Dobrý den, mám už téměř 2 týden problém s notebookem. Při spuštění mi to hází chybu "winscomrssrv.dll" , v diskuzi jsem našel, jak to řešit, stáhl jsem si FRST, udělal scan, ale netuším co dál.
Prosím o radu, děkuji.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
winscomrssrv.dll problém
Moderátoři: Rudy, Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: winscomrssrv.dll problém
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: winscomrssrv.dll problém
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-15-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
***** [ Chromium (and derivatives) ] *****
Deleted kmabjcmofdemkaaekcmpocognlfonepb
***** [ Chromium URLs ] *****
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1560 octets] - [15/03/2019 16:57:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-15-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
***** [ Chromium (and derivatives) ] *****
Deleted kmabjcmofdemkaaekcmpocognlfonepb
***** [ Chromium URLs ] *****
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1560 octets] - [15/03/2019 16:57:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: winscomrssrv.dll problém
Dobre.
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: winscomrssrv.dll problém
I po restartovaná mi to tu chybu znovu hodilo, " uvedený modul nebyl nalezen"
Při spuštění soubor winscomrssrv.dll došlo k problému.
Při spuštění soubor winscomrssrv.dll došlo k problému.
Re: winscomrssrv.dll problém
To mám hotové, ty mám na ploše, ale nejde mi sem vložit soubor .txt
Re: winscomrssrv.dll problém
Potrebujem nove logy z FRST + ADDITION.
Otvorte textak a vlozte obsahy sem.
Otvorte textak a vlozte obsahy sem.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: winscomrssrv.dll problém
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 8080 MB
Available physical RAM: 3567.5 MB
Total Virtual: 9552 MB
Available Virtual: 4411.89 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:73.91 GB) NTFS
Drive d: (Data) (Fixed) (Total:914.47 GB) (Free:302.39 GB) NTFS
\\?\Volume{45eda6e0-8f24-4079-b570-3049317a875a}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{83fa5610-340b-4238-bb36-a5152dce075d}\ (BIOS_RVY) (Fixed) (Total:17.04 GB) (Free:0.22 GB) NTFS
\\?\Volume{65efa783-3392-4fdf-bcc4-b8f4919a97c6}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BB62D815)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: BB62D833)
Partition: GPT.
==================== End of Addition.txt ============================
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 8080 MB
Available physical RAM: 3567.5 MB
Total Virtual: 9552 MB
Available Virtual: 4411.89 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:73.91 GB) NTFS
Drive d: (Data) (Fixed) (Total:914.47 GB) (Free:302.39 GB) NTFS
\\?\Volume{45eda6e0-8f24-4079-b570-3049317a875a}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{83fa5610-340b-4238-bb36-a5152dce075d}\ (BIOS_RVY) (Fixed) (Total:17.04 GB) (Free:0.22 GB) NTFS
\\?\Volume{65efa783-3392-4fdf-bcc4-b8f4919a97c6}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BB62D815)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: BB62D833)
Partition: GPT.
==================== End of Addition.txt ============================
Re: winscomrssrv.dll problém
LastRegBack: 2018-09-14 20:53
==================== End of FRST.txt ============================
==================== End of FRST.txt ============================
Re: winscomrssrv.dll problém
Dajte sem, prosim, FRST a ADDITION
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: winscomrssrv.dll problém
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.03.2019 01
Ran by dement s.r.o¨ (15-03-2019 17:23:38)
Running from D:\stažené soubory
Windows 10 Home Version 1803 17134.472 (X64) (2018-09-14 20:01:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-762332511-957338753-2835426052-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-762332511-957338753-2835426052-503 - Limited - Disabled)
dement s.r.o¨ (S-1-5-21-762332511-957338753-2835426052-1001 - Administrator - Enabled) => C:\Users\dement s.r.o¨
Guest (S-1-5-21-762332511-957338753-2835426052-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-762332511-957338753-2835426052-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge 4D GmbH)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.2 - Electronic Arts, Inc.)
