Jak usunąć Online Browser Advertising pomocy

mrbudziopl · 7 Maj 2014 18:38

No więc mam wirusa tak zwanego Online browser advertising bardzo mi to przeszkadza i chciałbym się dowiedzieć jak go usunąć pomoże ktoś ?

Acorus · 7 Maj 2014 18:44

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.

mrbudziopl · 7 Maj 2014 19:10

Ale wklej nie działa moge wkleić na cos innego ?

Acorus · 7 Maj 2014 19:54

Odinstaluj DAEMON Tools Toolbar,DDealisFFindoerPro,DealPly (remove only),Easy Deals v 1.01,Feature Update Service (YFD),FilesFrog Update Checker,GeekBuddy,Lollipop,Optimizer Pro v3.2,SaveSense,Software Version Updater,SpeedUpMyPC,Sweet Page,VO Package,WPM18.8.0.212,Yet Another Cleaner!,YourFileDownloader.Użyj AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/ z funkcji Skan(Szukaj) a następnie Clean(usuń) (w przypadku Visty/Windows7 uruchom z prawokliku jako Administrator).

Pokaż nowe logi z FRST.

mrbudziopl · 8 Maj 2014 14:04

No więc odinstalowałem raczej wszystko co kazałeś jednak nie mogłem odinstalować lollipop wyskoczył na chwile wiersz poleceń i się zamknoł oraz GeekBuddy ponieważ instalator windows nie działa ;/ . A oto logi które prosiłeś

Acorus · 8 Maj 2014 16:58

Otwórz Notatnik i wklej:

Task: {78772026-3723-4B96-B048-5BA617A26926} - \SaveSenseLiveUpdateTaskMachineCore No Task File ==== ATTENTION
Task: {A221A577-3DDB-4B38-9314-7905FD93DB7E} - \YourFile DownloaderUpdate No Task File ==== ATTENTION
Task: {AB06DF3E-8F1D-4177-B804-4DED270B580B} - \SaveSenseLiveUpdateTaskMachineUA No Task File ==== ATTENTION
Task: {DCFF0EF6-6E5D-4D3D-AF26-6378CDF70EF4} - \DealPly No Task File ==== ATTENTION
HKLM-x32\...\Run: [tvncontrol] = C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe (No File)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: lesss2Pay - {083756F2-C025-100D-C7FC-DD1FF18807BD} - C:\ProgramData\lesss2Pay\qgOc7.x64.dll No File
BHO: DDealisFFindoerPro - {C539E859-FA31-C6D9-DDA0-1EA17423A8AD} - C:\ProgramData\DDealisFFindoerPro\i06dyGvd.x64.dll No File
BHO: SualeasMoAgnet - {D93E215D-8821-8085-BE72-830C7B1E3C4E} - C:\ProgramData\SualeasMoAgnet\n58zC.x64.dll No File
BHO-x32: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll No File
BHO-x32: SualeasMoAgnet - {D93E215D-8821-8085-BE72-830C7B1E3C4E} - C:\ProgramData\SualeasMoAgnet\n58zC.dll No File
FF Extension: BrowserAdditions - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\4yecyf2y.default\Extensions\toolbarbutton@browseradditions.com [2014-05-07]
FF Extension: FoxLingo - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\4yecyf2y.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2014-05-07]
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: http://www.sweet-page.com/web/?type=dsts=1397802189from=coruid=ST3500418AS_9VMKV7PBXXXX9VMKV7PBq={searchTerms}
CHR Extension: (No Name) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf [2014-02-15]
CHR Extension: (No Name) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeddmgahpmimnffecbnfbdfjibefdjhe [2014-04-17]
CHR Extension: (ImaGoeToPng) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nceopimlifhelodndoleonaejnngidil [2014-02-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions, Inc.)
S2 Update Surftastic; "C:\Program Files (x86)\Surftastic\updateSurftastic.exe" [X]
S2 Util Surftastic; "C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2014-05-08 15:34 - 2014-05-08 15:58 - 00000000 ____ D () C:\AdwCleaner
2014-04-30 14:38 - 2014-04-30 14:39 - 11825832 _____ (Elex do Brasil Participações Ltda) C:\Users\Administrator\Downloads\yet_another_cleaner_sk.exe
2014-04-30 13:58 - 2014-04-30 13:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Administrator\Downloads\SpyHunter-Installer.exe
2014-04-30 13:55 - 2014-04-30 13:55 - 00003190 _____ () C:\Windows\System32\Tasks\{1035B971-45B5-4529-BFCF-5744F9A3369C}

