Proszę o sprawdzenie logów. Myślę, że pomimo programu uncheker nie zauważyłem i zainstalował mnie się niechciany program. Poproszę również o sprawdzenie autostartu, ponieważ długo mnie się laptop włącza i o informacje co mógłbym odinstalować w panelu sterowania.
Malware anti-malware log:
http://wklej.org/id/1923248/
W menadżerze zadań mam długą listę programów proszę o pomoc co mogę odinstalować, i/lub jak wyłączyć aplikację, by nie uruchamiała się podczas logowania windowsa, link poniżej:
http://wklej.org/id/1923257/
Logi farbar
addition http://wklej.org/id/1923304/
frst http://wklej.org/id/1923305/
Atis
29 Styczeń 2016 00:51
#2
Pobierz i uruchom AdwCleaner Kliknij Skanuj (Scan) i później Usuń (Cleaning).
Atis
29 Styczeń 2016 08:49
#4
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
AutoConfigURL: [S-1-5-21-3341365187-986142807-3572622625-1001] = hxxp://unstopp.me/wpad.dat?349f9f9be6982eb8dc557219cf3a10bd5076994
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia ======= UWAGA
HKU\S-1-5-21-3341365187-986142807-3572622625-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia ======= UWAGA
SearchScopes: HKU\S-1-5-21-3341365187-986142807-3572622625-1001 - {127307AD-FE69-4E79-9187-D430A2DF9537} URL = hxxp://www.idg.pl?q={searchTerms}
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
S2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2016-01-29 02:03 - 2014-11-17 17:08 - 00000000 ____ D C:\AdwCleaner
2002-07-01 15:13 - 2002-07-01 15:13 - 0000224 ___SH () C:\Users\ewe\AppData\Roaming\maildriver32.dat
C:\ProgramData\*.log
Task: {02A1A04B-3AAF-49DA-9C0F-47AC83854357} - System32\Tasks\{705EA151-06CD-42EB-A9A3-DC85BC60DEA3} = pcalua.exe -a "C:\Program Files (x86)\HDvid Codec V1\Uninstall.exe" -c /fromcontrolpanel=1
Task: {0D54C1B4-C393-429B-955E-5BFAC0A2D438} - System32\Tasks\{3BFA203E-514A-46BF-AF8C-B7DB8B6E494B} = pcalua.exe -a "C:\Program Files (x86)\Origin Games\FIFA 14\ModdingWayInstaller.exe" -d "C:\Program Files (x86)\Origin Games\FIFA 14"
Task: {2F21D58F-4735-498D-9C3D-C1BCF1B5D41A} - System32\Tasks\{99C4341E-EACA-474C-99C2-98E7CC8ECB4D} = pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\EAUninstall.exe"
Task: {4A61F768-C91C-4F25-8E7B-76E085B197DE} - System32\Tasks\{CB5FB0F5-F9EC-41AF-A661-7085CE16757C} = G:\AutoRun.exe
Task: {4F4CB3DE-0D17-48DD-B660-C3565226C70D} - System32\Tasks\{A77212BF-65E2-4AD4-89D0-4B2110270E7F} = pcalua.exe -a C:\Users\ewe\Documents\Pobieranie\subedit+codecpack_b4072_install.exe -d C:\Users\ewe\Documents\Pobieranie
Task: {656127E7-DAD9-4896-BE51-92E3A8BAC879} - System32\Tasks\{532CDA7A-6767-434F-A317-DDF7461A17AE} = pcalua.exe -a C:\TigerWoods\setup.exe -d C:\TigerWoods
Task: {6EBDD52C-E1FD-4D77-9E5A-3B0158C603E9} - System32\Tasks\{EF62ECBF-98BF-4270-9240-B8259547CBAE} = G:\speed.exe
Task: {75BAB2D9-5540-4961-B323-B0DB4A46D9B9} - System32\Tasks\{8F62B74A-35A5-4663-9446-8AC7B08774FA} = C:\Program Files (x86)\SubEdit-Player\subedit.exe
Task: {7BD912DF-2477-4907-B729-C58E4EEAA0F1} - System32\Tasks\{39E2E68F-05F8-46C3-93C6-10C2A51F3601} = pcalua.exe -a C:\Users\ewe\Documents\Pobieranie\TWEE_Upgrade.exe -d C:\Users\ewe\Documents\Pobieranie
Task: {9629CBFC-B174-4F77-99DA-FB7B112BE6C7} - System32\Tasks\{7AE541C7-7C08-4913-A1A2-16084AC4F861} = pcalua.exe -a C:\Users\ewe\Desktop\fifa12\mppl12.exe -d C:\Users\ewe\Desktop\fifa12
Task: {A8FA528F-1B09-48E5-9148-C8C709B90385} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3341365187-986142807-3572622625-1001 = C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {9B99879D-6E6F-4A46-B350-0E12EF527A40} - \{4CA57C59-E4E5-47DF-8E2D-52E9B43E72ED} - Brak pliku ==== UWAGA
Task: {BE20D046-EB2C-47EC-9A21-66FA9CE691D2} - System32\Tasks\{F2FD78ED-9F9D-4767-A623-320EF1363903} = pcalua.exe -a "C:\Program Files (x86)\EA Sports\FIFA 11\Uninstal.exe"
Task: {C888F896-10CF-47B0-A099-37314BBC98E2} - System32\Tasks\{110A2AE7-32E7-44E3-9335-2B260B8E50CF} = pcalua.exe -a "C:\Users\ewe\Documents\ZUMA\PopCap Zuma Deluxe! v1.0 (crack).exe" -d C:\Users\ewe\Documents\ZUMA
Task: {CEFB1FA9-65A7-4641-A22E-97C47A8FFBE4} - System32\Tasks\{7BA48CB0-7921-4173-80A1-CC9B1B65537E} = pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\SubEdit-Player\subedit.exe"
Task: {D92BA4F3-18D1-4E1D-920A-FE8F6D7BE711} - System32\Tasks\{015A5479-E04A-4B88-BC5F-C444921A1860} = pcalua.exe -a D:\Filmy\PC_TigerWoods.PGA.Tour.o8.-direct.play.-ToeD\TigerWoods\setup.exe -d D:\Filmy\PC_TigerWoods.PGA.Tour.o8.-direct.play.-ToeD\TigerWoods
Task: {DC2CE7C1-E907-440E-9E39-0F8CA1938EAC} - System32\Tasks\{7020204C-2B99-4CEF-9D19-A801B0F98E1F} = G:\speed.exe
Task: {E2762EC8-8AE4-4E86-BCBC-04D858E8160D} - System32\Tasks\{CC94A88A-A727-45F3-B471-335862A9F765} = pcalua.exe -a "D:\GRY\Max Payne 3_[R.G. Catalyst]\Support\VC\vcredist_x64.exe" -d "D:\GRY\Max Payne 3_[R.G. Catalyst]\Support\VC"
Task: {E735DBFE-724A-43AA-91C5-FF34CACB0AED} - System32\Tasks\{A36EFF59-2132-40BD-A053-68B98E3E9E89} = pcalua.exe -a "D:\GRY\The Godfather\Spolszczenie PL\The Godfather The Game - Spolszczenie.exe" -d "D:\GRY\The Godfather\Spolszczenie PL"
Task: {E8954965-1B30-434E-BB9B-FB175A91CACC} - System32\Tasks\{9248BF69-E5C7-4538-B17B-1AC47AD07FB6} = pcalua.exe -a C:\TigerWoods\makeDesktopIcon.exe -d C:\TigerWoods
Task: {F93E4DE1-6A06-4719-A84C-B87FC3A4CF4E} - System32\Tasks\{71277266-15F1-40E4-9AA4-EC783540C706} = pcalua.exe -a C:\Users\ewe\Downloads\RegCleaner(dobreprogramy.pl).exe -d C:\Users\ewe\Downloads
EmptyTemp:
Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
AutoConfigURL: [S-1-5-21-3341365187-986142807-3572622625-1001] = hxxp://unstopp.me/wpad.dat?349f9f9be6982eb8dc557219cf3a10bd5076994
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia ======= UWAGA
HKU\S-1-5-21-3341365187-986142807-3572622625-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia ======= UWAGA
SearchScopes: HKU\S-1-5-21-3341365187-986142807-3572622625-1001 - {127307AD-FE69-4E79-9187-D430A2DF9537} URL = hxxp://www.idg.pl?q={searchTerms}
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
S2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2016-01-29 02:03 - 2014-11-17 17:08 - 00000000 ____ D C:\AdwCleaner
2002-07-01 15:13 - 2002-07-01 15:13 - 0000224 ___SH () C:\Users\ewe\AppData\Roaming\maildriver32.dat
C:\ProgramData\*.log
Task: {02A1A04B-3AAF-49DA-9C0F-47AC83854357} - System32\Tasks\{705EA151-06CD-42EB-A9A3-DC85BC60DEA3} = pcalua.exe -a "C:\Program Files (x86)\HDvid Codec V1\Uninstall.exe" -c /fromcontrolpanel=1
Task: {0D54C1B4-C393-429B-955E-5BFAC0A2D438} - System32\Tasks\{3BFA203E-514A-46BF-AF8C-B7DB8B6E494B} = pcalua.exe -a "C:\Program Files (x86)\Origin Games\FIFA 14\ModdingWayInstaller.exe" -d "C:\Program Files (x86)\Origin Games\FIFA 14"
Task: {2F21D58F-4735-498D-9C3D-C1BCF1B5D41A} - System32\Tasks\{99C4341E-EACA-474C-99C2-98E7CC8ECB4D} = pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbon\EAUninstall.exe"
