VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Spomalený počítač

https://forum.viry.cz:443/viewtopic.php?t=157771

Stránka 1 z 2

Spomalený počítač

Napsal: 09 led 2021 18:58
od il.mateji
Dobrý večer,
obraciam sa k Vám o pomoc, počítač tak nejak nevládze. Výkonom je pomalší ako slimák na odpočívadle.
Pred nejakou dobou (mesiac, maximálne dva) prešiel z win7 na win10 (vďaka aktualizáciám a plašeniu Microsoftu, že na win7 už "kašle"). Sám windows zdá sa, beží normálne, behom pár minút sa spustí, prihlásim sa k účtu a môžem veselo surfovať po internete. Problém nastáva, keď si pustím nejakú hru. Tam je ten výkon dosť viditeľne nízky, a to i na hrách z dob dávno minulých či hrách ktorých minimálne požiadavky presahujem s prehľadom. Nastavenia na jednej konkrétnej hre (neviem zda môžem menovať konkrétne), ktorá šlapala na stredných nastaveniach plynulo, dnes na minimálnych nastaveniach sťažka udrží plynulý obraz (pre mňa osobne nehrateľné).
Antivir (win defender) nejakého trojana 5.1.2021 našiel a naložil s ním ako sa na antivir patrí. Spyhunter (free verzia len na sken, bez opráv) našiel ďalších 24 problémov, následne na to som použil ADWcleaner, ten ich našiel "len" 19 a vyriešil.
Zmena vo výkone ale žiadna.
Nakoľko som v tomto smeru dosť neschopný :oops: , viac s tým urobiť nedokážem.

Zde je log FRST (addition.txt v prílohe zararovaný 7zipom)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by Alternativa (administrator) on PC-PC (ASUSTeK COMPUTER INC. K55VM) (09-01-2021 18:34:05)
Running from C:\Users\Alternativa\Desktop\viry
Loaded Profiles: Alternativa
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) [File not signed] C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Hi-Rez Studios) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.680_none_e72768c3263f99bc\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2015-01-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2481016 2020-12-29] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [Opera Browser Assistant] => C:\Users\Alternativa\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3024408 2020-02-24] (Opera Software AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0AB7E4FE-8828-463C-9AFB-67A7E95346B3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {0AB85A1D-AEBC-4164-9DAB-85C311DD84D4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {0BE0771D-D86B-43EA-91FE-6364B3C20647} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0F0AFFC4-B7CF-4A8A-BE4D-846C79F8A72B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16C686BB-011A-4C44-8941-40D2CC2D982F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {18840EA1-42FD-4A19-B39B-EFB20E278B2E} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {221FF07F-FC0A-4F47-9436-E5D8C05324F4} - System32\Tasks\{8965F50F-F111-4493-85B8-1F629BEEBB4E} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.0.0.102/cs/a ... =tsInstall
Task: {27A110AE-78AD-4C5D-975C-7C6E69D0E153} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1120936 2012-01-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {56DA73ED-5383-4CBD-A600-FFC1B3F9330C} - System32\Tasks\RunGadgetController => C:\Program Files (x86)\ASUS\InstantOn for NB\GadgetController.exe [2470528 2012-02-04] (ASUSTeK Computer Inc. -> ASUS)
Task: {5701B589-1C24-431D-A585-7F21EAAFA6CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {66A3A605-1346-4A4D-8375-45DD880EDF16} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78823C90-9A38-4B3A-A476-4FD59D7C0A70} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7CE3F3E0-3E4E-47D1-9EDA-BC6D0E9CE54C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {876F1F9D-E2A9-47DB-8D6B-037FCAA5EDA4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {955FE69C-3556-4A72-8C48-40DFBAA0A539} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {99ADB0CA-672E-4FEC-86C4-E8DC868BFA5F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B772473F-58C8-4553-8C7E-7403347B6063} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {BC12FC14-9972-474D-99FD-E046F72804D8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BD36A098-21B5-4886-A58F-EA8C56A6AD22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C379F52A-2455-4E41-99DC-04D6AC3615BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7B96F7F-E609-4E56-8E9C-5E5C107681E9} - System32\Tasks\{3309225A-269D-400C-8F46-37EC3EC93056} => C:\windows\system32\pcalua.exe -a "C:\Users\Alternativa\Desktop\ROME TOTAL WAR - install\RTW cestina\RomeTotalWar_CZ.exe" -d "C:\Users\Alternativa\Desktop\ROME TOTAL WAR - install\RTW cestina"
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E2C9DB2C-E6DF-4214-9035-617D37295C1D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {E6C5EEA8-FE76-4623-BFE5-8AE50BBCDA7F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1004464 2012-02-16] (ASUSTeK Computer Inc. -> ASUS) [File not signed]
Task: {E7FCC865-A45F-4D08-97E8-CCDCF858E540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F117DB0C-A65B-432A-94C4-7662A184EE84} - System32\Tasks\Opera scheduled Autoupdate 1539442828 => C:\Users\Alternativa\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-05] (Opera Software AS -> Opera Software)
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{1C2FA7DC-D0A1-419A-89B8-A04D279CF579}: [DhcpNameServer] 10.255.255.10 10.255.255.20