ApoDispatch Install Configurator (HKLM\...\{025B0729-6623-4BD2-98BD-D2F47AB5B789}) (Version: 2.3.1801 - Nahimic) Hidden
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.34 - Rivet Networks)
AR8171 Drivers (HKLM\...\{DBB92BB8-0C89-488D-B6B4-74C6C03ABD13}) (Version: 1.0.0.34 - Rivet Networks) Hidden
AudioLaunchpad Install Configurator (HKLM\...\{C99DDDD0-191E-4A72-984E-F58DA3DDECA8}) (Version: 2.3.1801 - Nahimic) Hidden
Aurora Blu-ray Media Player (HKLM-x32\...\Aurora Blu-ray Media Player) (Version: 2.18.9.2163 - Aurora Software Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application)
Cities Skylines, âĺđńč˙ 1.7 (HKLM-x32\...\Cities Skylines_is1) (Version: 1.7 - Other s)
Crysis (HKLM-x32\...\Crysis) (Version: - )
Crysis 3 version 1.3.0.0 (HKLM-x32\...\Crysis 3_is1) (Version: 1.3.0.0 - Mr DJ)
Darkest Dungeon The Color of Madness (HKLM-x32\...\Darkest Dungeon The Color of Madness_is1) (Version: - )
Deus Ex Mankind Divided v.1.11.616.0 (HKLM-x32\...\Deus Ex Mankind Divided_is1) (Version: - )
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1707.0501 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1707.0501 - Micro-Star International Co., Ltd.)
ESET Security (HKLM\...\{F1544F11-BFCC-43CC-9D0C-169A7E99369E}) (Version: 12.0.31.0 - ESET, spol. s r.o.)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.2.9 - Hotger)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Grand Theft Auto V_is1) (Version: 1.0.877.1 - )
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.1.0.0 - Reto-Moto)
House Flipper (HKLM-x32\...\House Flipper_is1) (Version: - )
CheckDevices Install Configurator (HKLM\...\{C2A37435-B03E-4C79-AACD-3E659BB0FB0A}) (Version: 2.3.1801 - Nahimic) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.0.1051 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{25779f5d-6b0a-4e11-89e8-441b93c6ce2b}) (Version: 19.10.0 - Intel Corporation)
KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.)
LauncherSetup Install (HKLM\...\{17638D96-803E-44AD-89BE-0CE66259DC5C}) (Version: 2.3.1801 - Nahimic) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-762332511-957338753-2835426052-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.)
Nahimic 2 Audio Driver (HKLM\...\{3EE2914F-C4E2-474C-A6C8-33E18DC2F03A}) (Version: 2.3.1801 - Nahimic) Hidden
Nahimic 2 Audio Driver (HKLM-x32\...\{2f1e21d5-7b9e-48b6-bb37-5297967a2023}) (Version: 2.3.18 - Nahimic)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.16 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.16 - NVIDIA Corporation) Hidden
ProductDaemonSetup Install (HKLM\...\{7ED0B673-1FBD-46EC-B17D-7174821EB8FD}) (Version: 2.3.1801 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{F6A8B742-629A-41FD-A025-B11D5F8E5622}) (Version: 2.3.1801 - Nahimic) Hidden
RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8125 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{F6E94387-38E9-4D98-9FE1-038F575768BA}) (Version: 13.017.06089 - Application)
Shortcut Manager (HKLM-x32\...\{263B2528-9E7A-42DD-B132-490D9BD4CA3B}) (Version: 1.1.1607.1401 - Application) Hidden
Shortcut Manager (HKLM-x32\...\InstallShield_{263B2528-9E7A-42DD-B132-490D9BD4CA3B}) (Version: 1.1.1607.1401 - Application)
Simcity version 10.1.0.0 (HKLM-x32\...\Simcity_is1) (Version: 10.1.0.0 - Mr DJ)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
SonicMapper Install Configurator (HKLM\...\{607FA1B4-A231-44A9-A0AB-FC26A37B1A96}) (Version: 2.3.1801 - Nahimic) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.184 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.1 - TeamSpeak Systems GmbH)
Tixati (HKLM-x32\...\tixati) (Version: - )
TriDef SmartCam (MSI) 2.1.2 (HKLM-x32\...\webcam-msi-pkg) (Version: 2.1.2 - Dynamic Digital Depth Australia Pty Ltd)
UIInstallUpgrade (HKLM\...\{C8F39EBE-55E5-4C3C-91A2-11C5CD532156}) (Version: 2.3.1801 - Nahimic) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-762332511-957338753-2835426052-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04A11EBA-63C0-4DCA-BB6A-8FF04B7A8B95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {0FF06238-51E6-466F-90ED-8C81F24888AC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {16D0801C-975D-4EF4-AE6F-71FD17871D89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {18694421-7C0E-464B-A9C4-DC55791EB1EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {1902C7B7-6D66-44B8-95D9-6F307813582B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1A80CF90-311C-44A0-8C5A-F8A4D239BEC0} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {24954304-1FE0-441B-A701-2597BFBECE43} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary
Task: {3717EDAC-D409-4C9B-897A-662BD44405F5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {39DC567D-B6A5-4776-B08A-E560E57D0BA4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {474AC79F-6305-4B5B-9973-43981C7A93D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5FF85D24-7063-4F0D-872F-C74DAF4CCA42} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {667A67FD-73EF-4E5A-BCEB-40621635B840} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67944D27-1E38-4230-A07B-7CFC18837006} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe (A-Volute -> )
Task: {69E723B2-1D69-40CB-AF17-BE37B2308B75} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B1ECB92-4017-4AEF-A129-85EFC31B24ED} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7303319C-23C2-4FF8-B933-D72E241F0834} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {7A454DC1-B402-4C1A-AB44-A9EDA54F97AC} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe (A-Volute -> )
Task: {7EBD1867-B24A-45E9-809A-5A8026E09441} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {963145FD-8F7C-490F-8B1C-4918DF5CDCB5} - System32\Tasks\MSI_Shortcut Manager => C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe (Micro-Star International CO., LTD. -> Application) [File not signed]
Task: {99BC3D0F-F1A3-48BF-9B84-D687E73017F9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A369D052-AD35-4EC3-AA25-D9CC785D3FE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {BC4EA02C-1A3E-4A1F-B60F-AB8CEA43F122} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2C04D3F-510E-4FEC-B5FD-F1745EE89B16} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAD5E043-BDA0-4DAD-A063-6452D77DBFD4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-762332511-957338753-2835426052-1001 => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
Task: {CCDF3DCC-293D-4C65-868C-592FE2E11768} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7541630-01B5-436A-8F2F-D0021A9E891A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D943A4D3-AA94-48A4-B65A-881DD2B6C6F9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DA986A83-9B9E-4C1E-B751-37B49FF8547B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBBB2A61-0999-44B9-A9B5-C78083CDBBE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {DCEACD36-A57E-4A86-B7B2-EB74759DB237} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe (A-Volute -> Nahimic)
Task: {E9C6D774-423A-42D5-94FB-E64B9D8339D3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F01A3239-455D-4257-9082-3B421A250DE7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FD42D829-D22F-4D68-8C03-164E76F6FE6C} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {FDE66DAA-D812-4ACD-85E0-7DE5C1684512} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-06-08 17:37 - 2017-06-08 17:37 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () [File not signed] C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll
2017-06-08 17:37 - 2017-06-08 17:37 - 000301848 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
2017-07-05 17:58 - 2017-07-05 17:58 - 005089048 _____ (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
2015-06-12 03:35 - 2015-06-12 03:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2016-07-14 21:44 - 2016-07-14 21:44 - 000916248 _____ (Micro-Star International CO., LTD. -> Application) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe
2013-05-24 17:22 - 2013-05-24 17:22 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\WinIo64.dll
2017-06-08 17:37 - 2017-06-08 17:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-762332511-957338753-2835426052-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dement s.r.o¨\Desktop\xxsračkylals\xxxtentacion-wallpapers-8.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A381F6C2-52D3-4381-B754-D0A204F0309F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D65B753-26EF-43C5-B67A-0C6F7736E24B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{5024B994-F46A-4FD5-9AAC-07E410515EE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{117FA97D-0218-4242-B89C-C9786D08B89A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A40797B-932F-4B9F-AAB2-5E18300A0B3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{D98C552C-3F8C-4F73-8F36-34D6B2945AE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A608EA9D-2B6E-4858-B21C-9A905840A704}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4BD2F48F-72C0-4FA0-9602-D0395C880C7D}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{64CF5B71-475B-4576-90ED-4CCC41B801B3}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{16E8B306-AAFB-4D74-9E93-0927E402B57E}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{BDE0D52E-44FD-4D44-B85E-592EAA939F02}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{E2EE9008-E654-42EB-BE18-CE4594B3B20A}] => (Allow) D:\stažené