Disk je vytížen na 100%

Zpráva

reginald · #1 Příspěvek od **reginald** » 26 pro 2015 11:59

Zdravím, poslední dobu mám stále vytížen disk na 100% po startu PC, nejčastěji od hostitelů služby. Opravdu nevím jak to opravit, PC se i déle zapíná.
Předem díky za odpověď.

#2 Příspěvek od **Rudy** » 26 pro 2015 18:05

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

reginald · #3 Příspěvek od **reginald** » 26 pro 2015 19:24

Bohužel log byl velký, nemohl jsem ho zde vypsat, proto jsem ho upnul na leteckou poštu. Odkaz níže:
http://leteckaposta.cz/495200273

#4 Příspěvek od **Rudy** » 26 pro 2015 19:53

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

reginald · #5 Příspěvek od **reginald** » 26 pro 2015 20:51

Tady log z AdwCleaneru:

Kód: Vybrat vše

# AdwCleaner v5.026 - Logfile created 26/12/2015 at 20:46:23
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Vratislav - FLOX-PC
# Running from : C:\Users\Vratislav\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.4

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\kmspico
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kmspico

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\Users\VRATIS~1\AppData\Local\Temp\Utils.dll
[-] File Deleted : C:\Users\Vratislav\AppData\Roaming\Mozilla\Firefox\Profiles\1ade2unm.default\Extensions\Avg@toolbar.xpi
[-] File Deleted : C:\Users\Vratislav\AppData\Roaming\Mozilla\Firefox\Profiles\1ade2unm.default\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Users\Vratislav\AppData\Roaming\Mozilla\Firefox\Profiles\1ade2unm.default\user.js

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [ Web browsers ] *****

[-] [C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : sam-broadcaster.en.softonic.com

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4234 bytes] ##########

#6 Příspěvek od **Rudy** » 26 pro 2015 21:36

Dejte nový log FRST.

reginald · #7 Příspěvek od **reginald** » 26 pro 2015 21:41

NOVÝ LOG

#8 Příspěvek od **Rudy** » 26 pro 2015 21:57

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀SmartDefragBootTime.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://terra.im/?sid=101
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://terra.im/?sid=101
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={84D408FF-6BE4-49A2-993D-A4AD0936DEB8}&mid=f3f74c59d18347cd9dc885f7b1b4e06c-1906cd75e3d54b961b26e869b405598049fec206&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215pi&pr=fr&d=2015-04-10 15:08:25&v=4.1.4.948&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\S-1-5-21-4036517263-2457176589-623769244-1001 -> DefaultScope {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?sid=101&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4036517263-2457176589-623769244-1001 -> {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?sid=101&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF Homepage: hxxps://mysearch.avg.com/?cid={84D408FF-6BE4-49A2-993D-A4AD0936DEB8}&mid=f3f74c59d18347cd9dc885f7b1b4e06c-1906cd75e3d54b961b26e869b405598049fec206&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-04-10 15:08:25&v=4.2.1.951&pid=wtu&sg=&sap=hp
FF Extension: Битрейт для ВК - C:\Users\Vratislav\AppData\Roaming\Mozilla\Firefox\Profiles\1ade2unm.default\extensions\bitrater_loader@bitrater.ru [2015-08-02] [not signed]
CHR Extension: (Twitch Now) - C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-12-10]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\.rnd
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Vratislav\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
C:\ProgramData\auqrgqib.ttw
C:\Users\Vratislav\AppData\Local\Temp
Task: {18F6E964-A846-411C-A3BE-49AD0F633D3E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2E918D37-56B0-4FD9-9BBF-BC8F03EB3626} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {68D29A85-FA71-4824-ADB1-029F31A1DBF4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7E4DAF10-F7CF-493D-BEFB-1A4570A9E59B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8183D0CC-89D5-44DE-95C8-8802CCAEFDC1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8561090B-9DE0-4EE1-86F8-CBBF4419FC5E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {94EFA1A6-A438-4A3D-AC69-5E72357346E4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B1A0A7E6-77A7-46F1-89D8-61FE99D6DB90} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C00DB09D-C5EE-41B4-9051-D4DA5095660E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DBFB144A-5726-40D5-ABFE-7FE194EA86B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E438B5C1-9709-4810-85FB-63A77F6E9303} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

reginald · #9 Příspěvek od **reginald** » 26 pro 2015 22:17

Zde požadovaný fixlog:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version:25-12-2015
Ran by Vratislav (2015-12-26 22:12:53) Run:1
Running from C:\Users\Vratislav\Desktop
Loaded Profiles: Vratislav (Available Profiles: Vratislav)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
BootExecute: autocheck autochk * ?????????????SmartDefragBootTime.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS	
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS	
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://terra.im/?sid=101
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://terra.im/?sid=101
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={84D408FF-6BE4-49A2-993D-A4AD0936DEB8}&mid=f3f74c59d18347cd9dc885f7b1b4e06c-1906cd75e3d54b961b26e869b405598049fec206&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215pi&pr=fr&d=2015-04-10 15:08:25&v=4.1.4.948&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\S-1-5-21-4036517263-2457176589-623769244-1001 -> DefaultScope {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?sid=101&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4036517263-2457176589-623769244-1001 -> {4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} URL = hxxp://terra.im/search?sid=101&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF Homepage: hxxps://mysearch.avg.com/?cid={84D408FF-6BE4-49A2-993D-A4AD0936DEB8}&mid=f3f74c59d18347cd9dc885f7b1b4e06c-1906cd75e3d54b961b26e869b405598049fec206&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-04-10 15:08:25&v=4.2.1.951&pid=wtu&sg=&sap=hp
FF Extension: ??????? ??? ?? - C:\Users\Vratislav\AppData\Roaming\Mozilla\Firefox\Profiles\1ade2unm.default\extensions\bitrater_loader@bitrater.ru [2015-08-02] [not signed]
CHR Extension: (Twitch Now) - C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-12-10]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\.rnd
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Vratislav\AppData\Local???????????????????
C:\ProgramData\auqrgqib.ttw
C:\Users\Vratislav\AppData\Local\Temp
Task: {18F6E964-A846-411C-A3BE-49AD0F633D3E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2E918D37-56B0-4FD9-9BBF-BC8F03EB3626} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {68D29A85-FA71-4824-ADB1-029F31A1DBF4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7E4DAF10-F7CF-493D-BEFB-1A4570A9E59B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8183D0CC-89D5-44DE-95C8-8802CCAEFDC1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8561090B-9DE0-4EE1-86F8-CBBF4419FC5E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {94EFA1A6-A438-4A3D-AC69-5E72357346E4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B1A0A7E6-77A7-46F1-89D8-61FE99D6DB90} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C00DB09D-C5EE-41B4-9051-D4DA5095660E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DBFB144A-5726-40D5-ABFE-7FE194EA86B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E438B5C1-9709-4810-85FB-63A77F6E9303} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\Software\Microsoft\Internet Explorer\Main\\First Home Page => value removed successfully
HKU\S-1-5-21-4036517263-2457176589-623769244-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4036517263-2457176589-623769244-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE}" => key removed successfully
HKCR\CLSID\{4187F0FC-AF41-4E4B-AE67-84C8FD35A0AE} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found. 
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
Firefox "homepage" removed successfully
C:\Users\Vratislav\AppData\Roaming\Mozilla\Firefox\Profiles\1ade2unm.default\extensions\bitrater_loader@bitrater.ru => moved successfully
C:\Users\Vratislav\AppData\Roaming\Mozilla\Firefox\Profiles\1ade2unm.default\extensions\bitrater_loader@bitrater.ru => path removed successfully
C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk => moved successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
C:\.rnd => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

=========== "C:\Users\Vratislav\AppData\Local???????????????????" ==========

C:\Users\Vratislav\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 => moved successfully

========= End -> "C:\Users\Vratislav\AppData\Local???????????????????" ========

C:\ProgramData\auqrgqib.ttw => moved successfully
C:\Users\Vratislav\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18F6E964-A846-411C-A3BE-49AD0F633D3E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18F6E964-A846-411C-A3BE-49AD0F633D3E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E918D37-56B0-4FD9-9BBF-BC8F03EB3626}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E918D37-56B0-4FD9-9BBF-BC8F03EB3626}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68D29A85-FA71-4824-ADB1-029F31A1DBF4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68D29A85-FA71-4824-ADB1-029F31A1DBF4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E4DAF10-F7CF-493D-BEFB-1A4570A9E59B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E4DAF10-F7CF-493D-BEFB-1A4570A9E59B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8183D0CC-89D5-44DE-95C8-8802CCAEFDC1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8183D0CC-89D5-44DE-95C8-8802CCAEFDC1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8561090B-9DE0-4EE1-86F8-CBBF4419FC5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8561090B-9DE0-4EE1-86F8-CBBF4419FC5E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94EFA1A6-A438-4A3D-AC69-5E72357346E4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94EFA1A6-A438-4A3D-AC69-5E72357346E4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1A0A7E6-77A7-46F1-89D8-61FE99D6DB90}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1A0A7E6-77A7-46F1-89D8-61FE99D6DB90}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C00DB09D-C5EE-41B4-9051-D4DA5095660E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C00DB09D-C5EE-41B4-9051-D4DA5095660E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBFB144A-5726-40D5-ABFE-7FE194EA86B9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBFB144A-5726-40D5-ABFE-7FE194EA86B9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E438B5C1-9709-4810-85FB-63A77F6E9303}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E438B5C1-9709-4810-85FB-63A77F6E9303}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully


The system needed a reboot.

==== End of Fixlog 22:13:04 ====

#10 Příspěvek od **Rudy** » 26 pro 2015 22:40

Smazáno. Nastala nějaká změna?

reginald · #11 Příspěvek od **reginald** » 26 pro 2015 22:42

Po restartu PC stále disk na 100%, přejde to ale relativně rychle, možná je to jen start procesy teď, opravdu to rychle přejde, ale tak na 1 minutu tam ještě 100% je.

#12 Příspěvek od **Rudy** » 26 pro 2015 22:46

Koukneme na to do hloubky. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

reginald · #13 Příspěvek od **reginald** » 27 pro 2015 00:04

Nevím, zda je to to, co po mně chcete, když tak mě prosím opravte, zde je log:

Kód: Vybrat vše

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.12.2015
Čas skenování: 23:42
Protokol: mbamlog.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.12.26.05
Databáze rootkitů: v2015.12.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Vratislav

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 372038
Uplynulý čas: 11 min, 17 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

#14 Příspěvek od **Rudy** » 27 pro 2015 11:07

Po viré stránce máte PC čistý. Který proces nejvíce zatěžuje systém?

reginald · #15 Příspěvek od **reginald** » 27 pro 2015 11:28

Systém a komprimovaná paměť a Steam, ale již téměř okamžitě po startu PC se ze 100% disk zhoupne na 1-4% procenta využití, pokud tedy nic nedělám.

VIRY.CZ

Disk je vytížen na 100%

Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%

Re: Disk je vytížen na 100%