Jak usunąc MyBrowser

virago · 27 Wrzesień 2015 11:25

Witam ,problem z mozillą,

http://www.wklej.org/id/1804796/-FRST

http://www.wklej.org/id/1804799/-Shortcut

http://www.wklej.org/id/1804803/ -Addition

niby usuwam ,a po chwili sama sie instaluje przeglądarka my-browser.

Acorus · 27 Wrzesień 2015 11:31

A gdzie logi?

virago · 27 Wrzesień 2015 11:32

Już są.

Acorus · 27 Wrzesień 2015 11:53

Odinstaluj istartsurf,WorldofTanks.Otwórz notatnik systemowy i wklej:

Task: {0632E80A-E003-47CB-9DF4-EF582D0B771D} - System32\Tasks\{F0C305DD-15BC-4CA1-96A1-5C5E0DAA0F53} = Firefox.exe http://ui.skype.com/ui/0/6.22.64.106/pl/abandoninstall?source=lightinstalleramp;page=tsMain
Task: {0E6640CD-EC7F-4D39-ABED-0A4FB4C82408} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent - Brak pliku ==== UWAGA
Task: {23B360DA-059F-47B8-96F7-971815EB07AB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d - Brak pliku ==== UWAGA
Task: {33ABFC5A-2D0F-48FF-847D-57EA153BB6CE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - Brak pliku ==== UWAGA
Task: {393EBCA8-CC9A-4A53-960A-8B0E6516F460} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - Brak pliku ==== UWAGA
Task: {3EBC684D-9B16-4F65-98B5-9A1CF80F155D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d - Brak pliku ==== UWAGA
Task: {3FCB5CDE-667A-42D8-9B13-3FE1C33EE9E2} - \Safer-Networking\Spybot - Search and Destroy\Scan the system - Brak pliku ==== UWAGA
Task: {4FFD90C0-34D8-4219-B1F9-F1B27B3770D9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d - Brak pliku ==== UWAGA
Task: {5F69EAF0-622C-404A-AA6F-87151BC9D240} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 ==== UWAGA
Task: {8020E5FD-9521-465F-A1BA-76356F27D4C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d - Brak pliku ==== UWAGA
Task: {8D940806-D696-450E-8A7C-DA77934610D3} - \Safer-Networking\Spybot - Search and Destroy\Check for updates - Brak pliku ==== UWAGA
Task: {90ED3C66-0503-4250-8F47-4705C768A3CF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig - Brak pliku ==== UWAGA
Task: {96CBFBAC-67DB-407F-B914-46C20555EC72} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d - Brak pliku ==== UWAGA
Task: {9C4B499E-3062-467B-89D1-C53F5BA1DF55} - \Microsoft\Windows\Setup\gwx\launchtrayprocess - Brak pliku ==== UWAGA
Task: {A0C03F14-4CB8-42C2-936A-B8225A136923} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd - Brak pliku ==== UWAGA
Task: {A5DFAED3-1AD1-4FF6-9094-1CB3D3E01370} - System32\Tasks\YTDownloader = C:\Program Files (x86)\YTDownloader\YTDownloader.exe ==== UWAGA
Task: {C1E12482-84A1-48B9-A780-9B0D2CBDBE19} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization - Brak pliku ==== UWAGA
Task: {DA84B596-E601-4712-838E-548D9BE72EE6} - System32\Tasks\SMupdate1 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 ==== UWAGA
Task: {E77A8BAD-F777-4128-9A4E-B4C00C9C06DB} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 ==== UWAGA
HKLM-x32\...\Run: [gmsd_no_59] = [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] - {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} = Brak pliku
ShellIconOverlayIdentifiers: [SugarSyncPending] - {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} = Brak pliku
ShellIconOverlayIdentifiers: [SugarSyncRoot] - {A759AFF6-5851-457D-A540-F4ECED148351} = Brak pliku
ShellIconOverlayIdentifiers: [SugarSyncShared] - {1574C9EF-7D58-488F-B358-8B78C1538F51} = Brak pliku
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hpts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hpts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hpts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hpts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
HKU\S-1-5-21-3482053101-1724299421-2295308637-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=dsts=1437510637z=ab7ed05592e6b9ce424f0b8gbzfc7mcw5g7eaqdo4gfrom=wpm07163uid=ST1000LM024XHN-M101MBB_S2SMJ9DDC03546q={searchTerms}
HKU\S-1-5-21-3482053101-1724299421-2295308637-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hpts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546
HKU\S-1-5-21-3482053101-1724299421-2295308637-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hpts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546
HKU\S-1-5-21-3482053101-1724299421-2295308637-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=dsts=1437510637z=ab7ed05592e6b9ce424f0b8gbzfc7mcw5g7eaqdo4gfrom=wpm07163uid=ST1000LM024XHN-M101MBB_S2SMJ9DDC03546q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