soubory\crysis3\Mr DJ\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{3A4E1B97-4EA0-40A1-8F79-C1CEA2AC09A5}] => (Allow) D:\stažené soubory\crysis3\Mr DJ\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{FE0179C7-3CCC-4D0E-A680-9F60DC3DE567}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [{AB913FC9-A696-421E-A6DB-8DD9998D6447}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [{0B5E0D3A-5B17-45B6-BC35-6E3EE90641CF}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{040876BB-81F7-4A39-A6C0-68F00520FD4C}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{5918234F-2DF4-462D-858F-9B9272E089FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FFFF02DE-AC06-4A5F-B825-0C675804DEA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2D018C9-DF39-45D8-822A-543A5C01AA2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{34F7FA10-E531-4127-B1CC-146C4A1F62C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{10D08DB6-7E5C-43FD-9F0B-2F53EB6657F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F528FF48-709D-4FC6-BDAF-BB4E5D77EB1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2F88D0DE-1663-4069-BC1B-369C6B023A62}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6F1CA3AA-C06A-4A20-B55B-9F2CBD0DD6E8}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [{5629C4E5-2D07-4503-9F25-2B6E501A7F62}] => (Allow) D:\hry\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B1CA28BC-FF66-4411-BBDB-19485C69159F}] => (Allow) D:\hry\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4AEC61C3-7FF8-4754-AF71-71E1D4933B29}] => (Allow) D:\hry\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{DCE9B889-E722-4EEF-B062-9B165A16A218}] => (Allow) D:\hry\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{08AACA28-0E92-4C73-ADAC-E50B84CED206}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/25/2019 06:46:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0x18d4
Čas spuštění chybující aplikace: 0x01d4cd31f8a68e64
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: 0385239b-8d2c-42ee-a99a-7f402f27d075
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/17/2019 02:53:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0xb28
Čas spuštění chybující aplikace: 0x01d4c6c81b5e2b0a
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: 8424952a-afdd-4684-a023-bb0b81512dec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/17/2019 11:00:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x5f4
Čas spuštění chybující aplikace: 0x01d4c6a61f1f61c8
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: e1491632-dbe2-4552-bd92-8f7ae253308c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/17/2019 09:12:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0x19e8
Čas spuštění chybující aplikace: 0x01d4c698867ecdcb
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: a4bde5c8-447f-44ad-8041-f54aba6afe76
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/16/2019 08:26:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x12a0
Čas spuštění chybující aplikace: 0x01d4c62147f69663
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 938f4408-fe37-4741-9251-203330cfa050
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2019 11:08:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DragonCenter_Updater.exe, verze: 1.0.1706.2701, časové razítko: 0x5951b164
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.441, časové razítko: 0x428de48c
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2ca4
Čas spuštění chybující aplikace: 0x01d4c2baf06922fb
Cesta k chybující aplikaci: C:\ProgramData\MSI\Dragon Center\DragonCenter_Updater.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 599aff5c-914a-4f0c-b971-2e4b5e2be2a2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2019 11:08:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DragonCenter_Updater.exe, verze: 1.0.1706.2701, časové razítko: 0x5951b164
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.441, časové razítko: 0x428de48c
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2ca4
Čas spuštění chybující aplikace: 0x01d4c2baf06922fb
Cesta k chybující aplikaci: C:\ProgramData\MSI\Dragon Center\DragonCenter_Updater.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c566033c-b716-47e4-8d0f-1ad51f59a371
