VIRY.CZ

Dobrý den

Rád bych Vás požádal o radu, když je notebook v klidu tak někdy se vytížení CPU vyšplhá na 100% a síťové připojení udělá to samé občas. prostě se mi to nějak nepozdáva.
Posílám log z FRST, kdyby si náhodou někdo našel chvilku. soubory přikládám do přílohy
Děkuji

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    03-16-2019
# Duration: 00:00:10
# OS:       Windows 10 Pro
# Scanned:  31892
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Poprosim vas o nasledovne:

1) Chodte na nasu havetarnu: https://www.diallix.net/upload-malwaru a po jednom uploadnite vsetky tieto subory:

C:\Windows\System32\NA_Service.exe
C:\Windows\System32\drivers\o2flash.exe
C:\Windows\System32\ModbusDrv.exe
C:\Users\mruttkay\AppData\Local\Tosibox Oy\TosiboxKeyAgent\Agent\TosiboxKeyAgent.exe
C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll
C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll

2)
Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:

C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Bonjour
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-14 19:15 - 2019-03-14 19:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-16 10:55 - 2017-04-26 14:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-11 14:35 - 2019-03-11 14:35 - 000013312 _____ () C:\Users\mruttkay\AppData\Local\Temp\1glpoays.dll
2019-03-11 14:38 - 2019-03-11 14:38 - 000013312 _____ () C:\Users\mruttkay\AppData\Local\Temp\afw2wug3.dll
2019-03-11 12:58 - 2019-03-11 12:58 - 000013312 _____ () C:\Users\mruttkay\AppData\Local\Temp\qhjykeqb.dll
2019-03-11 12:58 - 2019-03-11 12:58 - 000013312 _____ () C:\Users\mruttkay\AppData\Local\Temp\ua5lau3f.dll
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No Fi
Task: {325C851F-9CBF-493C-BB63-583676BF1693} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Shortcut: C:\Users\mruttkay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance\reg.lnk -> C:\Program Files (x86)\NetSurveillance\CMS\reg.bat ()
AlternateDataStreams: C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78 [74]
AlternateDataStreams: C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955 
FirewallRules: [UDP Query User{F1AE9DCA-9BDC-460A-80ED-2AB2980A3489}C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe] => (Allow) C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe No File
FirewallRules: [TCP Query User{7E1E64BF-E881-4F9E-90C3-DFF5A72A9EE6}C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe] => (Allow) C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe No File
FirewallRules: [UDP Query User{79B2E4EC-7ABD-4516-84FD-D6369A6E89BF}C:\users\mruttkay\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\mruttkay\desktop\teamspeak3-server_win64\ts3server.exe No File
FirewallRules: [TCP Query User{9036239E-D7E1-42B4-82F2-6C2090E817D4}C:\users\mruttkay\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\mruttkay\desktop\teamspeak3-server_win64\ts3server.exe No File
FirewallRules: [UDP Query User{DE4D10CF-D661-4A3A-8592-081338E40904}C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe] => (Allow) C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe No File
FirewallRules: [TCP Query User{495A5CCA-E1D5-4D4C-8F13-A0A913E8235A}C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe] => (Allow) C:\users\mruttkay\appdata\local\temp\cng\compiler\rngstart.exe No File
FirewallRules: [UDP Query User{7B49BA2C-D0A8-4771-9281-89DE88A41480}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe No File
FirewallRules: [TCP Query User{014426EB-CBF8-4EE4-844F-1315D41A5B88}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe No File
FirewallRules: [UDP Query User{D72BF8B3-D8FD-4845-981D-F92AE47DB187}D:\gog games\railway empire\railwayempire.exe] => (Allow) D:\gog games\railway empire\railwayempire.exe No File
FirewallRules: [TCP Query User{8B3931A8-A9A5-4872-8A5D-6BDFF0186BED}D:\gog games\railway empire\railwayempire.exe] => (Allow) D:\gog games\railway empire\railwayempire.exe No File
FirewallRules: [UDP Query User{984AC7E6-86D9-48E7-9826-F772E06C67D2}C:\program files (x86)\synesis\onvif device manager\odm.exe] => (Allow) C:\program files (x86)\synesis\onvif device manager\odm.exe No File
FirewallRules: [TCP Query User{108B82F0-FC57-4398-A1EE-A4D2D65B623F}C:\program files (x86)\synesis\onvif device manager\odm.exe] => (Allow) C:\program files (x86)\synesis\onvif device manager\odm.exe No File