Task: {4A61F768-C91C-4F25-8E7B-76E085B197DE} - System32\Tasks\{CB5FB0F5-F9EC-41AF-A661-7085CE16757C} = G:\AutoRun.exe
Task: {4F4CB3DE-0D17-48DD-B660-C3565226C70D} - System32\Tasks\{A77212BF-65E2-4AD4-89D0-4B2110270E7F} = pcalua.exe -a C:\Users\ewe\Documents\Pobieranie\subedit+codecpack_b4072_install.exe -d C:\Users\ewe\Documents\Pobieranie
Task: {656127E7-DAD9-4896-BE51-92E3A8BAC879} - System32\Tasks\{532CDA7A-6767-434F-A317-DDF7461A17AE} = pcalua.exe -a C:\TigerWoods\setup.exe -d C:\TigerWoods
Task: {6EBDD52C-E1FD-4D77-9E5A-3B0158C603E9} - System32\Tasks\{EF62ECBF-98BF-4270-9240-B8259547CBAE} = G:\speed.exe
Task: {75BAB2D9-5540-4961-B323-B0DB4A46D9B9} - System32\Tasks\{8F62B74A-35A5-4663-9446-8AC7B08774FA} = C:\Program Files (x86)\SubEdit-Player\subedit.exe
Task: {7BD912DF-2477-4907-B729-C58E4EEAA0F1} - System32\Tasks\{39E2E68F-05F8-46C3-93C6-10C2A51F3601} = pcalua.exe -a C:\Users\ewe\Documents\Pobieranie\TWEE_Upgrade.exe -d C:\Users\ewe\Documents\Pobieranie
Task: {9629CBFC-B174-4F77-99DA-FB7B112BE6C7} - System32\Tasks\{7AE541C7-7C08-4913-A1A2-16084AC4F861} = pcalua.exe -a C:\Users\ewe\Desktop\fifa12\mppl12.exe -d C:\Users\ewe\Desktop\fifa12
Task: {A8FA528F-1B09-48E5-9148-C8C709B90385} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3341365187-986142807-3572622625-1001 = C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {9B99879D-6E6F-4A46-B350-0E12EF527A40} - \{4CA57C59-E4E5-47DF-8E2D-52E9B43E72ED} - Brak pliku ==== UWAGA
Task: {BE20D046-EB2C-47EC-9A21-66FA9CE691D2} - System32\Tasks\{F2FD78ED-9F9D-4767-A623-320EF1363903} = pcalua.exe -a "C:\Program Files (x86)\EA Sports\FIFA 11\Uninstal.exe"
Task: {C888F896-10CF-47B0-A099-37314BBC98E2} - System32\Tasks\{110A2AE7-32E7-44E3-9335-2B260B8E50CF} = pcalua.exe -a "C:\Users\ewe\Documents\ZUMA\PopCap Zuma Deluxe! v1.0 (crack).exe" -d C:\Users\ewe\Documents\ZUMA
Task: {CEFB1FA9-65A7-4641-A22E-97C47A8FFBE4} - System32\Tasks\{7BA48CB0-7921-4173-80A1-CC9B1B65537E} = pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\SubEdit-Player\subedit.exe"
Task: {D92BA4F3-18D1-4E1D-920A-FE8F6D7BE711} - System32\Tasks\{015A5479-E04A-4B88-BC5F-C444921A1860} = pcalua.exe -a D:\Filmy\PC_TigerWoods.PGA.Tour.o8.-direct.play.-ToeD\TigerWoods\setup.exe -d D:\Filmy\PC_TigerWoods.PGA.Tour.o8.-direct.play.-ToeD\TigerWoods
Task: {DC2CE7C1-E907-440E-9E39-0F8CA1938EAC} - System32\Tasks\{7020204C-2B99-4CEF-9D19-A801B0F98E1F} = G:\speed.exe
Task: {E2762EC8-8AE4-4E86-BCBC-04D858E8160D} - System32\Tasks\{CC94A88A-A727-45F3-B471-335862A9F765} = pcalua.exe -a "D:\GRY\Max Payne 3_[R.G. Catalyst]\Support\VC\vcredist_x64.exe" -d "D:\GRY\Max Payne 3_[R.G. Catalyst]\Support\VC"
Task: {E735DBFE-724A-43AA-91C5-FF34CACB0AED} - System32\Tasks\{A36EFF59-2132-40BD-A053-68B98E3E9E89} = pcalua.exe -a "D:\GRY\The Godfather\Spolszczenie PL\The Godfather The Game - Spolszczenie.exe" -d "D:\GRY\The Godfather\Spolszczenie PL"
Task: {E8954965-1B30-434E-BB9B-FB175A91CACC} - System32\Tasks\{9248BF69-E5C7-4538-B17B-1AC47AD07FB6} = pcalua.exe -a C:\TigerWoods\makeDesktopIcon.exe -d C:\TigerWoods
Task: {F93E4DE1-6A06-4719-A84C-B87FC3A4CF4E} - System32\Tasks\{71277266-15F1-40E4-9AA4-EC783540C706} = pcalua.exe -a C:\Users\ewe\Downloads\RegCleaner(dobreprogramy.pl).exe -d C:\Users\ewe\Downloads
EmptyTemp:
Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Dziękuję bardzo. Okna same już się nie otwierają! Teraz będę bardziej uważał.