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST

mrbudziopl · 8 Maj 2014 19:21

Acorus:

Otwórz Notatnik i wklej: Task: {78772026-3723-4B96-B048-5BA617A26926} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION Task: {A221A577-3DDB-4B38-9314-7905FD93DB7E} - \YourFile DownloaderUpdate No Task File <==== ATTENTION Task: {AB06DF3E-8F1D-4177-B804-4DED270B580B} - \SaveSenseLiveUpdateTaskMachineUA No Task File <==== ATTENTION Task: {DCFF0EF6-6E5D-4D3D-AF26-6378CDF70EF4} - \DealPly No Task File <==== ATTENTION HKLM-x32…\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (No File) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: lesss2Pay - {083756F2-C025-100D-C7FC-DD1FF18807BD} - C:\ProgramData\lesss2Pay\qgOc7.x64.dll No File BHO: DDealisFFindoerPro - {C539E859-FA31-C6D9-DDA0-1EA17423A8AD} - C:\ProgramData\DDealisFFindoerPro\i06dyGvd.x64.dll No File BHO: SualeasMoAgnet - {D93E215D-8821-8085-BE72-830C7B1E3C4E} - C:\ProgramData\SualeasMoAgnet\n58zC.x64.dll No File BHO-x32: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll No File BHO-x32: SualeasMoAgnet - {D93E215D-8821-8085-BE72-830C7B1E3C4E} - C:\ProgramData\SualeasMoAgnet\n58zC.dll No File FF Extension: BrowserAdditions - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\4yecyf2y.default\Extensions\toolbarbutton@browseradditions.com [2014-05-07] FF Extension: FoxLingo - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\4yecyf2y.default\Extensions{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2014-05-07] CHR DefaultSearchKeyword: sweet-page CHR DefaultSearchProvider: sweet-page CHR DefaultSearchURL: http://www.sweet-page.com/web/?type=ds&ts=1397802189&from=cor&uid=ST3500418AS_9VMKV7PBXXXX9VMKV7PB&q={searchTerms} CHR Extension: (No Name) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf [2014-02-15] CHR Extension: (No Name) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeddmgahpmimnffecbnfbdfjibefdjhe [2014-04-17] CHR Extension: (ImaGoeToPng) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nceopimlifhelodndoleonaejnngidil [2014-02-06] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions, Inc.) S2 Update Surftastic; “C:\Program Files (x86)\Surftastic\updateSurftastic.exe” [X] S2 Util Surftastic; “C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe” [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] 2014-05-08 15:34 - 2014-05-08 15:58 - 00000000 ____D () C:\AdwCleaner 2014-04-30 14:38 - 2014-04-30 14:39 - 11825832 _____ (Elex do Brasil Participações Ltda) C:\Users\Administrator\Downloads\yet_another_cleaner_sk.exe 2014-04-30 13:58 - 2014-04-30 13:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Administrator\Downloads\SpyHunter-Installer.exe 2014-04-30 13:55 - 2014-04-30 13:55 - 00003190 _____ () C:\Windows\System32\Tasks{1035B971-45B5-4529-BFCF-5744F9A3369C} Plik zapisz pod nazwą fixlist.txt i umieść obok FRST Uruchom FRST i kliknij w Fix.

No więc zrobiłem to proszę dam nawed fix log

Fixlog.txt

Acorus · 9 Maj 2014 08:01

Skasuj folder C:\FRST

Użyj http://www.bleepingcomputer.com/download/tfc/ (uruchom TFC i kliknij Start).

mrbudziopl · 9 Maj 2014 08:54

No zrobiłem to ,co dalej ?

Acorus · 9 Maj 2014 12:53

To wszystko.

mrbudziopl · 9 Maj 2014 13:04

Ok bardzo ci dziękuje jeszcze się tylko chciałem spytać jakiego antywirusa uzywac malwarebytes ?

Acorus · 9 Maj 2014 13:26

Malwarebytes nie jest antywirusem.Masz Comodo.