Analiza logów FRST dla zamulonego laptopa - Chrome obciąża CPU

Cześć, zwracam się z prośbą o przejrzenie logów FRST i pomoc w odmuleniu laptopa.
Większość złośliwego oprogramowania usunąłem, przeczyściłem też ADWCleanerem, ale dalej muli.

Odinstaluj:
Avast Antivirus w Windows 10 do ochrony systemu wystarczy systemowy Windows Defender.

Otwórz notatnik i wklej:

CloseProcesses:
CreateRestorePoint:
AlternateDataStreams: C:\Users\kowal\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
AlternateDataStreams: C:\Users\sylwi\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
Hosts:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2591544 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA
HKU\S-1-5-21-465656007-4116157895-3920965314-1001\...\MountPoints2: {0a892274-f7f0-11e7-aa09-3ca0671fea6f} - "E:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2020-07-21]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ograniczenia <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
Task: {11D2C255-21FF-48CB-8C6E-528B6305A655} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
Task: {391DF0DD-2F6E-4CA8-8359-69BB4EB6DB86} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3810408 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
Task: {635E0FA7-B2E9-4EFC-91DB-1D0BCBFDA6C8} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1180488 2020-07-20] (Avast Software s.r.o. -> AVAST Software)
Task: {6A08DE53-666E-4B60-BDCC-1865DAA966FC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {DC9B0DC6-9B6B-4A37-87F8-0A597167747A} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5098136 2020-07-08] (Avast Software s.r.o. -> Avast Software)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
HKU\S-1-5-21-465656007-4116157895-3920965314-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-465656007-4116157895-3920965314-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-465656007-4116157895-3920965314-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-465656007-4116157895-3920965314-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-465656007-4116157895-3920965314-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-465656007-4116157895-3920965314-1001 -> {9B55E8C2-FABB-4445-AB44-7737412530A2} URL = hxxp://www.homepage-go.com/search?q={searchTerms}
Edge HomePage: Default -> hxxps://no.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87fptxqjxp1acegikmwv4001220&param1=y6bdVFVIsvuYsgEClQfz8OwmhzNKyrgL6nqJxNEJ6irMs4BrcPo5CkKkmgifaFb4QtnxKrQBKMxJqC8Pdgiqzr0xl87H0Mlj1cxHzxshk77aCAuyvcRPB8sUavCPkchGuII5FqpxVXZlUo7nOqtvlsGG9PaEeZtlllJRt8lIBPuYHbSB1VK8vaXjuQUHWOn1pxL8pqCNwYUVsDvdh0LiWqG51qgylwvY7Ft5mSQAaWtGWDnXttunwJiPPde%2F1dkmzh7Tk1t1HfoQbQAng3VwhZd9rmcAQre28AVkRmiHv7182mCiKxdbeAl0VZ2o%2F6sD5lEAzLYezmoJ7%2FQLiKGIMUTB973QKpKPMn1hNXxHdOAKwabR4DMBoe26evlpc7AHJuuLQz6yBNL5T7fNsjRqhA%3D%3D
Edge StartupUrls: Default -> "hxxps://no.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87fptxqjxp1acegikmwv4001220&param1=y6bdVFVIsvuYsgEClQfz8OwmhzNKyrgL6nqJxNEJ6irMs4BrcPo5CkKkmgifaFb4QtnxKrQBKMxJqC8PdgiqzukOY38hAAk4KtHyJ5E%2BMrvMENhstHGxakQEDr2roiMwFCZNBE5NUM210XEVbjumYYq%2BxxTBhkHN8pzV%2FW0MHFKN85huncFQnAozqa5v5MQI2wbELaAlWgVFCeUqc0u%2BMwxeHqWRCVXjxKszHn8bx0Ev85tf5qFLyw52Y66HswvKj4TyuZQ3Pv%2B%2FjNK%2BttjGPEpuprnUfN1g1xj202X1SByq8ZNDAZ%2FQXxsCgv9G6wVShykwJFGjPb9MoL5fIO7ShZFfiQ4qS2LDFArtoxHMZJ5KbKonF5ry5yJyPC0SfIy97wC90jy3lXO2MLDBqxl7yg%3D%3D"
Edge DefaultSearchURL: Default -> hxxps://no.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87fptxqjxp1acegikmwv4001220&param1=y6bdVFVIsvuYsgEClQfz8OwmhzNKyrgL6nqJxNEJ6irMs4BrcPo5CkKkmgifaFb4QtnxKrQBKMxJqC8PdgiqzhcROFNxdqyVut2ZAo1NzREnHXI%2Fk325rq1TtxQ5KlWy3RhqEvjMqX24GcXQKF%2FqTtQBssvrLqEjtapHmIz%2FdNGg9h5xumVYvCDdyb%2FLmNlCv%2BrZb5XMfLEJxNNrbxRGeeua4eH2Uv4PfEksAL7vwT9BqvmTy%2BrIdmMtuWkwsLdCK7tl%2BCnt6qg%2Fdsq7eYneyu145EUC6CibKe%2F2UAF9Ga%2BT9B3bHysQXW1fkiaCYzeYWN0iV0GGmkMSQl4bvYSDWALmQG0uT%2FtmKfMbDTwdAilWpbwiW6IvrRznnqj7alTgatKDZr%2BH7vHayjfNGhGFrA%3D%3D&p={searchTerms}
Edge DefaultSearchKeyword: Default -> search.yahoo.com
Edge DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Brak pliku]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Brak pliku]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7776160 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [353696 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1072800 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12979376 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [7415168 2020-07-20] (Avast Software s.r.o. -> AVAST Software)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [X]
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe" [X]
S3 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205888 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235592 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195656 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60488 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42776 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175200 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [515544 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466752 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [323784 2020-08-06] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-07-20] (Avast Software s.r.o. -> Avast Software)
U3 aswbdisk; Brak ImagePath
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
2020-08-06 18:44 - 2020-08-06 18:44 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-08-06 18:44 - 2020-08-06 18:44 - 000175200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-08-06 18:44 - 2020-08-06 18:43 - 000335968 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie masz FRST.exe.
Uruchom FRST i kliknij w Fix/Napraw.