Edge:
======
Edge Profile: C:\Users\Alternativa\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-05]
Edge Extension: (Outlook) - C:\Users\Alternativa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-25]
Edge Extension: (Word) - C:\Users\Alternativa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-25]
Edge Extension: (Excel) - C:\Users\Alternativa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-25]
Edge Extension: (PowerPoint) - C:\Users\Alternativa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-25]

FireFox:
========
FF DefaultProfile: dskwqqrf.default-1452523124673-1535376006759
FF ProfilePath: C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\dskwqqrf.default-1452523124673-1535376006759 [2021-01-05]
FF Extension: (Telemetry coverage) - C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\dskwqqrf.default-1452523124673-1535376006759\features\{03c2325d-62fd-4a10-b824-18d1b59bb92b}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-10] [Legacy]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Notifications: hxxps://www.youtube.com
OPR Extension: (Rich Hints Agent) - C:\Users\Alternativa\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUSTeK Computer Inc. -> ASUS)
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [383016 2018-03-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GSService; C:\windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-28] (Hi-Rez Studios) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\windows\System32\mracsvc.exe [19136152 2020-03-22] (Mail.Ru LLC -> LLC Mail.Ru)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Rockstar Service; D:\Games\Rockstar Games\Launcher\RockstarService.exe [1382016 2020-11-28] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [35968 2012-07-14] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\WINDOWS\System32\drivers\AsusVTouch.sys [19104 2012-07-14] (ASUSTeK Computer Inc. -> ASUS)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [49824 2012-07-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl2d4fc264; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2FC99A7F-4008-409B-83C3-A69031E1F0A9}\MpKslDrv.sys [91376 2021-01-09] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [18367968 2020-03-22] (Mail.Ru LLC -> LLC Mail.Ru)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-09 18:23 - 2021-01-09 18:29 - 000000000 ____D C:\Users\Alternativa\Desktop\viry
2021-01-05 08:38 - 2021-01-05 08:38 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-05 08:38 - 2021-01-05 08:38 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-05 08:38 - 2021-01-05 08:38 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-05 08:38 - 2021-01-05 08:38 - 000000000 ____D C:\Users\Alternativa\AppData\Local\mbam
2021-01-05 08:38 - 2021-01-05 08:37 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-05 08:38 - 2021-01-05 08:37 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-05 08:37 - 2021-01-05 08:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-05 08:37 - 2021-01-05 08:37 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-04 19:38 - 2021-01-04 19:38 - 000000000 _____ C:\autoexec.bat
2020-12-26 21:37 - 2020-12-26 21:37 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-26 21:20 - 2020-12-26 21:20 - 000000000 ____D C:\Users\Alternativa\Documents\4A Games
2020-12-26 21:16 - 2020-12-26 21:16 - 000000000 ____D C:\Users\Alternativa\AppData\Local\4A Games
2020-12-23 11:11 - 2020-12-23 11:12 - 000000000 ____D C:\Users\Alternativa\Desktop\holky
2020-12-21 17:46 - 2020-12-21 17:46 - 000000000 ____D C:\Users\Alternativa\AppData\Local\NVIDIA Corporation
2020-12-11 12:25 - 2020-12-11 12:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 12:25 - 2020-12-11 12:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 12:25 - 2020-12-11 12:25 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 12:25 - 2020-12-11 12:25 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 12:24 - 2020-12-11 12:24 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 12:24 - 2020-12-11 12:24 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 12:24 - 2020-12-11 12:24 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 12:24 - 2020-12-11 12:24 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 12:24 - 2020-12-11 12:24 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 12:24 - 2020-12-11 12:24 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 12:24 - 2020-12-11 12:24 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 12:24 - 2020-12-11 12:24 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 12:24 - 2020-12-11 12:24 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 12:24 - 2020-12-11 12:24 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 12:24 - 2020-12-11 12:24 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-11 12:23 - 2020-12-11 12:23 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 12:23 - 2020-12-11 12:23 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 12:23 - 2020-12-11 12:23 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 12:23 - 2020-12-11 12:23 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 12:23 - 2020-12-11 12:23 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 12:23 - 2020-12-11 12:23 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 12:23 - 2020-12-11 12:23 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-09 18:34 - 2018-03-28 13:14 - 000000000 ____D C:\FRST
2021-01-09 18:21 - 2016-10-07 17:12 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-09 18:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-09 17:17 - 2020-10-18 00:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-09 14:25 - 2018-08-01 15:22 - 000000000 ____D C:\Program Files\CCleaner
2021-01-09 11:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-09 11:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-09 11:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-09 11:07 - 2020-10-18 14:40 - 000000000 __SHD C:\Users\Alternativa\IntelGraphicsProfiles
2021-01-09 11:06 - 2020-10-18 00:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-09 11:06 - 2020-10-18 00:10 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-09 11:06 - 2016-10-07 20:31 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2021-01-09 11:06 - 2015-06-27 13:31 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-08 22:05 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-08 12:48 - 2020-10-21 20:06 - 000004194 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1539442828
2021-01-08 12:48 - 2018-10-13 16:00 - 000001532 _____ C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-07 19:55 - 2017-09-20 20:07 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\MPC-HC
2021-01-06 10:22 - 2020-10-22 08:28 - 000000893 _____ C:\Users\Alternativa\Desktop\Steam.lnk
2021-01-06 10:22 - 2019-07-08 13:19 - 000001351 _____ C:\Users\Alternativa\Desktop\Prohlížeč Opera.lnk
2021-01-06 10:22 - 2019-03-14 22:53 - 000001009 _____ C:\Users\Alternativa\Desktop\Celestia.lnk
2021-01-06 10:22 - 2019-03-14 22:42 - 000001875 _____ C:\Users\Alternativa\Desktop\Stellarium.lnk
2021-01-06 10:22 - 2018-04-14 14:47 - 000001226 _____ C:\Users\Alternativa\Desktop\TeamSpeak 3 Client.lnk
2021-01-06 10:22 - 2018-04-11 14:07 - 000001275 _____ C:\Users\Alternativa\Desktop\OpenIV.lnk
2021-01-06 10:22 - 2017-08-17 19:01 - 000002296 _____ C:\Users\Alternativa\Desktop\Discord.lnk
2021-01-06 10:22 - 2017-01-04 17:36 - 000001932 _____ C:\Users\Alternativa\Desktop\FiatEcuScan.lnk
2021-01-05 19:21 - 2017-10-13 19:05 - 000000000 ____D C:\Users\Alternativa\AppData\Local\CrashDumps
2021-01-05 18:54 - 2020-10-18 00:22 - 000000000 ____D C:\Users\Alternativa
2021-01-05 18:53 - 2020-04-10 13:53 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Minion
2021-01-05 18:53 - 2015-01-07 20:01 - 000000000 ____D C:\Program Files\ASUS
2021-01-05 08:38 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-05 08:31 - 2020-10-18 00:34 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-04 16:45 - 2015-01-07 19:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-03 16:23 - 2020-01-04 19:52 - 000115409 _____ C:\Users\Alternativa\Desktop\epd2020.xlsx
2021-01-03 14:01 - 2020-10-18 00:37 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Packages
2021-01-03 14:00 - 2020-10-18 00:51 - 000000000 ____D C:\Users\Alternativa\AppData\Local\PlaceholderTileLogoFolder
2021-01-03 12:55 - 2016-12-10 16:05 - 000007601 _____ C:\Users\Alternativa\AppData\Local\resmon.resmoncfg
2021-01-01 11:11 - 2015-03-28 19:47 - 000000000 ____D C:\Users\Alternativa\AppData\Local\paint.net
2020-12-31 19:05 - 2017-12-02 10:13 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\discord
2020-12-26 21:38 - 2016-05-28 11:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-12-24 22:35 - 2019-03-14 22:42 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\Stellarium
2020-12-24 14:48 - 2020-03-22 09:47 - 000001381 _____ C:\Users\Public\Desktop\Skype.lnk
2020-12-24 14:48 - 2018-01-06 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-24 14:33 - 2018-04-05 20:54 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2020-12-24 14:33 - 2015-03-28 19:48 - 000000000 ____D C:\Program Files\paint.net
2020-12-24 14:31 - 2020-10-17 23:04 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-24 14:25 - 2018-10-13 18:09 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-20 19:03 - 2019-09-11 19:14 - 000000000 ____D C:\Users\Alternativa\Desktop\World of Warcraft Cataclysm 4.3.4
2020-12-19 14:32 - 2020-10-24 22:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 14:32 - 2020-10-24 22:07 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-16 22:15 - 2020-10-18 17:09 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-720473701-4286339666-290851041-1002
2020-12-16 22:15 - 2020-10-18 00:56 - 000000000 ___RD C:\Users\Alternativa\OneDrive
2020-12-16 22:15 - 2020-10-18 00:22 - 000002418 _____ C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 17:49 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-15 10:40 - 2020-10-18 00:21 - 001884940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-15 10:40 - 2019-12-07 15:41 - 000780986 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-15 10:40 - 2019-12-07 15:41 - 000177936 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-13 19:50 - 2017-08-17 19:00 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Discord
2020-12-11 23:01 - 2020-10-18 00:11 - 000471568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 22:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-11 12:04 - 2015-11-06 19:21 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-11 12:00 - 2020-10-18 01:39 - 000000000 ___HD C:\$WinREAgent

==================== Files in the root of some directories ========

2020-03-22 09:30 - 2020-03-22 13:28 - 000000004 _____ () C:\ProgramData\lock.dat
2020-03-22 09:31 - 2020-03-22 13:28 - 000000004 _____ () C:\ProgramData\rc.dat
2009-07-29 06:21 - 2009-07-28 19:31 - 000000223 _____ () C:\ProgramData\setwallpaper.cmd
2020-03-22 09:30 - 2020-03-22 09:30 - 000000008 _____ () C:\ProgramData\ts.dat
2017-03-19 01:28 - 2017-09-03 07:50 - 000000097 _____ () C:\Users\Alternativa\AppData\Roaming\LauncherSettings_live.cfg
2015-03-06 21:28 - 2020-03-22 09:29 - 000000380 _____ () C:\Users\Alternativa\AppData\Roaming\sp_data.sys
2017-03-19 01:43 - 2017-08-06 07:35 - 000000042 _____ () C:\Users\Alternativa\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-12-10 16:05 - 2021-01-03 12:55 - 000007601 _____ () C:\Users\Alternativa\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Spomalený počítač

Napsal: 09 led 2021 19:03
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Spomalený počítač

Napsal: 09 led 2021 19:20
od il.mateji
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-09-2021
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1375 octets] - [06/12/2018 11:38:04]
AdwCleaner[C00].txt - [1521 octets] - [06/12/2018 11:38:53]
AdwCleaner[S01].txt - [1379 octets] - [14/03/2019 21:25:20]
AdwCleaner[S02].txt - [1529 octets] - [23/05/2019 15:21:29]
AdwCleaner[C02].txt - [1695 octets] - [23/05/2019 15:21:39]
AdwCleaner[S03].txt - [1562 octets] - [26/09/2019 18:24:09]
AdwCleaner[C03].txt - [1748 octets] - [26/09/2019 18:24:38]
AdwCleaner[S04].txt - [1847 octets] - [22/03/2020 09:27:15]
AdwCleaner[C04].txt - [1955 octets] - [22/03/2020 09:27:51]
AdwCleaner[S05].txt - [4178 octets] - [22/03/2020 09:33:25]
AdwCleaner[C05].txt - [4600 octets] - [22/03/2020 09:34:57]
AdwCleaner[S06].txt - [2084 octets] - [22/03/2020 09:53:05]
AdwCleaner[S07].txt - [2145 octets] - [22/03/2020 12:17:16]
AdwCleaner[C07].txt - [2335 octets] - [22/03/2020 12:18:18]
AdwCleaner[S08].txt - [2260 octets] - [09/01/2021 19:10:47]
AdwCleaner[S09].txt - [2321 octets] - [09/01/2021 19:13:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C09].txt ##########

Re: Spomalený počítač

Napsal: 09 led 2021 20:05
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {D7B96F7F-E609-4E56-8E9C-5E5C107681E9} - System32\Tasks\{3309225A-269D-400C-8F46-37EC3EC93056} => C:\windows\system32\pcalua.exe -a "C:\Users\Alternativa\Desktop\ROME TOTAL WAR - install\RTW cestina\RomeTotalWar_CZ.exe" -d "C:\Users\Alternativa\Desktop\ROME TOTAL WAR - install\RTW cestina"
C:\WINDOWS\LastGood.Tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [TCP Query User{45AE72A1-E471-4F17-9BA0-5D36E30B4D0C}C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{35248C68-C3DD-478A-86C7-BF341A0B53EA}C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
C:\AdwCleaner\Quarantine\rQF69AzBla\SPPD.sys
C:\FRST\Quarantine\C\Program Files (x86)\aFsq\59843047.exe

EmptyTemp:
End
Uložte do C:\Users\Alternativa\Desktop\viry jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Spomalený počítač

Napsal: 09 led 2021 20:14
od il.mateji
Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by Alternativa (09-01-2021 20:08:04) Run:2
Running from C:\Users\Alternativa\Desktop\viry
Loaded Profiles: Alternativa
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {D7B96F7F-E609-4E56-8E9C-5E5C107681E9} - System32\Tasks\{3309225A-269D-400C-8F46-37EC3EC93056} => C:\windows\system32\pcalua.exe -a "C:\Users\Alternativa\Desktop\ROME TOTAL WAR - install\RTW cestina\RomeTotalWar_CZ.exe" -d "C:\Users\Alternativa\Desktop\ROME TOTAL WAR - install\RTW cestina"
C:\WINDOWS\LastGood.Tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [TCP Query User{45AE72A1-E471-4F17-9BA0-5D36E30B4D0C}C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{35248C68-C3DD-478A-86C7-BF341A0B53EA}C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
C:\AdwCleaner\Quarantine\rQF69AzBla\SPPD.sys
C:\FRST\Quarantine\C\Program Files (x86)\aFsq\59843047.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7B96F7F-E609-4E56-8E9C-5E5C107681E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B96F7F-E609-4E56-8E9C-5E5C107681E9}" => removed successfully
C:\WINDOWS\System32\Tasks\{3309225A-269D-400C-8F46-37EC3EC93056} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3309225A-269D-400C-8F46-37EC3EC93056}" => removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{45AE72A1-E471-4F17-9BA0-5D36E30B4D0C}C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35248C68-C3DD-478A-86C7-BF341A0B53EA}C:\users\alternativa\appdata\local\programs\opera\72.0.3815.400\opera.exe" => removed successfully
"C:\AdwCleaner\Quarantine\rQF69AzBla\SPPD.sys" => not found
"C:\FRST\Quarantine\C\Program Files (x86)\aFsq\59843047.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27488499 B
Java, Flash, Steam htmlcache => 483069433 B
Windows/system/drivers => 1753405 B
Edge => 43520 B
Chrome => 0 B
Firefox => 0 B
Opera => 369148520 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 17014 B
NetworkService => 35180 B
PC => 59457 B
Alternativa => 43970952 B

RecycleBin => 0 B
EmptyTemp: => 893 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:09:25 ====

Re: Spomalený počítač

Napsal: 09 led 2021 20:52
od Rudy
Smazáno. Nastala nějaká změna? :)

Re: Spomalený počítač

Napsal: 09 led 2021 22:38
od il.mateji
Tak po dvoch hodinách testovania, hoc sa na začiatku zdalo, že je to lepšie, po chvíľke som bol tam, kde predtým.
Zmenu nevidím v ničom, žiaľ... :boxed:

Re: Spomalený počítač

Napsal: 10 led 2021 11:12
od Rudy
Zkuste defragmentovat disk.

Re: Spomalený počítač

Napsal: 10 led 2021 12:40
od il.mateji
Žiadna zmena, podľa popisu je na oddielu "D:" 3%, ale ani na opakovaný pokus to proste nižšie nejde. Oddiel "C:" je na 0%.
Všimol som si ale jednu zmenu dnes pri spustení (aj po reštarte), že sa mi neustále spúšťa na GPU NVIDIA dva procesy (keď ich vypnem cez správcu, znovu sa v zápätí spustia), searchapp.exe a textinputhost.exe.

Re: Spomalený počítač

Napsal: 10 led 2021 15:25
od Rudy
Procesy searchapp.exe a textinputhost.exe jsou systémové, takže v pořádku. Co jste instaloval těsně před tím, než se PC zpomalil?

Re: Spomalený počítač

Napsal: 10 led 2021 16:18
od il.mateji
Tak to si presne na ten zlomový deň nespomeniem.
Skúšal som aukrát v nedávnej dobe dve "nové" hry (zo starého data, ktorých minimálne požiadavky splňujem), a jelikož ani jedna nebežala plynulo, zas som ich znovu odinštaloval. Jedna cez steam, druhá cez epic.
Ale okrem aktualizácií, Ccleaneru, Malwarebytes (ani jedno z toho nebeží na pozadí ani po spustení windowsu) si na nič konkrétne nepamätám. A keď som si všimol pokles výkonu, skúšal som ešte znížiť nastavenie hry a cez ovládací panel grafiky i nastavenie pre max výkon.
Až potom (bez zmeny) som sa pokúšal ten spyhunter (ten notbuk len oskenoval ale nevymazal nič bez kúpenia) tak som siahol pre malwarebytes, ten našiel toho menej, ale vymazal. A bez zmeny, tak som zašiel pre radu sem.
:?:

Re: Spomalený počítač

Napsal: 10 led 2021 17:30
od Rudy
Zkuste obnovu systému k datu, kdy korektně fungoval.

Re: Spomalený počítač

Napsal: 10 led 2021 17:53
od il.mateji
Najstarší bod obnovy je 3.1. To už sa plazil pomaly.
Je tam možnosť do továrneho nastavenia alebo začať s čistou inštaláciou windows. Nemám ale kde uložiť nahromadené poklady. A otázkou je, zda to vôbec pomôže.

Re: Spomalený počítač

Napsal: 10 led 2021 18:05
od Rudy
To je opravdu otázka. Můžete použít tovární nastavení se zachováním souborů. Reinstal by pomohl určitě, musel byste ale udělat zálohu na externí disk/flešku. Poslední možnost je oprava pomocí WindowsRepair: https://www.stahuj.cz/utility_a_ostatni ... ws-repair/ . I v tomto případě ale důrazně doporučuji zálohu dat.

Re: Spomalený počítač

Napsal: 10 led 2021 19:08
od il.mateji
Ozvem sa v priebehu týždňa, v túto chvíľu nemám kde zohnať médium na zálohu.
Zatiaľ vďaka. :cry:
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz