Wysokie zużycie CPU przez NT Kernel & System przy włączonej przeglądarce

Witam,

W ostatnim czasie proces "System" z opisem "NT Kernel & System" zabiera mi bardzo dużo CPU i chciałbym to w jakiś sposób naprawić. Proces zajmuje mi CPU tylko gdy mam włączoną przeglądarkę, stawiam, że brakuje mi jakiegoś sterownika bądź któryś jest przestarzały ale nie wiem jak sprawdzić który i jak naprawić ten problem.



Z góry dziękuję za pomoc

Być może najzwyczajniej w świecie to przeglądarka zajmuje tyle jego zasobów?
Podaj model procesora, ilość pamięci operacyjnej, wersję systemu z jakiego korzystasz i przeglądarki.

Przeglądarka zajmuje swoje zasoby swoimi procesami, a ten proces zajmuje tak dużo dopiero od jakiegoś czasu. Korzystam z Google Chrome'a.

Sprawdź, czy w przeglądarce po uruchomieniu nie ładują się dodatkowo jakieś niechciane dodatki/rozszerzenia.

Niestety nie widzę zadnych dziwnych rozszerzeń

Daj w zalaczniku logi z FRST.

Logi w załączniku

Odinstaluj:
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Clock Hand (HKLM\...\Clock Hand) (Version: 2015.02.27.160436 - Clock Hand) <==== ATTENTION
mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version: - mystartsearch) <==== ATTENTION
PriceFountain (remove only) (HKU\S-1-5-21-2904103786-1499460072-1810527316-1001\...\PriceFountain) (Version: 1.0.8.6 - Price Fountain) <==== ATTENTION!
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1902}) (Version: 12.25.2.60 - APN, LLC) <==== ATTENTION

Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Zrob pelny skan przy pomocy Mbam i usun to co wykryje:
http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

Obok frst.exe utworz plik fixlist.txt z zawartoscia:
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(Price Fountain) C:\Users\Marek\AppData\Local\PriceFountain\pricefountainw.exe
(Price Fountain) C:\Users\Marek\AppData\Local\PriceFountain\pricefountain.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
() C:\Program Files (x86)\Clock Hand\bin\tmp5BEA.tmp
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.expext.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.PurBrowse64.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOASHelper.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BrowserAdapter.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BrowserAdapter64.exe
() C:\Program Files (x86)\Clock Hand\updateClockHand.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOASPRT.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOAS.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOASPRT.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOAS.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOASPRT.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOAS.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOASPRT.exe
() C:\Program Files (x86)\Clock Hand\bin\ClockHand.BOAS.exe
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1949592 2015-02-14] (APN)
HKU\S-1-5-21-2904103786-1499460072-1810527316-1001\...\Run: [pricefountainw.exe] => C:\Users\Marek\AppData\Local\PriceFountain\pricefountainw.exe [461824 2014-12-07] (Price Fountain)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp&t...amp;uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp&t...amp;uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp&t...amp;uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp&t...amp;uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
HKU\S-1-5-21-2904103786-1499460072-1810527316-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=dspp&a...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
HKU\S-1-5-21-2904103786-1499460072-1810527316-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hppp&t...amp;uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
HKU\S-1-5-21-2904103786-1499460072-1810527316-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp&t...amp;uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
HKU\S-1-5-21-2904103786-1499460072-1810527316-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=dspp&a...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2904103786-1499460072-1810527316-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dspp&a...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2904103786-1499460072-1810527316-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=dspp&a...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2904103786-1499460072-1810527316-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BF6BE6C7-F291-4288-A0A5-79E84252A79C}&mid=03beeaa4653647d3abd5b9dd651419e9-c7b3342a34afd06e4304d07b1a718897fea87dd3&lang=pl&ds=gm011&coid=avgtbdisgm&cmpid=&pr=sa&d=2014-02-05 21:33:11&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO-x32: Clock Hand 1.0.0.7 -> {2f3dc1cf-3023-4906-9b17-c022e853c2d8} -> C:\Program Files (x86)\Clock Hand\ClockHandbho.dll (Clock Hand)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\Marek\AppData\Local\PriceFountain\PriceFountainIE.dll ()
Toolbar: HKU\S-1-5-21-2904103786-1499460072-1810527316-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=...amp;uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1420846913&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
FF SelectedSearchEngine: mystartsearch
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Fast Start - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\8bmednih.default\Extensions\faststartff@gmail.com [2015-01-10]
FF Extension: Clock Hand 1.0.1 - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\8bmednih.default\Extensions\{291bfea4-019b-41de-a68d-736bec29b080}.xpi [2015-02-27]
FF Extension: PriceFountain - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\8bmednih.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-01-10]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-08-25]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\8bmednih.default\extensions\faststartff@gmail.com
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hppp&ts=1420847005&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hppp&ts=1420847005&from=smt&uid=ST1000LM024XHN-M101MBB_S2U5J9DD429172"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSearchURL: Default -> http://www.mystartsearch.com/web/?type=dspp&a...=ST1000LM024XHN-M101MBB_S2U5J9DD429172&q={searchTerms}
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Extension: (Clock Hand) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafmehholcbbnoaiafdibpkeppjafnob [2015-03-02]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-02-14]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-02-14]
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2015-01-31] (APN LLC.)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158864 2014-12-29] (XTab system)
R2 Update Clock Hand; C:\Program Files (x86)\Clock Hand\updateClockHand.exe [411376 2015-03-02] ()
U2 Util Clock Hand; C:\Program Files (x86)\Clock Hand\bin\utilClockHand.exe [408304 2015-03-02] ()
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-14] (AVG Secure Search)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [473088 2015-01-10] (Fuyu LIMITED) [File not signed]
R1 {291bfea4-019b-41de-a68d-736bec29b080}Gw64; C:\Windows\System32\drivers\{291bfea4-019b-41de-a68d-736bec29b080}Gw64.sys [48784 2015-02-27] (StdLib)
R1 {d3faa606-99ad-4927-8f30-167a217dc4db}Gw64; C:\Windows\System32\drivers\{d3faa606-99ad-4927-8f30-167a217dc4db}Gw64.sys [48784 2015-03-01] (StdLib)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vm331avs; System32\Drivers\vm331avs.sys [X]
2015-03-01 23:58 - 2015-03-01 06:15 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{d3faa606-99ad-4927-8f30-167a217dc4db}Gw64.sys
2015-02-27 19:48 - 2015-02-27 02:19 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{291bfea4-019b-41de-a68d-736bec29b080}Gw64.sys
2015-02-27 19:46 - 2015-03-02 03:58 - 00000000 ____D () C:\Program Files (x86)\Clock Hand
2015-02-27 19:42 - 2015-02-27 19:42 - 00741784 _____ (Generic ) C:\Users\Marek\Downloads\CR_Downloader_dla_def-jam---fight-for-ny.exe
2014-02-05 21:33 - 2014-06-02 22:20 - 0003749 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-02-04 22:25 - 2014-02-04 22:25 - 49649512 _____ () C:\Users\Marek\AppData\Local\TempFullTiltPokerEuSetup.exe
2013-11-08 12:04 - 2013-11-08 12:04 - 0004153 _____ () C:\ProgramData\bltofzsb.qlf
2013-10-09 20:25 - 2013-10-09 20:25 - 0004111 _____ () C:\ProgramData\flwjycbm.bab
EmptyTemp:

W FRST wybierz Fix.

Pomogło, dziękuję.