Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu - pomalé pc +nalezeno - wannacry doub

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Alda20077
3. Stupeň Varování
Příspěvky: 55
Registrován: 15 srp 2007 09:46

Prosím o kontrolu logu - pomalé pc +nalezeno - wannacry doub

#1 Příspěvek od Alda20077 »

Dobrý den, prosím o kontrolu logu - mám pomalé pc a nalezeno - wannacry doublepulsar.
Děkuji

OS win 7 / ultimate - 64 bit

Logfile of random's system information tool 1.10 (written by random/random)
Run by makac at 2018-01-12 16:44:42
Microsoft Windows 7 Ultimate
System drive C: has 44 GB (44%) free of 100 GB
Total RAM: 8133 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:44:46, on 12.1.2018
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\makac.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={A2DB9E9F ... 2015-09-19 09:58:05&v=4.3.9.605&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Researcher.lnk = C:\Program Files (x86)\Smart Compute\Researcher\Researcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://*.webcompanion.com
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.8 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 7419 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe"
AvastUI.exe /nogui
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1696.0.1228503661\716941138" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{3bf48f63-bc13-46ee-81e5-5a35fb4654ff}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1696 "\\.\pipe\gecko-crash-server-pipe.1696" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1696.6.195772208\1490031027" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{3bf48f63-bc13-46ee-81e5-5a35fb4654ff}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1696 "\\.\pipe\gecko-crash-server-pipe.1696" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1696.12.1186815880\1910984922" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{3bf48f63-bc13-46ee-81e5-5a35fb4654ff}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1696 "\\.\pipe\gecko-crash-server-pipe.1696" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1696.24.1047842740\1739687704" -childID 5 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{3bf48f63-bc13-46ee-81e5-5a35fb4654ff}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1696 "\\.\pipe\gecko-crash-server-pipe.1696" tab

"F:\stažené\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\makac\AppData\Roaming\Mozilla\Firefox\Profiles\7llrqonz.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll


C:\Users\makac\AppData\Roaming\Mozilla\Firefox\Profiles\7llrqonz.default\searchplugins\
avg-secure-search.xml
google-lavasoft.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-01-12 958328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-12 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2017-12-23 2261576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-10-22 7203032]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-03-21 5006536]
"NUSB3MON"=C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [2012-04-11 97280]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-12 246120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-17 4836032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2017-12-23 2187336]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-03-02 56592]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Researcher.lnk - C:\Program Files (x86)\Smart Compute\Researcher\Researcher.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gputweakii.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspview.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\proflwiz.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\raptrstub.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\researcher.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe]
"Debugger="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstaller.exe]
"Debugger="

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-01-12 16:44:42 ----D---- C:\rsit
2018-01-12 16:44:42 ----D---- C:\Program Files\trend micro
2018-01-12 16:25:34 ----D---- C:\ProgramData\SWCUTemp
2018-01-12 13:39:08 ----D---- C:\Windows\system32\MRT
2018-01-12 13:39:02 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-12 13:38:55 ----AC---- C:\Windows\system32\MRT.exe
2018-01-12 13:31:41 ----D---- C:\Windows\Migration
2018-01-12 13:31:02 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2018-01-12 13:31:02 ----A---- C:\Windows\system32\poqexec.exe
2018-01-12 13:30:48 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-01-12 13:30:48 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-01-12 13:30:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-01-12 13:30:48 ----A---- C:\Windows\system32\smss.exe
2018-01-12 13:30:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-01-12 13:30:48 ----A---- C:\Windows\system32\csrsrv.dll
2018-01-12 13:30:47 ----A---- C:\Windows\system32\win32k.sys
2018-01-12 13:30:47 ----A---- C:\Windows\system32\EOSNotify.exe
2018-01-12 13:29:03 ----A---- C:\Windows\system32\wups2.dll
2018-01-12 13:29:03 ----A---- C:\Windows\system32\wucltux.dll
2018-01-12 13:29:03 ----A---- C:\Windows\system32\wuaueng.dll
2018-01-12 13:29:03 ----A---- C:\Windows\system32\wuauclt.exe
2018-01-12 13:29:01 ----A---- C:\Windows\system32\wups.dll
2018-01-12 13:29:01 ----A---- C:\Windows\system32\wudriver.dll
2018-01-12 13:29:01 ----A---- C:\Windows\system32\wuapi.dll
2018-01-12 13:28:58 ----A---- C:\Windows\system32\wuwebv.dll
2018-01-12 13:28:58 ----A---- C:\Windows\system32\wuapp.exe
2018-01-12 10:17:47 ----D---- C:\Users\makac\AppData\Roaming\AVAST Software
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswbuniva.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswbloga.sys
2018-01-12 10:17:31 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-01-12 10:17:30 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-01-12 10:17:30 ----A---- C:\Windows\system32\drivers\aswbidsha.sys
2018-01-12 10:17:30 ----A---- C:\Windows\system32\drivers\aswbidsdrivera.sys
2018-01-12 10:17:25 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-12 10:16:13 ----D---- C:\Program Files\AVAST Software
2018-01-12 09:51:09 ----D---- C:\Program Files\Common Files\Avast Software
2018-01-12 09:50:52 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-01-12 09:50:52 ----A---- C:\Windows\system32\ucrtbase.dll
2018-01-12 09:49:15 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 month======