SearchScopes: HKLM - {867E8C7F-09FA-41E2-AAAE-1F16676F8651} URL = hxxp://rocket-find.com/results.php?f=4q={searchTerms}a=rckt_ir_14_28_ffcd=2XzuyEtN2Y1L1QzuyEtD0FtDtB0F0DyByEtB0AyDtAzy0AtCtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDtD0C0FyEyEzzzztG0CyByD0DtGyCyCyC0DtG0AyCtCzztGtA0BtB0D0ByB0F0F0E0DyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtCtByBtD0AyEtDtG0EtBtBzztGzyyEtByCtGyDtDtAtDtGyC0E0DyEtDyE0F0EtAzyyD0E2Qcr=162729970ir=
SearchScopes: HKLM - {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://myhome.vi-view.com/web/?type=dsts=1419000965from=coruid=ST1000LM024XHN-M101MBB_S2SMJ9DDC03546q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
SearchScopes: HKU\S-1-5-21-3482053101-1724299421-2295308637-1002 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3482053101-1724299421-2295308637-1002 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1443344931z=2ee71e5f9f7e5cc2ef7d675g0zfz2c2c0z8z4t5c0gfrom=cornluid=st1000lm024xhn-m101mbb_s2smj9ddc03546q={searchTerms}
SearchScopes: HKU\S-1-5-21-3482053101-1724299421-2295308637-1002 - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3482053101-1724299421-2295308637-1002 - {867E8C7F-09FA-41E2-AAAE-1F16676F8651} URL = hxxp://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3482053101-1724299421-2295308637-1002 - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3482053101-1724299421-2295308637-1002 - {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3482053101-1724299421-2295308637-1002 - {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
BHO-x32: Brak nazwy - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} - Brak pliku
BHO-x32: Brak nazwy - {C32F5BF7-6918-4F78-A97A-53CDF7D07C8C} - Brak pliku
BHO-x32: Brak nazwy - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - Brak pliku
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=scts=1443333525z=2a6d611748e9093c22fdc27g4z3z1cac0c9ccc3c8cfrom=cmiuid=ST1000LM024XHN-M101MBB_S2SMJ9DDC03546
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2014-07-04]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vi-view.xml [2014-12-19]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\g5r47n9s.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\ohmw9af2.default-1423910163555\extensions\quick_searchff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\ohmw9af2.default-1423910163555\extensions\sweetsearch@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\ohmw9af2.default-1423910163555\extensions\default_newtabff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\ohmw9af2.default-1423910163555\extensions\defsearchp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Marcin\AppData\Roaming\Mozilla\Firefox\Profiles\ohmw9af2.default-1423910163555\extensions\deskCutv2@gmail.com
R2 gyvixodu; C:\Program Files (x86)\98ED593A-1443332783-E311-B749-201A069777C1\hnsc334F.tmp [203776 2015-09-27] () [Brak podpisu cyfrowego]
R2 WdsManPro; C:\ProgramData\UWdsManProU\WdsManPro.exe [442504 2015-09-27] (DTools LIMITED)
R2 nuxunivy; C:\Program Files (x86)\98ED593A-1443332783-E311-B749-201A069777C1\knsyD18F.tmpfs [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
2015-09-27 11:09 - 2015-09-27 11:09 - 00000000 ____ D C:\Program Files (x86)\RayDld
2015-09-27 11:08 - 2015-09-27 11:09 - 00000000 ____ D C:\Users\Marcin\AppData\Roaming\istartsurf
2015-09-27 09:52 - 2015-09-27 09:53 - 00000000 ____ D C:\ProgramData\UWdsManProU
2015-09-27 08:24 - 2015-09-27 08:25 - 00000000 ____ D C:\ProgramData\yWdsManProy
2015-09-27 08:24 - 2015-09-27 08:24 - 00000000 ____ D C:\Users\Marcin\AppData\Roaming\mystartsearch
2015-09-27 08:01 - 2015-09-27 10:00 - 00000000 ____ D C:\Users\Marcin\AppData\Roaming\systweak
2015-09-27 08:01 - 2015-09-27 08:01 - 00000000 __SHD C:\Users\Marcin\AppData\Roaming\AnyProtectEx
2015-09-27 08:01 - 2015-09-27 08:01 - 00000000 ____ D C:\Program Files (x86)\AnyProtectEx
2015-09-27 08:01 - 2015-07-02 14:14 - 00020248 _____ () C:\WINDOWS\system32\roboot64.exe
2015-09-27 07:46 - 2015-09-27 12:47 - 00000000 ____ D C:\Program Files (x86)\98ED593A-1443332783-E311-B749-201A069777C1
2014-08-13 13:27 - 2014-08-13 13:27 - 0631072 _____ (ClickMeIn Limited) C:\Users\Marcin\AppData\Local\nsqFF8E.tmp
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

virago · 27 Wrzesień 2015 17:24

Serdeczne dzięki… Naprawione

Acorus · 27 Wrzesień 2015 17:43

Skasuj folder C:\FRST.