VIRY.CZ

Ahoj, chtěl bych poprosit o kontrolu logů.
Pár dní laptop běží v pohodě, pak se začne sekat, hlavně při hraní her, ale i mimo. Nejprve neznatelně, pak více znatelně a nakonec se sekne úplně. Kurzor reaguje na myš, ale nic neoznačím případně tam je velká prodleva. Pokud se mi podaří vyvolat správce programů, procesor jede na 100% ale nezdá se, že by ho nějaká aplikace vytěžovala tak moc.
Jediné, co pomáhá je restart.
Projel jsem pomocí ESET a MalwareBytes.
Moc děkuji
E.

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Viz níže. Předinstalovaný software jsem nemazal.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-16-2024
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.3007)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\nitro\AppData\Roaming\FixIt

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2626 octets] - [16/01/2024 17:35:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nhové logy FRST+Addition.

Viz příloha. Děkuji

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\...\MountPoints2: {a6bfd0f6-36dc-11ee-b94b-e4a8dff932bc} - "D:\start.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {720F58DF-2DFA-4FA2-9863-CC3BDF43A90C} - System32\Tasks\GoogleUpdateTaskMachineCore{386273D7-5774-4A13-B3D0-6D9DCCDD1AF5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {06AF6C09-CC64-4CF5-A299-B9CF14BC7ABD} - System32\Tasks\GoogleUpdateTaskMachineUA{1CFCF0EB-333B-4CD7-A702-2AC7F28E0844} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {221CBE38-9391-4C34-9568-12C4D2B99535} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {E7DDB80E-9ED9-4603-B531-F1FE211628FC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{1CFCF0EB-333B-4CD7-A702-2AC7F28E0844}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{386273D7-5774-4A13-B3D0-6D9DCCDD1AF5}
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.cmd: => <==== ATTENTION

EmptyTemp:
End

Uložte do C:\Users\nitro\OneDrive\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Viz níže.

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.01.2024
Ran by nitro (16-01-2024 22:27:56) Run:1
Running from C:\Users\nitro\OneDrive\Desktop
Loaded Profiles: nitro & Natálie & D3StinyCZ
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\...\MountPoints2: {a6bfd0f6-36dc-11ee-b94b-e4a8dff932bc} - "D:\start.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {720F58DF-2DFA-4FA2-9863-CC3BDF43A90C} - System32\Tasks\GoogleUpdateTaskMachineCore{386273D7-5774-4A13-B3D0-6D9DCCDD1AF5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {06AF6C09-CC64-4CF5-A299-B9CF14BC7ABD} - System32\Tasks\GoogleUpdateTaskMachineUA{1CFCF0EB-333B-4CD7-A702-2AC7F28E0844} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-30] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {221CBE38-9391-4C34-9568-12C4D2B99535} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {E7DDB80E-9ED9-4603-B531-F1FE211628FC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{1CFCF0EB-333B-4CD7-A702-2AC7F28E0844}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{386273D7-5774-4A13-B3D0-6D9DCCDD1AF5}
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.cmd: => <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6bfd0f6-36dc-11ee-b94b-e4a8dff932bc} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{720F58DF-2DFA-4FA2-9863-CC3BDF43A90C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{720F58DF-2DFA-4FA2-9863-CC3BDF43A90C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{386273D7-5774-4A13-B3D0-6D9DCCDD1AF5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{386273D7-5774-4A13-B3D0-6D9DCCDD1AF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06AF6C09-CC64-4CF5-A299-B9CF14BC7ABD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06AF6C09-CC64-4CF5-A299-B9CF14BC7ABD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{1CFCF0EB-333B-4CD7-A702-2AC7F28E0844} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{1CFCF0EB-333B-4CD7-A702-2AC7F28E0844}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{221CBE38-9391-4C34-9568-12C4D2B99535}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221CBE38-9391-4C34-9568-12C4D2B99535}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7DDB80E-9ED9-4603-B531-F1FE211628FC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7DDB80E-9ED9-4603-B531-F1FE211628FC}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{1CFCF0EB-333B-4CD7-A702-2AC7F28E0844}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{386273D7-5774-4A13-B3D0-6D9DCCDD1AF5}" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{ee10d625-cc60-30a4-b3df-4b349785be6b} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\regfile => removed successfully
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.reg => removed successfully
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.bat => removed successfully
HKU\S-1-5-21-175739054-1859323861-2923461289-1001\Software\Classes\.cmd => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20038353 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 176239098 B
Windows/system/drivers => 17621156 B
Edge => 0 B
Chrome => 731756324 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 131889925 B
systemprofile32 => 131889925 B
LocalService => 132391923 B
NetworkService => 270219442 B
nitro => 442610525 B
Natálie => 1735854212 B
D3StinyCZ => 1737765141 B

RecycleBin => 85306418 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:28:23 ====

Smazáno. Změnilo se něco k lepšímu?

Otestuji a dám vědět. Viděl jste tam něco nebo to byla klasická údržba?
Moc děkuji

OK. Jen to, co smazal ADW je AdWare. Ostatní jern zbytečnosti. Nemáte zač!

Zatím vše OK. Už by se to zřejmě projevilo.
Podpořil jsem malým příspěvkem

OK, to jsem rád. Za příspěvek děkujeme!