Duża aktywność dysku i spowolniona praca komputera

hevron · 5 Styczeń 2015 16:53

Witam,

Ostatnio mój komputer bardzo spowolnił. Szukałem i usuwałem nieznane programy, czyściłem i skanowałem, mimo to zaraz po włączeniu dysk twardy cały czas pracuje na wysokich obrotach. Również zauważyłem, że część funkcji windowsa nie chodzi. Zrobiłem skany rejestru, oto one:

FRST: http://wklej.org/id/1584864/

Addition: http://wklej.org/id/1584866/

Z góry dziękuję za rady i pomoc!

Acorus · 5 Styczeń 2015 17:08

Otwórz notatnik systemowy i wklej:

Task: {49E490E0-5633-4D7C-8429-29584EC4FC7E} - System32\Tasks\Price Fountain = C:\Users\Hevron\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
Task: C:\Windows\Tasks\Price Fountain.job = C:\Users\Hevron\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-778362455-3007206512-835890511-1001\...\Run: [ALLUpdate] = F:\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1420378614from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1420378614from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1420378614from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1420378614from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
HKU\S-1-5-21-778362455-3007206512-835890511-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
HKU\S-1-5-21-778362455-3007206512-835890511-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
HKU\S-1-5-21-778362455-3007206512-835890511-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
HKU\S-1-5-21-778362455-3007206512-835890511-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=scts=1420378614from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
SearchScopes: HKU\S-1-5-21-778362455-3007206512-835890511-1001 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
SearchScopes: HKU\S-1-5-21-778362455-3007206512-835890511-1001 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHSq={searchTerms}
BHO-x32: No Name - {b608cc98-54de-4775-96c9-097de398500c} - No File
FF Extension: No Name - C:\Users\Hevron\AppData\Roaming\Mozilla\Firefox\Profiles\lx6e0dix.default\extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [Not Found]
CHR HomePage: Default - hxxp://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
CHR StartupUrls: Default - "hxxp://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS"
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-04] (Fuyu LIMITED) [File not signed]
R1 {29b8df85-56af-474f-9022-e376793679f9}Gw64; C:\Windows\System32\drivers\{29b8df85-56af-474f-9022-e376793679f9}Gw64.sys [48792 2015-01-04] (StdLib)
2015-01-05 14:23 - 2015-01-05 16:44 - 00000312 _____ () C:\Windows\Tasks\Price Fountain.job
2015-01-05 14:23 - 2015-01-05 14:44 - 00002650 _____ () C:\Windows\System32\Tasks\Price Fountain
2015-01-05 14:23 - 2015-01-05 14:23 - 00000000 ____ D () C:\Users\Hevron\AppData\Roaming\PriceFountain
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

hevron · 5 Styczeń 2015 18:11

Zrobiłem tak jak napisałeś, oto fixlog: http://wklej.org/id/1584973/ i zrobiłem skan tym programem. Zrobiłem jeszcze raz skan rejestru FRST: http://wklej.org/id/1584974/ Czy wszystko już jest ok? bo nadal dysk mocno pracuje, a komputer kupiłem parę dni temu i nie jest ani słaby ani stary.

Acorus · 5 Styczeń 2015 18:38

Otwórz notatnik systemowy i wklej:

SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HomePage: Default - hxxp://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS
CHR StartupUrls: Default - "hxxp://isearch.omiga-plus.com/?type=hpppts=1420378623from=coruid=TOSHIBAXMQ01ABD100_94R6SGHHSXX94R6SGHHS"
2015-01-05 18:54 - 2015-01-05 18:56 - 00000000 ____ D () C:\AdwCleaner
2015-01-04 14:43 - 2015-01-04 02:47 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{29b8df85-56af-474f-9022-e376793679f9}Gw64.sys

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Sprawdź po odinstalowaniu AVG.