Pomalý počítač - nejde ani vypnout

[Wajda77]

Ahoj,

mám velmi pomalý počítač. CCA 25 % normálního stavu. Dokonce nejde ani vypnout. Když se o to pokusím tak nekonečně dlouho běží obrazovaka "vypínání" a k vypnutí nedojde. Přilkldáám log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Andrejka a Tomáš (administrator) on TOMAS (21-01-2018 10:35:41)
Running from C:\Users\Andrejka a Tomáš\Desktop
Loaded Profiles: Andrejka a Tomáš (Available Profiles: Andrejka a Tomáš)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Avira Operations GmbH & Co. KG) C:\ProgramData\Avira\Launcher\Temp\avira.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\{D08E4D06-B652-4210-A6A8-D68F14340229}\.cr\avira.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\{E33EE4C5-1ADC-4D66-AD46-378C69CEB174}\.be\Avira.OE.Setup.Bundle.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\SwReporter\24.137.203\software_reporter_tool.exe
(Google) C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\SwReporter\24.137.203\software_reporter_tool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Andrejka a Tomáš\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [462848 2012-10-30] (Greenshot)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [{518c54f5-fd43-4aa6-936b-8d7fd8c85cbd}] => C:\ProgramData\Package Cache\{518c54f5-fd43-4aa6-936b-8d7fd8c85cbd}\Avira.OE.Setup.Bundle.exe [1289176 2018-01-06] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3597021740-638433563-444320614-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-12-24]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.111.1.10 212.111.0.10
Tcpip\..\Interfaces\{567BAC7E-A43E-47D3-B5C6-F5A5E2442CB8}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{B28756D8-90B0-463E-AB02-7F796513752B}: [DhcpNameServer] 212.111.1.10 212.111.0.10

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3597021740-638433563-444320614-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-15] (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default [2014-11-25]
FF Homepage: Mozilla\Firefox\Profiles\2fndn5vg.default -> hxxp://www.google.com
FF NewTab: Mozilla\Firefox\Profiles\2fndn5vg.default -> hxxp://www.google.com/
FF Extension: (Avira Browser Safety) - C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\2fndn5vg.default\Extensions\abs@avira.com [2014-11-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2012-07-12] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-22] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-12-24] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-11-09] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Andrejka a Tomáš\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-11] (Skype Limited)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/O1DPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @talk.google.com/O3DPlugin -> C:\Users\Andrejka a Tomáš\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-3597021740-638433563-444320614-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andrejka a Tomáš\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [2013-12-01] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Andrejka a Tomáš\AppData\Roaming\mozilla\plugins\npo1d.dll [2013-10-29] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default [2018-01-21]
CHR Extension: (Prezentace) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-27]
CHR Extension: (Dokumenty) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-27]
CHR Extension: (Disk Google) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-30]
CHR Extension: (Chrome RDP) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbkkbcmdlboombapidmoeolnmdacpkch [2017-11-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Tabulky) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (TeamViewer) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2017-11-27]
CHR Extension: (Gmail) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Andrejka a Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128944 2017-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [492560 2018-01-06] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-08-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-08-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-08-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [33792 2010-08-02] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [196344 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153072 2017-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-25] (Avira Operations GmbH & Co. KG)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S3 vwmfbus; C:\Windows\System32\DRIVERS\vwmfbus.sys [127488 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\Windows\System32\DRIVERS\vwmfdiag.sys [128512 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\Windows\System32\DRIVERS\vwmfmdfl.sys [18944 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\Windows\System32\DRIVERS\vwmfmdm.sys [161280 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\Windows\System32\DRIVERS\vwmfserd.sys [128512 2009-11-11] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-21 10:35 - 2018-01-21 10:38 - 000023662 _____ C:\Users\Andrejka a Tomáš\Desktop\FRST.txt
2018-01-21 10:33 - 2018-01-21 10:33 - 000112640 _____ (forum.viry.cz) C:\Users\Andrejka a Tomáš\Desktop\FRSTLauncher.exe
2018-01-21 10:26 - 2018-01-21 10:26 - 002393088 _____ (Farbar) C:\Users\Andrejka a Tomáš\Desktop\FRST64.exe
2018-01-10 19:55 - 2018-01-10 19:55 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (17).rdp
2018-01-10 19:55 - 2018-01-10 19:55 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (16).rdp
2018-01-09 10:06 - 2018-01-09 10:06 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (15).rdp
2018-01-08 20:22 - 2018-01-08 20:22 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (14).rdp
2018-01-08 20:18 - 2018-01-08 20:18 - 000006343 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-iexplore__1_-Remote_Access-CmsRdsh (2).rdp
2018-01-08 20:17 - 2018-01-08 20:17 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (13).rdp
2018-01-08 20:14 - 2018-01-08 20:14 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (12).rdp
2018-01-07 19:35 - 2018-01-07 19:35 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (11).rdp
2018-01-06 20:36 - 2018-01-06 20:36 - 000006343 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-iexplore__1_-Remote_Access-CmsRdsh (1).rdp
2018-01-06 20:35 - 2018-01-08 21:04 - 000001253 _____ C:\Users\Andrejka a Tomáš\Documents\odpovědi.txt
2018-01-06 20:29 - 2018-01-06 20:29 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (10).rdp
2018-01-06 20:13 - 2018-01-06 20:13 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (9).rdp
2018-01-06 20:06 - 2018-01-06 20:06 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (8).rdp
2018-01-06 20:04 - 2018-01-06 20:04 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (7).rdp
2018-01-06 20:00 - 2018-01-06 20:01 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (6).rdp
2018-01-06 19:42 - 2018-01-06 19:42 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (5).rdp
2018-01-03 22:41 - 2018-01-03 22:41 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (4).rdp
2017-12-30 15:19 - 2017-12-30 15:19 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (3).rdp
2017-12-30 15:17 - 2017-12-30 15:17 - 000006336 _____ C:\Users\Andrejka a Tomáš\Downloads\cpub-startTS-Remote_Access-CmsRdsh (2).rdp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-21 10:35 - 2015-07-16 02:47 - 000000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2018-01-21 10:35 - 2014-11-25 13:54 - 000000000 ____D C:\FRST
2018-01-21 10:16 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-21 10:16 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-17 17:07 - 2010-12-24 23:55 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2018-01-17 17:07 - 2010-12-24 23:55 - 000000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2018-01-17 17:07 - 2010-12-24 23:23 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2018-01-17 17:06 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-10 19:56 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-01-06 20:37 - 2013-12-05 15:00 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-06 19:44 - 2014-11-25 18:54 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-30 15:21 - 2009-07-14 16:18 - 000683040 _____ C:\Windows\system32\perfh005.dat
2017-12-30 15:21 - 2009-07-14 16:18 - 000149768 _____ C:\Windows\system32\perfc005.dat
2017-12-30 15:21 - 2009-07-14 06:13 - 001629182 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-30 15:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf

==================== Files in the root of some directories =======

2016-12-16 21:37 - 2016-12-16 21:37 - 007680000 _____ () C:\Program Files (x86)\GUT1277.tmp
2017-04-13 19:09 - 2017-04-13 19:09 - 007639040 _____ () C:\Program Files (x86)\GUT5AE0.tmp
2017-11-30 22:41 - 2017-11-30 22:41 - 007649280 _____ () C:\Program Files (x86)\GUT7465.tmp
2016-02-01 21:35 - 2016-02-01 21:35 - 006871040 _____ () C:\Program Files (x86)\GUT87B6.tmp
2016-12-05 21:22 - 2016-12-05 21:22 - 000000000 _____ () C:\Program Files (x86)\GUT8852.tmp
2017-06-06 17:53 - 2017-06-06 17:53 - 000000000 _____ () C:\Program Files (x86)\GUTAE1B.tmp
2015-12-07 17:32 - 2015-12-07 21:05 - 006420480 _____ () C:\Program Files (x86)\GUTD6B0.tmp
2013-07-08 11:56 - 2015-06-07 07:30 - 000009728 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-01 10:21 - 2014-02-01 10:21 - 000000104 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\fusioncache.dat
2012-07-22 13:04 - 2013-02-02 14:41 - 000007596 _____ () C:\Users\Andrejka a Tomáš\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2015-08-22 17:27 - 2016-12-06 19:38 - 000000000 ____D () C:\Users\Andrejka a Tomáš\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [148]
AlternateDataStreams: C:\Users\Public\DRM:مايكروسوفت [48]

==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Andrejka a Tom ç\Desktop" je 2 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira Systray
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launcher
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet
C:\Program Files\Dell\QuickSet\QuickSet.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTom MySports Connect.exe
C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Andrejka a Tom ç^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk
C:\PROGRA~2\BINARY~1\HDDLIF~1\HDDLIF~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Wajda77]

Ani mě to k mazání nevyzvalo. Nic tam není. Toto jsem udělal už sám kdysi. Vždy to řekne, že už tam nic není.

Abychom si rozuměli počítač jsem tak půl roku moc nepoužíval, ale teď bych zase rád.

Starší logy mám, chcete je?




# AdwCleaner 7.0.7.0 - Logfile created on Sun Jan 21 11:07:33 2018
# Updated on 2018/18/01 by Malwarebytes
# Database: 01-16-2018.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C14].txt - [1444 B] - [2015/8/22 16:18:42]
C:/AdwCleaner/AdwCleaner[C15].txt - [958 B] - [2015/12/7 20:5:37]
C:/AdwCleaner/AdwCleaner[C16].txt - [1040 B] - [2015/12/30 20:52:6]
C:/AdwCleaner/AdwCleaner[C1].txt - [3385 B] - [2016/2/25 9:49:22]
C:/AdwCleaner/AdwCleaner[C5].txt - [4819 B] - [2016/12/11 18:0:4]
C:/AdwCleaner/AdwCleaner[C6].txt - [2703 B] - [2017/6/20 15:21:49]
C:/AdwCleaner/AdwCleaner[S10].txt - [2082 B] - [2015/5/30 16:29:39]
C:/AdwCleaner/AdwCleaner[S11].txt - [2057 B] - [2015/6/9 18:58:1]
C:/AdwCleaner/AdwCleaner[S12].txt - [2761 B] - [2015/7/18 17:35:59]
C:/AdwCleaner/AdwCleaner[S15].txt - [1273 B] - [2015/8/22 16:14:57]
C:/AdwCleaner/AdwCleaner[S16].txt - [848 B] - [2015/12/7 19:56:7]
C:/AdwCleaner/AdwCleaner[S17].txt - [936 B] - [2015/12/30 20:45:47]
C:/AdwCleaner/AdwCleaner[S18].txt - [2585 B] - [2016/12/11 17:59:18]
C:/AdwCleaner/AdwCleaner[S19].txt - [3944 B] - [2017/6/20 15:21:23]
C:/AdwCleaner/AdwCleaner[S1].txt - [4877 B] - [2014/3/16 17:20:1]
C:/AdwCleaner/AdwCleaner[S20].txt - [3978 B] - [2017/7/8 10:11:16]
C:/AdwCleaner/AdwCleaner[S2].txt - [1113 B] - [2014/4/11 10:35:9]
C:/AdwCleaner/AdwCleaner[S3].txt - [1697 B] - [2014/5/7 7:53:40]
C:/AdwCleaner/AdwCleaner[S4].txt - [1818 B] - [2014/5/31 9:55:10]
C:/AdwCleaner/AdwCleaner[S5].txt - [4923 B] - [2014/9/30 16:59:27]
C:/AdwCleaner/AdwCleaner[S6].txt - [1687 B] - [2014/11/23 14:25:19]
C:/AdwCleaner/AdwCleaner[S7].txt - [2982 B] - [2014/11/25 10:17:35]
C:/AdwCleaner/AdwCleaner[S8].txt - [2018 B] - [2015/5/24 6:42:18]
C:/AdwCleaner/AdwCleaner[S9].txt - [1802 B] - [2015/5/24 11:29:55]


########## EOF - C:\AdwCleaner\AdwCleaner[S18].txt ##########

[Rudy]

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\GUT1277.tmp
C:\Program Files (x86)\GUT5AE0.tmp
C:\Program Files (x86)\GUT7465.tmp
C:\Program Files (x86)\GUT87B6.tmp
C:\Program Files (x86)\GUT8852.tmp
C:\Program Files (x86)\GUTAE1B.tmp
C:\Program Files (x86)\GUTD6B0.tmp
C:\Users\Andrejka a Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Andrejka a Tomáš\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [148]
AlternateDataStreams: C:\Users\Public\DRM:مايكروسوفت [48]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Wajda77]

Počítač je o něco rychlejší, ale pořád mi to přijde pomalejší. Problém s tí m že počítač nelze legalně vypnout (tedy naskočí obrazovka s nápisem vypínání a ta je tam klidně i několik hodin) přetrvává.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by Andrejka a Tomáš (21-01-2018 15:06:07) Run:4
Running from C:\Users\Andrejka a Tomáš\Desktop
Loaded Profiles: Andrejka a Tomáš (Available Profiles: Andrejka a Tomáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\GUT1277.tmp
C:\Program Files (x86)\GUT5AE0.tmp
C:\Program Files (x86)\GUT7465.tmp
C:\Program Files (x86)\GUT87B6.tmp
C:\Program Files (x86)\GUT8852.tmp
C:\Program Files (x86)\GUTAE1B.tmp
C:\Program Files (x86)\GUTD6B0.tmp
C:\Users\Andrejka a Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Andrejka a Tomáš\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [148]
AlternateDataStreams: C:\Users\Public\DRM:مايكروسوفت [48]

EmptyTemp:
End
*****************

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Program Files (x86)\GUT1277.tmp => moved successfully
C:\Program Files (x86)\GUT5AE0.tmp => moved successfully
C:\Program Files (x86)\GUT7465.tmp => moved successfully
C:\Program Files (x86)\GUT87B6.tmp => moved successfully
C:\Program Files (x86)\GUT8852.tmp => moved successfully
C:\Program Files (x86)\GUTAE1B.tmp => moved successfully
C:\Program Files (x86)\GUTD6B0.tmp => moved successfully
C:\Users\Andrejka a Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Andrejka a Tomáš\AppData\Local\Temp" folder move:

Could not move "C:\Users\Andrejka a Tomáš\AppData\Local\Temp" => Scheduled to move on reboot.

C:\ProgramData\TEMP => ":55B41E6A" ADS removed successfully
C:\Users\Public\DRM => ":مايكروسوفت" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6390540 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 424692479 B
Edge => 0 B
Chrome => 39227861 B
Firefox => 98304 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 458130 B
Andrejka a Tomáš => 151559853 B

RecycleBin => 0 B
EmptyTemp: => 601.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-01-2018 19:41:27)

C:\Users\Andrejka a Tomáš\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:41:28 ====

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Wajda77]

Celou noc a pak znovu celý den... Nepohne se ze scanování startovacích souborů. Mám nechat běžet, nebo je jiná možnost?

[Rudy]

Můžete spustit i v nouz režimu. Tam by to mělo být rychlejší.