-01-29 00:17 - 40068694 _____ () C:\Users\kamil\AppData\Roaming\fpacked.exe
2015-01-29 00:17 - 2015-01-29 00:17 - 00000000 _RSHD () C:\Users\kamil\AppData\Roaming\nvxasync
2015-01-29 00:17 - 2014-09-22 04:39 - 00000000 ____ D () C:\Users\kamil\AppData\Roaming\fportable
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

yui1521 · 29 Styczeń 2015 14:57

Podziałało dzięki wielkie! Tylko pytanie, co należy zrobić aby po uruchomieniu windowsa nie pojawiał się czarny ekran? Od razu tłumaczę, że zaczęło się to w momencie pojawienia się tego surfvox

Acorus · 29 Styczeń 2015 19:18

Skasuj folder C:\FRST

Przeskanuj programem Malwarebytes Anti-Malware http://data-cdn.mbamupdates.com/v2/mbam/consumer/data/mbam-setup-2.0.4.1028.exe

Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.