VIRY.CZ

Prosím můžete se podívat jestli tam není nějaký vir nebo cokoliv žádný sw to nenašel, ale CPU pořád létá ke 100% díky. Navíc proč má chrome tolik otevření když je jenom zapnuty bez otevřených stránek

odkaz na log FRST
https://pastebin.com/xe33UpKA

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-03-2019
# Duration: 00:00:12
# OS: Windows 10 Pro
# Scanned: 31793
# Detected: 8


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.SpyHunter C:\Users\micha\Start Menu\Programs\SpyHunter

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.SpyHunter C:\Windows\System32\Tasks\SpyHunter4Startup

***** [ Registry ] *****

PUP.Optional.SpyHunter HKLM\Software\EnigmaSoftwareGroup
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEEDEC13-A06E-46BC-A523-A7E3A8A8B08B}
PUP.Optional.SpyHunter HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy slunecnice.cz
PUP.Optional.SofTonicAssistant Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Položky smažte, restartujte a dejte nové logy FRST+Addition.

tady to je

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {41273205-CF75-4C9B-94DD-5B3BDFDC85BE} - System32\Tasks\WinMiner => C:\Program Files (x86)\WinMiner\WinMiner.exe <==== ATTENTION
Task: {4355AA64-9E70-464E-B599-3043B06BAAA1} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2019-02-01] (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {0D49F989-BF53-40F3-BD5B-A7CA9F19E47C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-28] (Google Inc -> Google Inc.)
Task: {6B1B474F-F802-4C6A-B5B1-CFD8CE0D4217} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2019-02-01] (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {9F4F27EC-ADED-40A5-8977-37BBDC740C92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-28] (Google Inc -> Google Inc.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [147]
FirewallRules: [{00F9C8E5-8F07-4345-A21D-3BED7D131975}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\CnMiner64_1\Claymore CryptoNote AMD GPU Miner v11.3 - POOL\NsGpuCNMiner.exe No File
FirewallRules: [{CD2C3B6E-7F71-4F3D-9F5F-03510BD42525}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\xmrig-nvidia-2.8.3-cuda-9_2-win64_2\xmrig-nvidia.exe No File
FirewallRules: [{15BD94E1-A600-4FE4-B0AC-A3AC03EF2633}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\CnMiner64_2\Claymore CryptoNote AMD GPU Miner v11.3 - POOL\NsGpuCNMiner.exe No File
FirewallRules: [{32D28493-C28E-47CF-8080-4852C91DAB28}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\ccminer-2.3-cuda9_2\ccminer-x64.exe No File
FirewallRules: [{D6C11BAF-A3AF-4D69-AE2B-6FEB2856E479}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\ccminer-2.3-cuda9_1\ccminer-x64.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

mohu se zeptat co teď dělám a kde je problém díky


Fix result of Farbar Recovery Scan Tool (x64) Version: 3.02.2019
Ran by micha (03-02-2019 20:10:02) Run:1
Running from C:\Users\micha\Desktop
Loaded Profiles: micha (Available Profiles: micha)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {41273205-CF75-4C9B-94DD-5B3BDFDC85BE} - System32\Tasks\WinMiner => C:\Program Files (x86)\WinMiner\WinMiner.exe <==== ATTENTION
Task: {4355AA64-9E70-464E-B599-3043B06BAAA1} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2019-02-01] (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {0D49F989-BF53-40F3-BD5B-A7CA9F19E47C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-28] (Google Inc -> Google Inc.)
Task: {6B1B474F-F802-4C6A-B5B1-CFD8CE0D4217} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2019-02-01] (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {9F4F27EC-ADED-40A5-8977-37BBDC740C92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-28] (Google Inc -> Google Inc.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [147]
FirewallRules: [{00F9C8E5-8F07-4345-A21D-3BED7D131975}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\CnMiner64_1\Claymore CryptoNote AMD GPU Miner v11.3 - POOL\NsGpuCNMiner.exe No File
FirewallRules: [{CD2C3B6E-7F71-4F3D-9F5F-03510BD42525}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\xmrig-nvidia-2.8.3-cuda-9_2-win64_2\xmrig-nvidia.exe No File
FirewallRules: [{15BD94E1-A600-4FE4-B0AC-A3AC03EF2633}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\CnMiner64_2\Claymore CryptoNote AMD GPU Miner v11.3 - POOL\NsGpuCNMiner.exe No File
FirewallRules: [{32D28493-C28E-47CF-8080-4852C91DAB28}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\ccminer-2.3-cuda9_2\ccminer-x64.exe No File
FirewallRules: [{D6C11BAF-A3AF-4D69-AE2B-6FEB2856E479}] => (Allow) C:\Users\micha\AppData\Local\AwesomeMiner\ccminer-2.3-cuda9_1\ccminer-x64.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41273205-CF75-4C9B-94DD-5B3BDFDC85BE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41273205-CF75-4C9B-94DD-5B3BDFDC85BE}" => removed successfully
C:\WINDOWS\System32\Tasks\WinMiner => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinMiner" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4355AA64-9E70-464E-B599-3043B06BAAA1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4355AA64-9E70-464E-B599-3043B06BAAA1}" => removed successfully
C:\WINDOWS\System32\Tasks\BraveSoftwareUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BraveSoftwareUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D49F989-BF53-40F3-BD5B-A7CA9F19E47C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D49F989-BF53-40F3-BD5B-A7CA9F19E47C}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B1B474F-F802-4C6A-B5B1-CFD8CE0D4217}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B1B474F-F802-4C6A-B5B1-CFD8CE0D4217}" => removed successfully
C:\WINDOWS\System32\Tasks\BraveSoftwareUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BraveSoftwareUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F4F27EC-ADED-40A5-8977-37BBDC740C92}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F4F27EC-ADED-40A5-8977-37BBDC740C92}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00F9C8E5-8F07-4345-A21D-3BED7D131975}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD2C3B6E-7F71-4F3D-9F5F-03510BD42525}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15BD94E1-A600-4FE4-B0AC-A3AC03EF2633}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32D28493-C28E-47CF-8080-4852C91DAB28}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6C11BAF-A3AF-4D69-AE2B-6FEB2856E479}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24296636 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 9489413 B
Edge => 2729253 B
Chrome => 860440028 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4512 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
micha => 8014719 B

RecycleBin => 2635872 B
EmptyTemp: => 875.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:10:50 ====

OK. Nastala nějaká změna?

Vypadá to stabilně a kde byl problém prosím diky.

Příliš mnoho zbytků po odinstalovaných programech a množství dočasných souborů. Malware, krom PUP, žádný. Nemáte zač!

a to používám revo uniistaller pro a jestě malwarebytes premium

Jj. Jenže žádný odinstalátor není 100% a ponechá tu a tam něco a pak se to nastřádá.