2018-01-12 16:44:42 ----RD---- C:\Program Files
2018-01-12 16:44:37 ----D---- C:\Windows\Temp
2018-01-12 16:30:10 ----D---- C:\Windows\System32
2018-01-12 16:30:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-01-12 16:30:09 ----D---- C:\Windows\inf
2018-01-12 16:25:34 ----HD---- C:\ProgramData
2018-01-12 16:25:19 ----D---- C:\Windows
2018-01-12 13:47:46 ----D---- C:\Windows\system32\config
2018-01-12 13:47:34 ----D---- C:\Windows\debug
2018-01-12 13:42:04 ----D---- C:\Windows\SysWOW64
2018-01-12 13:42:02 ----D---- C:\Windows\winsxs
2018-01-12 13:41:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-01-12 13:41:06 ----D---- C:\Windows\system32\cs-CZ
2018-01-12 13:41:06 ----D---- C:\Windows\AppPatch
2018-01-12 13:38:52 ----D---- C:\Windows\system32\catroot
2018-01-12 13:38:49 ----D---- C:\Windows\system32\catroot2
2018-01-12 13:38:36 ----D---- C:\Windows\system32\DriverStore
2018-01-12 13:31:40 ----SHD---- C:\Windows\Installer
2018-01-12 13:31:39 ----RSD---- C:\Windows\assembly
2018-01-12 13:31:10 ----SHD---- C:\System Volume Information
2018-01-12 13:11:14 ----D---- C:\Windows\system32\drivers
2018-01-12 10:17:33 ----D---- C:\Windows\system32\Tasks
2018-01-12 10:14:51 ----D---- C:\Windows\system32\NDF
2018-01-12 09:54:57 ----D---- C:\ProgramData\Skype
2018-01-12 09:51:09 ----D---- C:\Program Files\Common Files
2018-01-12 09:47:17 ----D---- C:\ProgramData\F-Secure
2018-01-12 09:45:51 ----D---- C:\Windows\Prefetch
2018-01-09 15:32:59 ----D---- C:\Users\makac\AppData\Roaming\ConverterLite
2018-01-09 14:49:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-01-09 14:49:04 ----D---- C:\Windows\system32\Macromed
2018-01-09 14:49:03 ----D---- C:\Windows\SYSWOW64\Macromed
2018-01-06 17:15:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-06 10:50:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-12-30 14:32:44 ----RD---- C:\Program Files (x86)
2017-12-25 09:09:24 ----D---- C:\ProgramData\AVG Web TuneUp
2017-12-23 19:32:55 ----D---- C:\Windows\Tasks
2017-12-23 19:31:33 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2017-12-18 20:56:53 ----D---- C:\Users\makac\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2013-06-27 82240]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2013-06-27 42304]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-01-12 199448]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-01-12 343768]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-01-12 57696]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-12 84384]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-12 358672]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2017-08-19 381608]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-12 185096]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-01-12 321512]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-12 149344]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-12 110336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-12 1025176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-12 457896]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-12 146648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-12 204456]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2013-05-27 106816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-03-21 26345472]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-03-21 676864]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2013-05-27 227648]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-21 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-08-19 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-08-19 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-22 3692632]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-27 883928]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2015-12-21 47736]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 ardrv;ardrv; \??\C:\ProgramData\F-Secure\sidegrade\ardrv.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-12 46976]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2015-09-11 22200]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2017-06-29 35648]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-11-15 25608]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-03-21 251392]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-03 344064]
R2 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-12 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vToolbarUpdater40.3.8;vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [2017-12-23 1365064]
R2 WtuSystemSupport;WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2017-12-23 981576]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-01-12 7538536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-17 2291392]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2017-06-30 873968]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2015-05-28 48640]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-01-06 194000]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu - pomalé pc +nalezeno - wannacry

#2 Příspěvek od Rudy »

Zase na nás zkoušíte váš cracklý OS? Na vašem místě bych to nedělal, máte 3. warn a může se vám snadno stát, že dostanete ban.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Alda20077
3. Stupeň Varování
Příspěvky: 55
Registrován: 15 srp 2007 09:46

Re: Prosím o kontrolu logu - pomalé pc +nalezeno - wannacry

#3 Příspěvek od Alda20077 »

já nevím co mám za OS , co jsem koupil s pc to mám. Ale i tak Díky za odpověď

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu - pomalé pc +nalezeno - wannacry

#4 Příspěvek od Rudy »

Už jste byl varován před 3 roky kolegou Pavuk29, takže si myslím, že to víte velmi dobře. Nemáte zač.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět