Proszę o radę z hijackthis
Skanowałem kilka razy przy pomocy Adwcleaner i Malwarebytes Anti-Malware i wciąż coś trapi mojego blaszaka
Proszę o radę co zrobić krok po kroku.
Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.
A i przy okazji, jak pozbyć się wyskakującej strony https://www.bet-at-home.com/pl/landingpagetest/1
Otwórz notatnik systemowy i wklej:
Hosts:
Task: {040FA156-8C9D-41A0-8615-1A12A414D2D4} - System32\Tasks\{77821E50-98E6-44E4-901D-5B28243FAAF3} = Firefox.exe http://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1638
Task: {4B10EA66-794B-4A12-851F-028F2C2B453D} - System32\Tasks\{93CBA2C7-135F-4ED0-94B3-C921B3BD1F51} = Firefox.exe http://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1638
Task: {80656A3C-CF6C-4B49-B67F-2BF52AF6CD0E} - System32\Tasks\{627B3B39-6435-437C-84C1-1712E9B32C0D} = Firefox.exe http://ui.skype.com/ui/0/6.22.0.107/pl/go/help.faq.installer?LastError=1638
Task: {80A34FF9-CE51-46B1-9115-692DAD1FCE4F} - System32\Tasks\{F6AE8B2F-CE0A-445C-973C-50C34F84784C} = Firefox.exe http://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1638
Task: {ECE44B86-1C67-4C84-81FF-980C81447C61} - System32\Tasks\{30D52CA6-7BF4-4757-A691-BE649D8AEE20} = Firefox.exe http://ui.skype.com/ui/0/7.0.0.102/pl/go/help.faq.installer?LastError=1638
AppInit_DLLs: C:\Program c:\program = C:\Program c:\program File Not Found
BootExecute: autocheck autochk * sdnclean.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-2216100265-3793181756-2619226372-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
ProxyEnable: [.DEFAULT] = Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] = http=127.0.0.1:52981;https=127.0.0.1:52981
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2216100265-3793181756-2619226372-1000 - {4D6FB46F-3804-49C1-8EA9-FC872E5F902B} URL = https://nl.search.yahoo.com/search?fr=chr-greentree_ieei=utf-8ilc=12type=667671p={searchTerms}
FF Keyword.URL: https://nl.search.yahoo.com/search?fr=greentree_ff1ei=utf-8ilc=12type=667671p=
FF Extension: InstantFox - C:\Users\WooDoo\AppData\Roaming\Mozilla\Firefox\Profiles\an4g4dwq.default-1402467315227\Extensions\searchy@searchy.xpi [2015-03-31]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-31]
CHR DefaultSearchKeyword: Default - yahoo.com Search
CHR DefaultSearchURL: Default - https://search.yahoo.com/search?ei=utf-8fr=chr-yo_gctype=667671ilc=12p={searchTerms}
CHR DefaultSuggestURL: Default - https://ff.search.yahoo.com/gossip?output=fxjsoncommand={searchTerms}
S4 HPSLPSVC; C:\Users\WooDoo\AppData\Local\temp\7zS202C\hpslpsvc32.dll [X]
S2 svcprocess; C:\Windows\svcproxy\svcprocess.exe [X]
S3 catchme; \\C:\Users\WooDoo\AppData\Local\Temp\catchme.sys [X]
S3 cpuz135; \\C:\Users\WooDoo\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 WinRing0_1_2_0; \\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]
2015-03-30 19:40 - 2014-05-09 13:37 - 00000000 ____ D () C:\AdwCleaner
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Dzięki piękne.
A jak się pozbyć tej reklamy wyskakuje jako pełna strona? https://www.bet-at-home.com/pl/landingpagetest/1