Prosba o pomoc w usunieciu mystartsearch

bartek_wola · 9 Luty 2015 16:29

Diabel DaemonTools zainstalowal mi ta zlo wcielone.

Jak sie tego pozbyc . Przesylam logi z FRST.

Przy okazji. znacie inny podobny program do montowana obrazow, ktory nie bedzie mi sprawial takich problemow?

Pozdrawiam

Addition_09-02-2015_17-24-19.txt

FRST_09-02-2015_17-24-20.txt

Atis · 9 Luty 2015 16:36

Pobierz i uruchom AdwCleaner Kliknij Scan i później Cleaning.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3358290999-940425808-1999409015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKU\S-1-5-21-3358290999-940425808-1999409015-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3358290999-940425808-1999409015-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3358290999-940425808-1999409015-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX&q={searchTerms}
FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
FF SearchPlugin: C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\searchplugins\mystartsearch.xml
FF Extension: Fast Start - C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\Extensions\1423498384_xpi [2015-02-09]
FF Extension: FF Toolbar - C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\Extensions\fftoolbar2014@etech.com [2015-02-09]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\extensions\fftoolbar2014@etech.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=sc&ts=1423498368&from=smt&uid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.

Acorus · 9 Luty 2015 16:40

Otwórz notatnik systemowy i wklej:

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hpts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hpts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hpts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hpts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3358290999-940425808-1999409015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hpts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
HKU\S-1-5-21-3358290999-940425808-1999409015-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hpts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dsts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFXq={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dsts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFXq={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dsts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFXq={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dsts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFXq={searchTerms}
SearchScopes: HKU\S-1-5-21-3358290999-940425808-1999409015-1000 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dsts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFXq={searchTerms}
SearchScopes: HKU\S-1-5-21-3358290999-940425808-1999409015-1000 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dsts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFXq={searchTerms}
FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=ntts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.mystartsearch.com/?type=hpts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
FF SearchPlugin: C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\searchplugins\mystartsearch.xml
FF Extension: Fast Start - C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\Extensions\1423498384_xpi [2015-02-09]
FF Extension: FF Toolbar - C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\Extensions\fftoolbar2014@etech.com [2015-02-09]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\WronieOko\AppData\Roaming\Mozilla\Firefox\Profiles\fii6mrhv.default\extensions\fftoolbar2014@etech.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=scts=1423498368from=smtuid=HGSTXHTS721010A9E630_JR10006P0RXNGF0RXNGFX
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

bartek_wola · 9 Luty 2015 16:55

Przesylam pliki.

Acorus · 9 Luty 2015 17:29

Otwórz notatnik systemowy i wklej:

SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-02-09 17:40 - 2015-02-09 17:41 - 00000000 ____ D () C:\AdwCleaner

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

bartek_wola · 9 Luty 2015 17:38

Dzieki