Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie logów - duże zużycie dysku

Karcio22 29 Cze 2017 22:01 291 2
  • #3 29 Cze 2017 22:59
    Kolobos
    Spec od komputerów

    Oczywiscie nie mozesz uzyc menadzera zadan i sprawdzic jaki proces korzysta z dysku?


    Fixlist.txt dla FRST:
    HKLM-x32\...\Run: [] => [X]
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
    HKU\S-1-5-21-177142928-3531537727-697044770-1000\...\MountPoints2: {25c4b087-e07c-11e6-8ff8-94de802f4b30} - D:\INSTALL.EXE
    HKU\S-1-5-21-177142928-3531537727-697044770-1000\...\MountPoints2: {25c4b094-e07c-11e6-8ff8-94de802f4b30} - D:\autorun.exe
    HKU\S-1-5-21-177142928-3531537727-697044770-1000\...\MountPoints2: {25c4b099-e07c-11e6-8ff8-94de802f4b30} - D:\setup.exe
    HKU\S-1-5-21-177142928-3531537727-697044770-1000\...\MountPoints2: {4bc7626e-ff6b-11e6-ade7-94de802f4b30} - E:\SETUP.EXE
    HKU\S-1-5-21-177142928-3531537727-697044770-1000\...\MountPoints2: {4d2f1020-de4e-11e6-a001-c7f36b34d83f} - D:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-177142928-3531537727-697044770-1000\...\MountPoints2: {ac7af4d9-3d29-11e7-8664-94de802f4b30} - F:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-177142928-3531537727-697044770-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Albert\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Albert\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Albert\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Albert\AppData\Local\MEGAsync\ShellExtX32.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Albert\AppData\Local\MEGAsync\ShellExtX32.dll -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Albert\AppData\Local\MEGAsync\ShellExtX32.dll -> Brak pliku
    FF HKU\S-1-5-21-177142928-3531537727-697044770-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Albert\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => nie znaleziono
    FF Plugin HKU\S-1-5-21-177142928-3531537727-697044770-1000: @acestream.net/acestreamplugin,version=3.1.16.1 -> C:\Users\Albert\AppData\Roaming\ACEStream\player\npace_plugin.dll [Brak pliku]
    CHR HKU\S-1-5-21-177142928-3531537727-697044770-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
    OPR Extension: (Weather) - C:\Users\Albert\AppData\Roaming\Opera Software\Opera Stable\Extensions\knhpbmcchgefalkkjhmfgijmjgajgfkg [2017-03-06]
    S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
    2017-06-29 14:11 - 2017-06-29 14:14 - 00000000 ____D C:\AdwCleaner
    Task: {4771C25D-C1BB-4963-8A04-FCA7F26DE293} - System32\Tasks\{D65C8C26-E0CC-4A11-9401-6002B2C20E13} => pcalua.exe -a D:\INSTALL.EXE -d D:\
    Task: {79A51567-3C16-4976-899D-DBFDB74C9E15} - System32\Tasks\{84A37AE9-D66A-42C7-A871-091C9C04F356} => pcalua.exe -a "G:\Downloads\nfs_most_wanted_2005_pl\NFS Most Wanted - Spolszczenie.exe" -d G:\Downloads\nfs_most_wanted_2005_pl
    Task: {856103FF-4071-4938-ADD6-F38EF91C59C5} - System32\Tasks\Opera scheduled Autoupdate 1484837421 => C:\Program Files (x86)\Opera\launcher.exe [2017-06-27] (Opera Software)
    Task: {9C5A5F4D-0207-42AF-92FA-798BDEC5FBBD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-18] ()
    Task: {C17BE0D6-2702-4A7D-96D2-37FEB4695A4C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-18] ()
    EmptyTemp:

    0