FirewallRules: [UDP Query User{345B4DD0-B3FC-49CC-A9F5-7F7DBE113D8A}C:\users\mruttkay\desktop\mikrotik.exe] => (Allow) C:\users\mruttkay\desktop\mikrotik.exe No File
FirewallRules: [TCP Query User{19DCE2E5-285B-44C6-A8A1-10FDA3267682}C:\users\mruttkay\desktop\mikrotik.exe] => (Allow) C:\users\mruttkay\desktop\mikrotik.exe No File
FirewallRules: [UDP Query User{72F17AB4-5322-4E0C-8959-D40937637F51}C:\users\mruttkay\desktop\mikrotik.exe] => (Allow) C:\users\mruttkay\desktop\mikrotik.exe No File
FirewallRules: [TCP Query User{52B75DF6-675E-4946-9921-680FE4471BCD}C:\users\mruttkay\desktop\mikrotik.exe] => (Allow) C:\users\mruttkay\desktop\mikrotik.exe No File
FirewallRules: [UDP Query User{E3B0E84B-59C5-4C78-970B-D0C59589D1D9}C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe] => (Allow) C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe No File
FirewallRules: [TCP Query User{B30B3189-66CB-4ADD-AF21-2E079C94AEA6}C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe] => (Allow) C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe No File
FirewallRules: [UDP Query User{CBCC89EE-26A9-497C-BC60-9062E533640B}C:\clip_x91\lib\application\cliplauncher_x91.exe] => (Block) C:\clip_x91\lib\application\cliplauncher_x91.exe No File
FirewallRules: [TCP Query User{8D2FB7A7-BD42-4F2A-BDAF-F93E0127EE37}C:\clip_x91\lib\application\cliplauncher_x91.exe] => (Block) C:\clip_x91\lib\application\cliplauncher_x91.exe No File
FirewallRules: [TCP Query User{0F05CFFE-E892-4208-9DC9-6EE16F9D6B32}C:\users\mruttkay\desktop\claymore's dual ethereum+decred_siacoin_lbry_pascal amd+nvidia gpu miner v10.3\ethdcrminer64.exe] => (Allow) C:\users\mruttkay\desktop\claymore's dual ethereum+decred_siacoin_lbry_pascal amd+nvidia gpu miner v10.3\ethdcrminer64.exe No File
FirewallRules: [UDP Query User{B828C06B-C769-4B62-8617-400CC666978C}C:\users\mruttkay\desktop\claymore's dual ethereum+decred_siacoin_lbry_pascal amd+nvidia gpu miner v10.3\ethdcrminer64.exe] => (Allow) C:\users\mruttkay\desktop\claymore's dual ethereum+decred_siacoin_lbry_pascal amd+nvidia gpu miner v10.3\ethdcrminer64.exe No File
FirewallRules: [TCP Query User{08816E26-5944-4807-8013-5AE76C0E009F}C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe] => (Allow) C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe No File
FirewallRules: [UDP Query User{404AFF18-D05D-4409-8B11-8F36AAC374B1}C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe] => (Allow) C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monero-wallet-gui.exe No File
FirewallRules: [TCP Query User{424F2C48-4799-40C5-9EB8-DAC568312FF4}C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monerod.exe] => (Allow) C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monerod.exe No File
FirewallRules: [UDP Query User{78B2F95E-36AA-4F29-A475-F3A6CA9D8425}C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monerod.exe] => (Allow) C:\users\mruttkay\desktop\monero-gui-v0.11.1.0\monerod.exe No File
FirewallRules: [TCP Query User{EB5F43F3-E95B-4CD1-BB87-AF0671BF6C9C}C:\users\mruttkay\desktop\nová složka (2)\easysetupassistant.exe] => (Allow) C:\users\mruttkay\desktop\nová složka (2)\easysetupassistant.exe No File
FirewallRules: [UDP Query User{ADA16AD9-F161-481F-8A6C-94291756C1DC}C:\users\mruttkay\desktop\nová složka (2)\easysetupassistant.exe] => (Allow) C:\users\mruttkay\desktop\nová složka (2)\easysetupassistant.exe No File
FirewallRules: [TCP Query User{CD7FC6C8-3A4B-4E19-A5D9-937A56338C7E}C:\program files\sibcoin\sibcoin-qt.exe] => (Allow) C:\program files\sibcoin\sibcoin-qt.exe No File
FirewallRules: [UDP Query User{0A7C129C-C0A8-45FD-8842-0BEB8F00D608}C:\program files\sibcoin\sibcoin-qt.exe] => (Allow) C:\program files\sibcoin\sibcoin-qt.exe No File
FirewallRules: [TCP Query User{E1F9A006-E497-4AF1-BE7E-76C19921AF95}C:\users\mruttkay\downloads\teslacoin-qt-v34.exe] => (Allow) C:\users\mruttkay\downloads\teslacoin-qt-v34.exe No File
FirewallRules: [UDP Query User{18DC7306-B96F-4784-9C34-EC50EE3DD7AD}C:\users\mruttkay\downloads\teslacoin-qt-v34.exe] => (Allow) C:\users\mruttkay\downloads\teslacoin-qt-v34.exe No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

VIRY.CZ

Vytížení CPU na 100%

Vytížení CPU na 100%

Re: Vytížení CPU na 100%

Re: Vytížení CPU na 100%

Re: Vytížení CPU na 100%