Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Winscomrssrv.dll module not found

To, co se nehodí jinam..

Moderátor: Moderátoři

Zamčeno
Zpráva
Autor
19jozef99
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 20 dub 2019 10:16

Winscomrssrv.dll module not found

#1 Příspěvek od 19jozef99 »

zdravím nedávno sa mi stala taká vec že som si z avastu robil čistenie a našlo mi tento dll subor ako hrozbu uzavrel som ho do truhly a od tej doby mi vypisuje pri starte pocitaca tabulku winscomrssrv.dll module not found. vedeli by ste mi s tým nejako pomoct ?? v pc som dost neznaly tak ked tak opatrne na mna :) môj frst subor posielam sem
Přílohy
LogsFRST.rar
(23.52 KiB) Staženo 108 x

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Winscomrssrv.dll module not found

#2 Příspěvek od Diallix »

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

19jozef99
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 20 dub 2019 10:16

Re: Winscomrssrv.dll module not found

#3 Příspěvek od 19jozef99 »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-23.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-24-2019
# Duration: 00:00:01
# OS: Windows 8
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\Users\jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3697 octets] - [20/04/2019 10:28:04]
AdwCleaner[C00].txt - [3403 octets] - [20/04/2019 10:28:26]
AdwCleaner[S01].txt - [1459 octets] - [24/04/2019 14:37:26]
AdwCleaner[C01].txt - [1625 octets] - [24/04/2019 14:45:25]
AdwCleaner[S02].txt - [1581 octets] - [24/04/2019 14:49:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Winscomrssrv.dll module not found

#4 Příspěvek od Diallix »

Dobre :)

Poprosim o nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

19jozef99
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 20 dub 2019 10:16

Re: Winscomrssrv.dll module not found

#5 Příspěvek od 19jozef99 »

posielam sem :)
Přílohy
FRST.rar
(23.87 KiB) Staženo 95 x

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Winscomrssrv.dll module not found

#6 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:
C:\ProgramData\KMSAutoS\KMSAuto Net.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee.com
C:\ProgramData\KMSAutoS

HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Run: [Akamai NetSession Interface] => C:\Users\jozef\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink -> CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\MountPoints2: {35c4364b-c48c-11e6-be7c-f82fa8ff902c} - "F:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\MountPoints2: {c73ae8e4-c3c6-11e6-be7c-f82fa8ff902c} - "H:\Lenovo_Suite.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
Task: {043C0DC1-8AAF-416F-A3B5-81BCF74C19C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-12-18] (Google Inc -> Google Inc.)
Task: {BD676ABE-2DD4-4251-BFB2-6A4FBF89B2A7} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {0E0E97B7-E2D8-454E-BE12-671E4C717E72} - System32\Tasks\Update\TslGame => cmd /c type "C:\Users\jozef\AppData\Local\Temp\TslGame.txt" | cmd <==== ATTENTION
Task: {E1F5ED36-4D49-42B5-B77D-621F8009D06C} - System32\Tasks\{B5089EC1-F0FE-4E43-8BF0-BC310C98A037} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\jozef\Desktop\Return-to-Castle-Wolfenstein_www.FreeGamesDL.net\Game\Setup.exe -d C:\Users\jozef\Desktop\Return-to-Castle-Wolfenstein_www.FreeGamesDL.net\Game
Task: {D1EFA1D3-0049-4EB9-9D9F-21CD11768C2B} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272 2015-08-09] (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed]
SearchScopes: HKU\S-1-5-21-3866944073-2003073622-1910257541-1001 -> DefaultScope {E0E0AE5A-7BCB-497D-B907-ADDA630F575F} URL = 
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard64.sys [X]
2019-04-24 23:01 - 2016-12-18 23:30 - 000003368 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-24 23:01 - 2016-12-18 23:30 - 000003240 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-22 13:16 - 2018-12-23 19:55 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-04-24 23:01 - 2018-12-23 19:55 - 000003730 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
FirewallRules: [{EFFB3471-BEB6-42C4-A53A-44FEB708E115}] => (Allow) C:\Users\jozef\AppData\Local\Programs\Opera\58.0.3135.90\opera.exe No File
FirewallRules: [{A9660959-88A4-4B4B-AD1C-625CE6A7788B}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.2913\gxxsvc.exe No File
FirewallRules: [{86392971-DF70-4A71-A3E6-8E2292354F91}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1805.1715\gxxsvc.exe No File
FirewallRules: [TCP Query User{BF609087-BD4A-4085-AF0E-E549CBF3D728}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [UDP Query User{C8B237F3-01FB-4771-A25E-70EB32B98E4A}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [TCP Query User{FFAE0BC3-6AB3-4B42-8E00-4B6C84266537}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [UDP Query User{11B28F3D-98C5-4CD4-BBFA-C6D61BE63271}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [TCP Query User{CD6E504C-A576-4717-8B6F-2C1258DC8BA4}C:\program files (x86)\eid klient\eid_klient.exe] => (Allow) C:\program files (x86)\eid klient\eid_klient.exe No File
FirewallRules: [UDP Query User{9D03D97E-EFA0-4216-B8C2-F384161B8186}C:\program files (x86)\eid klient\eid_klient.exe] => (Allow) C:\program files (x86)\eid klient\eid_klient.exe No File
FirewallRules: [TCP Query User{94A0E7ED-449F-48B3-B05A-D6A1ED963E94}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe No File
FirewallRules: [UDP Query User{B6EBDA1B-A136-4A5E-8CD3-1BC9689829A4}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe No File
FirewallRules: [TCP Query User{B4D9882F-6590-4DF4-B795-C5FBD1B99C2F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{3B09D634-1469-457B-BE19-E4AA039860BC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{DC76E784-5191-495B-958D-B9929B5FCB59}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [UDP Query User{87CDD94D-BF74-4408-80CB-C2EFD8C27091}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [TCP Query User{991893FF-F851-4C89-BA58-C33C421C0DEF}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [UDP Query User{FB77FD1B-63E1-4404-B56F-BEF28FFE7603}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [TCP Query User{5ABA205A-C674-428E-8163-BE147F9B7AB3}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe No File
FirewallRules: [UDP Query User{6D73CE5E-1D4D-4836-83AF-BE1F4EFA41D4}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe No File
FirewallRules: [TCP Query User{77B4A297-37D1-4650-BB72-AAA6F0F1E560}C:\users\jozef\downloads\bulanci.exe] => (Allow) C:\users\jozef\downloads\bulanci.exe No File
FirewallRules: [UDP Query User{0DD77223-746B-4DC4-A2CC-26342A5C221D}C:\users\jozef\downloads\bulanci.exe] => (Allow) C:\users\jozef\downloads\bulanci.exe No File
FirewallRules: [TCP Query User{C77A79FE-C2B1-4800-90E1-DEC5CEBBBCC7}C:\users\jozef\desktop\nový priečinok\samp-server.exe] => (Allow) C:\users\jozef\desktop\nový priečinok\samp-server.exe No File
FirewallRules: [UDP Query User{91EF84EE-EC8F-4846-8182-340B55517D60}C:\users\jozef\desktop\nový priečinok\samp-server.exe] => (Allow) C:\users\jozef\desktop\nový priečinok\samp-server.exe No File

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

19jozef99
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 20 dub 2019 10:16

Re: Winscomrssrv.dll module not found

#7 Příspěvek od 19jozef99 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.04.2019
Ran by jozef (28-04-2019 12:27:48) Run:1
Running from C:\Users\jozef\Desktop\frstss
Loaded Profiles: jozef (Available Profiles: jozef)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\ProgramData\KMSAutoS\KMSAuto Net.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee.com
C:\ProgramData\KMSAutoS

HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Run: [Akamai NetSession Interface] => C:\Users\jozef\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink -> CyberLink Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\MountPoints2: {35c4364b-c48c-11e6-be7c-f82fa8ff902c} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\MountPoints2: {c73ae8e4-c3c6-11e6-be7c-f82fa8ff902c} - "H:\Lenovo_Suite.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
Task: {043C0DC1-8AAF-416F-A3B5-81BCF74C19C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-12-18] (Google Inc -> Google Inc.)
Task: {BD676ABE-2DD4-4251-BFB2-6A4FBF89B2A7} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {0E0E97B7-E2D8-454E-BE12-671E4C717E72} - System32\Tasks\Update\TslGame => cmd /c type "C:\Users\jozef\AppData\Local\Temp\TslGame.txt" | cmd <==== ATTENTION
Task: {E1F5ED36-4D49-42B5-B77D-621F8009D06C} - System32\Tasks\{B5089EC1-F0FE-4E43-8BF0-BC310C98A037} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\jozef\Desktop\Return-to-Castle-Wolfenstein_www.FreeGamesDL.net\Game\Setup.exe -d C:\Users\jozef\Desktop\Return-to-Castle-Wolfenstein_www.FreeGamesDL.net\Game
Task: {D1EFA1D3-0049-4EB9-9D9F-21CD11768C2B} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6977272 2015-08-09] (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed]
SearchScopes: HKU\S-1-5-21-3866944073-2003073622-1910257541-1001 -> DefaultScope {E0E0AE5A-7BCB-497D-B907-ADDA630F575F} URL =
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard64.sys [X]
2019-04-24 23:01 - 2016-12-18 23:30 - 000003368 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-24 23:01 - 2016-12-18 23:30 - 000003240 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-22 13:16 - 2018-12-23 19:55 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-04-24 23:01 - 2018-12-23 19:55 - 000003730 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
FirewallRules: [{EFFB3471-BEB6-42C4-A53A-44FEB708E115}] => (Allow) C:\Users\jozef\AppData\Local\Programs\Opera\58.0.3135.90\opera.exe No File
FirewallRules: [{A9660959-88A4-4B4B-AD1C-625CE6A7788B}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.2913\gxxsvc.exe No File
FirewallRules: [{86392971-DF70-4A71-A3E6-8E2292354F91}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1805.1715\gxxsvc.exe No File
FirewallRules: [TCP Query User{BF609087-BD4A-4085-AF0E-E549CBF3D728}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [UDP Query User{C8B237F3-01FB-4771-A25E-70EB32B98E4A}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [TCP Query User{FFAE0BC3-6AB3-4B42-8E00-4B6C84266537}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [UDP Query User{11B28F3D-98C5-4CD4-BBFA-C6D61BE63271}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe No File
FirewallRules: [TCP Query User{CD6E504C-A576-4717-8B6F-2C1258DC8BA4}C:\program files (x86)\eid klient\eid_klient.exe] => (Allow) C:\program files (x86)\eid klient\eid_klient.exe No File
FirewallRules: [UDP Query User{9D03D97E-EFA0-4216-B8C2-F384161B8186}C:\program files (x86)\eid klient\eid_klient.exe] => (Allow) C:\program files (x86)\eid klient\eid_klient.exe No File
FirewallRules: [TCP Query User{94A0E7ED-449F-48B3-B05A-D6A1ED963E94}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe No File
FirewallRules: [UDP Query User{B6EBDA1B-A136-4A5E-8CD3-1BC9689829A4}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) C:\program files (x86)\return to castle wolfenstein\wolfmp.exe No File
FirewallRules: [TCP Query User{B4D9882F-6590-4DF4-B795-C5FBD1B99C2F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{3B09D634-1469-457B-BE19-E4AA039860BC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{DC76E784-5191-495B-958D-B9929B5FCB59}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [UDP Query User{87CDD94D-BF74-4408-80CB-C2EFD8C27091}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [TCP Query User{991893FF-F851-4C89-BA58-C33C421C0DEF}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [UDP Query User{FB77FD1B-63E1-4404-B56F-BEF28FFE7603}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe No File
FirewallRules: [TCP Query User{5ABA205A-C674-428E-8163-BE147F9B7AB3}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe No File
FirewallRules: [UDP Query User{6D73CE5E-1D4D-4836-83AF-BE1F4EFA41D4}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe No File
FirewallRules: [TCP Query User{77B4A297-37D1-4650-BB72-AAA6F0F1E560}C:\users\jozef\downloads\bulanci.exe] => (Allow) C:\users\jozef\downloads\bulanci.exe No File
FirewallRules: [UDP Query User{0DD77223-746B-4DC4-A2CC-26342A5C221D}C:\users\jozef\downloads\bulanci.exe] => (Allow) C:\users\jozef\downloads\bulanci.exe No File
FirewallRules: [TCP Query User{C77A79FE-C2B1-4800-90E1-DEC5CEBBBCC7}C:\users\jozef\desktop\nov� prie�inok\samp-server.exe] => (Allow) C:\users\jozef\desktop\nov� prie�inok\samp-server.exe No File
FirewallRules: [UDP Query User{91EF84EE-EC8F-4846-8182-340B55517D60}C:\users\jozef\desktop\nov� prie�inok\samp-server.exe] => (Allow) C:\users\jozef\desktop\nov� prie�inok\samp-server.exe No File

EmptyTemp:
Hosts:
*****************

Processes closed successfully.
Restore point was successfully created.
C:\ProgramData\KMSAutoS\KMSAuto Net.exe => moved successfully
"C:\Program Files\McAfee.com\Agent\mcagent.exe" => not found
"C:\Program Files\McAfee.com" => not found
C:\ProgramData\KMSAutoS => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe" => removed successfully
"HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35c4364b-c48c-11e6-be7c-f82fa8ff902c} => removed successfully
HKLM\Software\Classes\CLSID\{35c4364b-c48c-11e6-be7c-f82fa8ff902c} => not found
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c73ae8e4-c3c6-11e6-be7c-f82fa8ff902c} => removed successfully
HKLM\Software\Classes\CLSID\{c73ae8e4-c3c6-11e6-be7c-f82fa8ff902c} => not found
HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{043C0DC1-8AAF-416F-A3B5-81BCF74C19C7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{043C0DC1-8AAF-416F-A3B5-81BCF74C19C7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BD676ABE-2DD4-4251-BFB2-6A4FBF89B2A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD676ABE-2DD4-4251-BFB2-6A4FBF89B2A7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E0E97B7-E2D8-454E-BE12-671E4C717E72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E0E97B7-E2D8-454E-BE12-671E4C717E72}" => removed successfully
C:\WINDOWS\System32\Tasks\Update\TslGame => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update\TslGame" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1F5ED36-4D49-42B5-B77D-621F8009D06C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1F5ED36-4D49-42B5-B77D-621F8009D06C}" => removed successfully
C:\WINDOWS\System32\Tasks\{B5089EC1-F0FE-4E43-8BF0-BC310C98A037} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B5089EC1-F0FE-4E43-8BF0-BC310C98A037}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1EFA1D3-0049-4EB9-9D9F-21CD11768C2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1EFA1D3-0049-4EB9-9D9F-21CD11768C2B}" => removed successfully
C:\WINDOWS\System32\Tasks\KMSAutoNet => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet" => removed successfully
"HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\ProgramData\KMSAutoS" => not found
"C:\WINDOWS\System32\Tasks\KMSAutoNet" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp => removed successfully
HKLM\Software\Classes\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending => removed successfully
HKLM\Software\Classes\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot => removed successfully
HKLM\Software\Classes\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared => removed successfully
HKLM\Software\Classes\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SugarSync => removed successfully
HKLM\Software\Classes\CLSID\{305BC11B-5175-492B-B569-866547FCDA40} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SugarSync => not found
HKLM\Software\Classes\CLSID\{305BC11B-5175-492B-B569-866547FCDA40} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SugarSync => removed successfully
HKLM\Software\Classes\CLSID\{305BC11B-5175-492B-B569-866547FCDA40} => not found
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => removed successfully
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Classes\AutoCADScriptFile => removed successfully
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Classes\.scr => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFFB3471-BEB6-42C4-A53A-44FEB708E115}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9660959-88A4-4B4B-AD1C-625CE6A7788B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86392971-DF70-4A71-A3E6-8E2292354F91}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BF609087-BD4A-4085-AF0E-E549CBF3D728}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C8B237F3-01FB-4771-A25E-70EB32B98E4A}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FFAE0BC3-6AB3-4B42-8E00-4B6C84266537}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{11B28F3D-98C5-4CD4-BBFA-C6D61BE63271}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD6E504C-A576-4717-8B6F-2C1258DC8BA4}C:\program files (x86)\eid klient\eid_klient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9D03D97E-EFA0-4216-B8C2-F384161B8186}C:\program files (x86)\eid klient\eid_klient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{94A0E7ED-449F-48B3-B05A-D6A1ED963E94}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B6EBDA1B-A136-4A5E-8CD3-1BC9689829A4}C:\program files (x86)\return to castle wolfenstein\wolfmp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B4D9882F-6590-4DF4-B795-C5FBD1B99C2F}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B09D634-1469-457B-BE19-E4AA039860BC}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC76E784-5191-495B-958D-B9929B5FCB59}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{87CDD94D-BF74-4408-80CB-C2EFD8C27091}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{991893FF-F851-4C89-BA58-C33C421C0DEF}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB77FD1B-63E1-4404-B56F-BEF28FFE7603}C:\users\jozef\appdata\roaming\utorrent\updates\3.5.0_43804.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5ABA205A-C674-428E-8163-BE147F9B7AB3}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6D73CE5E-1D4D-4836-83AF-BE1F4EFA41D4}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{77B4A297-37D1-4650-BB72-AAA6F0F1E560}C:\users\jozef\downloads\bulanci.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0DD77223-746B-4DC4-A2CC-26342A5C221D}C:\users\jozef\downloads\bulanci.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C77A79FE-C2B1-4800-90E1-DEC5CEBBBCC7}C:\users\jozef\desktop\nov� prie�inok\samp-server.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{91EF84EE-EC8F-4846-8182-340B55517D60}C:\users\jozef\desktop\nov� prie�inok\samp-server.exe" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 68099252 B
Java, Flash, Steam htmlcache => 30948307 B
Windows/system/drivers => 122059250 B
Edge => 0 B
Chrome => 526415447 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 1130590 B
NetworkService => 936816 B
jozef => 4718927665 B

RecycleBin => 242710 B
EmptyTemp: => 5.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:29:38 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Winscomrssrv.dll module not found

#8 Příspěvek od Diallix »

Super, ako je na tom pocitac? :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

19jozef99
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 20 dub 2019 10:16

Re: Winscomrssrv.dll module not found

#9 Příspěvek od 19jozef99 »

neviem či som si to nevšimol alebo to už nevyskakuje ale asi už problem zmizol takže dakujem :) :) :all_coholic:

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Winscomrssrv.dll module not found

#10 Příspěvek od Diallix »

V pripade problemov znovu napiste :]]

Toto vlakno lockujem :closed:
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno