Seká se notebook

[kosak]

Zdravím, poslední dobou se mi lehce "přisekává" notebook, např. pokud mám puštěný youtube, tak se vždy po chvilkách sekne na cca půl sekundy dané video nebo pokud hýbu kurzorem, tak se taky na tu půl sekundu sekne a zase pokračuje.
Log v příloze, děkuji za pomoc.

[Rudy]

Zdravím!
Logy je nutné dát z admin profilu. V logu je poznámka, že nejste admin. Z jiného, než admin profilu nelze mazat.

[kosak]

Zdravím, stačí dát "spustit jako správce"?

[Rudy]

Zdravím, stačí dát "spustit jako správce"?

Nestačí. Profil musí být admin. Spustit jako správce se vztahuje ke spouštěné aplikaci, nikoli k systému.

[kosak]

Zdravím,
posílám znovu logy z admin účtu. Díky za odpověď.

[Rudy]

OK. Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[kosak]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-29-2020
# Duration: 00:00:19
# OS: Windows 10 Pro
# Scanned: 32067
# Detected: 26


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85535A57-FCA0-4B08-B038-5278A02936DB}
Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch
Preinstalled.HPJumpStartLaunch Task C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH
Preinstalled.HPNotifications Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPNotifications
Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\q\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\q\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}
Preinstalled.HPSupportAssistant Registry HKU\S-1-5-21-407287996-4117368936-2895187249-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKU\S-1-5-21-407287996-4117368936-2895187249-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

+ Druhej log?

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 29.03.20
Čas skenování: 17:01
Logovací soubor: 373ae590-71ce-11ea-9426-ace2d3575fdf.json

-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.859
Aktualizovat verzi balíku komponent: 1.0.21572
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 16299.1087)
CPU: x64
Systém souborů: NTFS
Uživatel: MTR-N1049\admin-kosacek

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 351923
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 1 min, 58 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Rudy]

MBAM jsem nechtěl. Nálezy ADWCleaneru smažte. Pak dejte nové logy FRST+Addition.

[kosak]

log

[Rudy]

Archiv je prázdný.

[kosak]

Znovu

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {B06AEE56-FBE5-4AE9-A148-3FA78913201A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-24] (Google Inc -> Google Inc.)
Task: {FF0BB4DD-11C3-4B75-83AE-F182E5771483} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-24] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconfig.js [2017-04-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2017-07-26] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\kosacek:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
FirewallRules: [{4BD7E3E4-D68D-4564-8AFF-F0F2246F7F4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{F5AA026F-670A-412C-8394-64E2B3D30A9F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{6F318F58-078D-4E37-A028-BF56ADA46A9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{5523AF1B-0B43-4D81-B4B7-64CE2585D576}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{05F53780-1D30-4EA0-8AB9-DB1ADC6F939C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A199474A-1620-48B3-9A82-93C97444575B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{23427FB4-A13C-4E68-BE5B-086722280C7B}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{04CE970D-9511-470F-B721-51F302772458}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{9F8E1E7A-92F1-4531-B543-2330D20D6A2C}] => (Allow) C:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe No File
FirewallRules: [{59F3547C-5982-40E1-93C6-F80403A5B6E4}] => (Allow) C:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[kosak]

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by admin-kosacek (29-03-2020 18:10:40) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: admin-kosacek (Available Profiles: q & kosacek & admin-kosacek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {B06AEE56-FBE5-4AE9-A148-3FA78913201A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-24] (Google Inc -> Google Inc.)
Task: {FF0BB4DD-11C3-4B75-83AE-F182E5771483} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-24] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconfig.js [2017-04-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2017-07-26] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\kosacek:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
FirewallRules: [{4BD7E3E4-D68D-4564-8AFF-F0F2246F7F4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{F5AA026F-670A-412C-8394-64E2B3D30A9F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{6F318F58-078D-4E37-A028-BF56ADA46A9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{5523AF1B-0B43-4D81-B4B7-64CE2585D576}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{05F53780-1D30-4EA0-8AB9-DB1ADC6F939C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A199474A-1620-48B3-9A82-93C97444575B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{23427FB4-A13C-4E68-BE5B-086722280C7B}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{04CE970D-9511-470F-B721-51F302772458}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{9F8E1E7A-92F1-4531-B543-2330D20D6A2C}] => (Allow) C:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe No File
FirewallRules: [{59F3547C-5982-40E1-93C6-F80403A5B6E4}] => (Allow) C:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B06AEE56-FBE5-4AE9-A148-3FA78913201A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B06AEE56-FBE5-4AE9-A148-3FA78913201A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF0BB4DD-11C3-4B75-83AE-F182E5771483}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF0BB4DD-11C3-4B75-83AE-F182E5771483}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\autoconfig.js => moved successfully
C:\Program Files\mozilla firefox\firefox.cfg => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\kosacek => ":Heroes & Generals" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BD7E3E4-D68D-4564-8AFF-F0F2246F7F4B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F5AA026F-670A-412C-8394-64E2B3D30A9F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F318F58-078D-4E37-A028-BF56ADA46A9A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5523AF1B-0B43-4D81-B4B7-64CE2585D576}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05F53780-1D30-4EA0-8AB9-DB1ADC6F939C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A199474A-1620-48B3-9A82-93C97444575B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{23427FB4-A13C-4E68-BE5B-086722280C7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04CE970D-9511-470F-B721-51F302772458}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F8E1E7A-92F1-4531-B543-2330D20D6A2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59F3547C-5982-40E1-93C6-F80403A5B6E4}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9505870 B
Java, Flash, Steam htmlcache => 14336578 B
Windows/system/drivers => 175860777 B
Edge => 11264 B
Chrome => 66406812 B
Firefox => 1522406 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 1990909885 B
systemprofile32 => 1990909885 B
LocalService => 1991092103 B
NetworkService => 1991519971 B
q => 2033579897 B
kosacek => 2298506126 B
admin => 2852607813 B

RecycleBin => 0 B
EmptyTemp: => 14.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:11:13 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[kosak]

Ano, vypadá to, že pc už běží bez "záseků". DĚKUJI