VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zpomalený notebook, neustálé využití disku, neznámé procesy

https://forum.viry.cz:443/viewtopic.php?t=151082

Stránka 1 z 1

Zpomalený notebook, neustálé využití disku, neznámé procesy

Napsal: 09 led 2017 18:43
od JarBur
Dobrý den, prosím Vás o kontrolu logu mého notebooku. Kontroloval jsem ho programem avast v placené verzi a na nic nepřišel, ale počítač je výrazně pomalejší než před pár týdny, využití disku je téměř stále 99-100% a v procesech mám položky, které si myslím, že tam rozhodně nebyly. Mockrát děkuji za nějaký názor.

Log přiložen, bohužel se mi nevešel sem jako text.

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 19:01
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 19:18
od JarBur
Zdravím, děkuji za Váš čas zde přikládám:

# AdwCleaner v6.042 - Log vytvořen 09/01/2017 v 19:08:32
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-09.3 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jara - JARA-PC
# Spuštěno z : C:\Users\Jara\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\ProgramData\Partner


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Prohlížeče ] *****

[-] [C:\Users\Jara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: ask.com
[-] [C:\Users\Jara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: slunecnice.cz
[-] [C:\Users\Jara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: delta-search.com
[-] [C:\Users\Jara\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: gang-beasts.en.softonic.com


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1718 Bajty] - [09/01/2017 19:08:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [2081 Bajty] - [09/01/2017 19:05:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1864 Bajty] ##########

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 20:04
od Rudy
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 20:27
od JarBur
2x během scanu mi to otevřelo poznámkový blok a napsalo "přístup odepřen", ale na konci se log a to druhé objevilo, tak jen pro informaci.

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 21:16
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Users\Jara\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-358519413-850721238-2691868602-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-358519413-850721238-2691868602-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUTF6DD.tmp
C:\Users\Jara\AppData\Local\Temp
Task: {289A378A-84AE-4B46-8AC3-08063B85F98A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2A39E9EE-9B15-4CE5-8383-CD2F52FE9D38} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {35462921-77EB-4F37-9113-CCCB559CDEDA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3E5CE0FE-468B-4350-9958-9EF23943EB6B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {562733CB-E59E-4315-A3FB-087D1E42220E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5643B6AE-5437-4681-BAD0-4AAFC62C42E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5F5EC7DE-B913-47A4-B921-402BD094A3D0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C8B53BEC-6337-4F48-8B4E-EA6C15180F8C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D0761626-C4A8-4FAA-AEC8-3C3D845EFD20} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F295549D-5E40-4ED8-A206-975153449931} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FC62F1E6-78BD-4398-A549-103038825F68} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Users\Jara\Desktop" je 69635 MB.
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Jara novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 21:38
od JarBur
To s těmi soubory mě nenapadlo, děkuji přesunu to.
Log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Jara (09-01-2017 21:27:08) Run:1
Running from C:\Users\Jara\Desktop
Loaded Profiles: Jara (Available Profiles: Jara & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\Jara\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-358519413-850721238-2691868602-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-358519413-850721238-2691868602-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUTF6DD.tmp
C:\Users\Jara\AppData\Local\Temp
Task: {289A378A-84AE-4B46-8AC3-08063B85F98A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2A39E9EE-9B15-4CE5-8383-CD2F52FE9D38} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {35462921-77EB-4F37-9113-CCCB559CDEDA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3E5CE0FE-468B-4350-9958-9EF23943EB6B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {562733CB-E59E-4315-A3FB-087D1E42220E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5643B6AE-5437-4681-BAD0-4AAFC62C42E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5F5EC7DE-B913-47A4-B921-402BD094A3D0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C8B53BEC-6337-4F48-8B4E-EA6C15180F8C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D0761626-C4A8-4FAA-AEC8-3C3D845EFD20} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F295549D-5E40-4ED8-A206-975153449931} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FC62F1E6-78BD-4398-A549-103038825F68} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

EmptyTemp:
End
*****************


"C:\Users\Jara\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Jara\AppData\Local\Akamai" => Scheduled to move on reboot.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-358519413-850721238-2691868602-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-358519413-850721238-2691868602-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Program Files (x86)\GUTF6DD.tmp => moved successfully
C:\Users\Jara\AppData\Local\Temp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{289A378A-84AE-4B46-8AC3-08063B85F98A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{289A378A-84AE-4B46-8AC3-08063B85F98A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A39E9EE-9B15-4CE5-8383-CD2F52FE9D38} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A39E9EE-9B15-4CE5-8383-CD2F52FE9D38} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35462921-77EB-4F37-9113-CCCB559CDEDA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35462921-77EB-4F37-9113-CCCB559CDEDA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E5CE0FE-468B-4350-9958-9EF23943EB6B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E5CE0FE-468B-4350-9958-9EF23943EB6B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{562733CB-E59E-4315-A3FB-087D1E42220E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{562733CB-E59E-4315-A3FB-087D1E42220E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5643B6AE-5437-4681-BAD0-4AAFC62C42E9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5643B6AE-5437-4681-BAD0-4AAFC62C42E9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F5EC7DE-B913-47A4-B921-402BD094A3D0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5EC7DE-B913-47A4-B921-402BD094A3D0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8B53BEC-6337-4F48-8B4E-EA6C15180F8C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8B53BEC-6337-4F48-8B4E-EA6C15180F8C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0761626-C4A8-4FAA-AEC8-3C3D845EFD20} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0761626-C4A8-4FAA-AEC8-3C3D845EFD20} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F295549D-5E40-4ED8-A206-975153449931} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F295549D-5E40-4ED8-A206-975153449931} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC62F1E6-78BD-4398-A549-103038825F68} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC62F1E6-78BD-4398-A549-103038825F68} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19675103 B
Java, Flash, Steam htmlcache => 636670941 B
Windows/system/drivers => 198826527 B
Edge => 9244 B
Chrome => 825954946 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 80398 B
NetworkService => 14384 B
Jara => 5874852 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-01-2017 21:33:20)

C:\Users\Jara\AppData\Local\Akamai => Is moved successfully

Result of scheduled keys to remove after reboot:


==== End of Fixlog 21:33:20 ====

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 22:04
od Rudy
Smazáno. Nastala nějaká změna?

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 09 led 2017 22:12
od JarBur
Ano, procesy už nevidím a disk jede normálně! Start se zlepšil jen o něco, ale to beru už jako fakt díky stáří notebooku :).

Mockrát děkuji za Váš čas, opravdu jste mi pomohl. Obdivuji schopnost v tomto se orientovat. Ještě jednou díky!

Re: Zpomalený notebook, neustálé využití disku, neznámé proc

Napsal: 10 led 2017 18:15
od Rudy
Ještě můžete zkusit defragmentovat disk. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz