Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

kilkanaście procesów powercfg i conhost - zamulony komputer, co robić?

szari 22 Kwi 2018 19:58 285 4
  • #1 22 Kwi 2018 19:58
    szari
    Poziom 2  

    Cześć, mój komputer jest jakiś zamulony i pracuje na wysokich obrotach, winowajce poniekąd znalazlem - dwa procesy powercfg i conhost, których jest ogromna liczba, nie wiem jak sobie z tym poradzić. Dodam że czasami samo z siebie znika a komputer znowu działa jak należy. Czy ktoś się z takim przypadkiem spotkał lub zna rozwiązanie? czy lepiej od razu przejść do formatu dysku?

    kilkanaście procesów powercfg i conhost - zamulony komputer, co robić?
    kilkanaście procesów powercfg i conhost - zamulony komputer, co robić?

    0 4
  • #4 22 Kwi 2018 20:21
    Kolobos
    Spec od komputerów

    Odinstaluj: AVG PC TuneUp 2015 (pl-PL)

    Uzyj AdwCleaner, opcja Scan/Szukaj i Clean/Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Obok frst.exe utworz plik Fixlist.txt z zawartoscia:
    Task: {01E45806-EC80-4D46-BAAA-EEDC460A3E1E} - \JetCleanLoginCheckUpdate -> Brak pliku <==== UWAGA
    Task: {0856B959-A54C-47E1-BBF9-A5DE78EE357C} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
    Task: {3660D776-0FB5-42DE-AC7E-A59EF2317099} - System32\Tasks\Update Manager => C:\Users\Patryk\AppData\Roaming\American.Truck.Simulator.v1.5.1.2.ALL.DLC-ALI213\Upgrade.exe
    Task: {47856FEF-9FFA-4BC9-A737-CA098523DC96} - System32\Tasks\{0D66DB8E-5430-4870-A5F3-786D29076EAE} => C:\Windows\system32\pcalua.exe -a C:\Users\Patryk\Downloads\uso_setup.exe -d C:\Users\Patryk\Downloads
    Task: {4C721AFF-7CE6-4736-97F0-0E54862A4513} - System32\Tasks\{F25ABB94-52A2-4087-ABC9-8BC77338BF14} => D:\Ubisoft Game Launcher\Uplay.exe [2018-04-19] (Ubisoft)
    Task: {70478285-0980-4137-BB62-B34115EC85C2} - System32\Tasks\{4E63830E-ECC8-4A6D-9DDC-F8D5FCD39CA4} => C:\Windows\system32\pcalua.exe -a "D:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0
    Task: {723E761D-ED4F-47E0-893D-8D0B825A060D} - System32\Tasks\{45C67F9D-9E62-4F24-B25B-210EB892EDA9} => C:\Windows\system32\pcalua.exe -a "C:\Users\Patryk\Desktop\VirtualBox-5.1.26-117224-Win (1).exe" -d C:\Users\Patryk\Desktop
    Task: {802B1483-02C6-46C4-A092-4B9297EDD858} - System32\Tasks\Tasker21 => C:\Users\Patryk\AppData\Roaming\Lib\tskschd.exe [2017-12-02] ()
    Task: {81054336-FC28-48D3-AAA3-27209DB7B872} - System32\Tasks\{F495F452-6FD6-4C87-A0B8-DEA4167F937D} => C:\Windows\system32\pcalua.exe -a C:\Users\Patryk\AppData\Local\Roblox\Versions\version-12cdfcefc081488c\RobloxPlayerLauncher.exe -c -uninstall
    Task: {8BEE5750-DF5D-48D2-BDC1-2371DBE540AE} - System32\Tasks\{3C4B0B81-DCBA-4AA5-9A54-D0A647345F39} => C:\Windows\system32\pcalua.exe -a "E:\807 Network Joystick(4a12k)3.70a - 副本 (2).exe" -d E:\
    Task: {A576481F-10F7-4A6B-AD2F-751B25D5F134} - System32\Tasks\{43FBAF60-BD5A-4E77-A085-CA176D5C5AC4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Patryk\Desktop\LMAOBOX Premium Setup CRACKED BY WECRACK.exe" -d C:\Users\Patryk\Desktop
    Task: {AAD596F5-5DDD-4DC4-9F35-629563FD98BD} - System32\Tasks\{D85894BA-B750-44A0-BB3E-4E43030BD909} => C:\Windows\system32\pcalua.exe -a "C:\Users\Patryk\Desktop\807 Network Joystick(4a12k)3.70a - 副本 (2).exe" -d C:\Users\Patryk\Desktop
    Task: {DD55CD7C-17F8-42C0-B447-8FCE092201C5} - System32\Tasks\{36EDD1AB-08D5-4D1C-9466-26E4664B79AB} => C:\Windows\system32\pcalua.exe -a C:\Users\Patryk\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cor
    Task: {FD4C10E6-C833-4173-A6DD-E7F1CB2668E1} - System32\Tasks\{8991B138-57B3-4987-A621-125303B6604D} => C:\Windows\system32\pcalua.exe -a E:\autorun.exe -d E:\
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\Software\Classes\.exe: exefile => <==== UWAGA
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\Software\Classes\regfile: regedit.exe "%1" <==== UWAGA
    Hosts:
    (© 2015 Microsoft Corporation) C:\Users\Patryk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    () C:\Users\Patryk\AppData\Roaming\Lib\ShellExperienseHost.exe
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\...\Run: [BingSvc] => C:\Users\Patryk\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\...\Run: [System Sound] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [64624 2017-04-21] (Microsoft Corporation)
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\...\Policies\Explorer\Run: [Policies] => C:\Windows\system32\Microsoft\svchost.exe
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\...\MountPoints2: E - E:\autorun.exe
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\...\MountPoints2: {036dd07e-1361-11e5-a9b8-806e6f6e6963} - E:\Autorun.exe
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\...\MountPoints2: {83028f1a-34ea-11e7-b3fa-00241dde6e05} - F:\start.exe
    ShellExecuteHooks: Brak nazwy - {F6B414FE-CB65-11E6-BBF0-64006A5CFC23} - C:\Users\Patryk\AppData\Roaming\Grakepyclesige\Griruent.dll -> Brak pliku <==== UWAGA
    Startup: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vhost32.exe [2018-04-12] ()
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-90006777-2553738849-383135425-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-90006777-2553738849-383135425-1001 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-90006777-2553738849-383135425-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL => Brak pliku
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL => Brak pliku
    FF user.js: detected! => C:\Users\Patryk\AppData\Roaming\Mozilla\Firefox\Profiles\5i7ff2pg.default\user.js [2017-02-03]
    FF SearchPlugin: C:\Users\Patryk\AppData\Roaming\Mozilla\Firefox\Profiles\5i7ff2pg.default\searchplugins\avast-search.xml [2017-05-21]
    CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
    S3 mracsvc; C:\Windows\System32\mracsvc.exe [5444824 2017-11-02] (LLC Mail.Ru)
    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2017-09-10] ()
    S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [4933888 2017-11-02] (LLC Mail.Ru)
    S3 ALSysIO; \??\C:\Users\Patryk\AppData\Local\Temp\ALSysIO64.sys [X] <==== UWAGA
    S1 bolyrjjq; \??\C:\Windows\system32\drivers\bolyrjjq.sys [X]
    S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
    S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
    2018-04-21 15:56 - 2018-04-21 18:30 - 000000000 ____D C:\Users\Patryk\AppData\Local\aPUtltqCTL
    2018-04-13 14:03 - 2018-04-13 14:03 - 000003228 _____ C:\Windows\System32\Tasks\{F495F452-6FD6-4C87-A0B8-DEA4167F937D}
    2018-04-13 13:57 - 2018-04-17 20:39 - 000000000 ____D C:\AdwCleaner
    2018-04-12 11:49 - 2018-04-12 11:49 - 000003158 _____ C:\Windows\System32\Tasks\JetBoost_AutoUpdate
    2018-04-12 11:49 - 2018-04-12 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost
    2018-04-11 19:23 - 2018-04-11 19:23 - 000000166 _____ C:\ProgramData\load.exe
    2018-04-11 19:23 - 2018-04-11 19:23 - 000000000 ____D C:\ProgramData\Arkei-db2d37ee-c7ce-4b44-8bfa-3f9eb2a259dd
    2018-04-11 19:20 - 2018-04-17 22:32 - 000000000 __SHD C:\ProgramData\Branding
    2018-03-24 14:18 - 2018-03-24 18:57 - 000000000 ____D C:\Windows\System32\Tasks\Update
    2018-04-17 22:32 - 2018-02-26 16:14 - 000000000 ____D C:\Users\Patryk\AppData\Roaming\Lib
    2018-04-11 19:23 - 2018-04-11 19:23 - 000000166 _____ () C:\ProgramData\load.exe
    2016-11-10 21:31 - 2016-11-10 21:31 - 000000093 _____ () C:\Users\Patryk\helper.vbs
    2016-11-10 21:31 - 2016-11-10 21:31 - 000000081 _____ () C:\Users\Patryk\run.bat
    2016-11-10 19:35 - 2016-11-10 19:35 - 000357376 _____ () C:\Users\Patryk\save.dat
    2005-03-26 23:08 - 2018-04-17 20:38 - 000002732 ____H () C:\Users\Patryk\AppData\Roaming\logs.dat
    2016-10-24 14:35 - 2016-10-24 14:36 - 000937776 _____ (AutoIt Team) C:\Users\Patryk\AppData\Roaming\VFLF.exe
    2018-04-17 19:19 - 2018-04-17 19:19 - 000025600 _____ (hackforums.net) C:\Users\Patryk\AppData\Local\Temp\anonymous doser.exe
    2018-04-21 15:56 - 2018-04-21 16:12 - 000041984 _____ ([LineZer0]) C:\Users\Patryk\AppData\Local\Temp\Reflector.Keygen.exe
    C:\Windows\SysWOW64\lastpass_1337.exe

    0
  • #5 22 Kwi 2018 20:48
    szari
    Poziom 2  

    Wygląda na to że wszystko działa tak jak powinno, dziękuję za pomoc :)

    0