Trojan cdneurope


(Chandalier) #1

Witam,

 

Poproszę o pomoc w usunięciu trojana cdneurope

Załączam logi z FRST

 

pozdrawiam

Addition.txt

FRST.txt


(Acorus) #2

Otwórz Notatnik i wklej:

BootExecute: autocheck autochk * BootDefrag.exesh4native Sh4Removal
URLSearchHook: ATTENTION == Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {27F99431-22FC-4BF4-90C7-2494F86A209E} URL = http://search.v9.com/web/?q={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: No Name - {61DB16C5-B733-43F4-872E-B20DC9E72740} - No File
FF Extension: Helper Website - C:\Users\Przemko\AppData\Roaming\Mozilla\Firefox\Profiles\d8pdxgib.default-1400354266275\Extensions\{3af9b15b-3291-46eb-9177-e3072df74f0b} [2014-10-12]
S3 esgiguard; \\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gfiark; system32\drivers\gfiark.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
2014-10-24 18:57 - 2014-11-01 21:25 - 00000000 ____ D () C:\AdwCleaner
2014-10-20 23:15 - 2014-10-20 23:15 - 00000792 _____ () C:\spyhunter.fix
2014-10-20 23:15 - 2010-05-13 16:34 - 00014232 _____ () C:\Windows\SysWOW64\sh4native.exe
2014-10-15 22:20 - 2014-10-23 22:51 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4
2014-10-15 22:20 - 2012-06-22 10:01 - 00019984 _____ () C:\Windows\SysWOW64\Drivers\EsgScanner.sys
2014-10-15 22:00 - 2014-10-15 22:16 - 00000000 ____ D () C:\ProgramData\Spybot - Search Destroy
2014-10-15 22:00 - 2014-10-15 22:00 - 00000000 ____ D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-15 21:58 - 2014-10-15 21:58 - 00000000 ____ D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.