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/10/2019 10:20:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0x8e0
Čas spuštění chybující aplikace: 0x01d4c121d694b8a8
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: 55a412ab-6065-4fc7-a51c-fee67b3bf1f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/15/2019 04:59:27 PM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli MSI\dement s.r.o¨ (SID: S-1-5-21-762332511-957338753-2835426052-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/15/2019 04:58:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/15/2019 04:58:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/15/2019 04:58:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/15/2019 04:58:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/15/2019 04:58:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/15/2019 04:58:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (03/15/2019 04:58:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-01-06 15:14:49.741
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-06 15:14:49.736
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-01-06 09:49:53.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-06 09:49:53.004
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-01-05 16:17:14.080
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-05 16:17:14.078
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-01-02 02:10:44.599
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-02 02:10:44.596
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 8080 MB
Available physical RAM: 3797.17 MB
Total Virtual: 9552 MB
Available Virtual: 4436.42 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:73.91 GB) NTFS
Drive d: (Data) (Fixed) (Total:914.47 GB) (Free:302.39 GB) NTFS
\\?\Volume{45eda6e0-8f24-4079-b570-3049317a875a}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{83fa5610-340b-4238-bb36-a5152dce075d}\ (BIOS_RVY) (Fixed) (Total:17.04 GB) (Free:0.22 GB) NTFS
\\?\Volume{65efa783-3392-4fdf-bcc4-b8f4919a97c6}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BB62D815)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: BB62D833)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by dement s.r.o¨ (15-03-2019 17:23:38)
Running from D:\stažené soubory
Windows 10 Home Version 1803 17134.472 (X64) (2018-09-14 20:01:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-762332511-957338753-2835426052-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-762332511-957338753-2835426052-503 - Limited - Disabled)
dement s.r.o¨ (S-1-5-21-762332511-957338753-2835426052-1001 - Administrator - Enabled) => C:\Users\dement s.r.o¨
Guest (S-1-5-21-762332511-957338753-2835426052-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-762332511-957338753-2835426052-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge 4D GmbH)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.2 - Electronic Arts, Inc.)
ApoDispatch Install Configurator (HKLM\...\{025B0729-6623-4BD2-98BD-D2F47AB5B789}) (Version: 2.3.1801 - Nahimic) Hidden
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.34 - Rivet Networks)
AR8171 Drivers (HKLM\...\{DBB92BB8-0C89-488D-B6B4-74C6C03ABD13}) (Version: 1.0.0.34 - Rivet Networks) Hidden
AudioLaunchpad Install Configurator (HKLM\...\{C99DDDD0-191E-4A72-984E-F58DA3DDECA8}) (Version: 2.3.1801 - Nahimic) Hidden
Aurora Blu-ray Media Player (HKLM-x32\...\Aurora Blu-ray Media Player) (Version: 2.18.9.2163 - Aurora Software Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application)
Cities Skylines, âĺđńč˙ 1.7 (HKLM-x32\...\Cities Skylines_is1) (Version: 1.7 - Other s)
Crysis (HKLM-x32\...\Crysis) (Version: - )
Crysis 3 version 1.3.0.0 (HKLM-x32\...\Crysis 3_is1) (Version: 1.3.0.0 - Mr DJ)
Darkest Dungeon The Color of Madness (HKLM-x32\...\Darkest Dungeon The Color of Madness_is1) (Version: - )
Deus Ex Mankind Divided v.1.11.616.0 (HKLM-x32\...\Deus Ex Mankind Divided_is1) (Version: - )
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1707.0501 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1707.0501 - Micro-Star International Co., Ltd.)
ESET Security (HKLM\...\{F1544F11-BFCC-43CC-9D0C-169A7E99369E}) (Version: 12.0.31.0 - ESET, spol. s r.o.)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.2.9 - Hotger)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Grand Theft Auto V_is1) (Version: 1.0.877.1 - )
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.1.0.0 - Reto-Moto)
House Flipper (HKLM-x32\...\House Flipper_is1) (Version: - )
CheckDevices Install Configurator (HKLM\...\{C2A37435-B03E-4C79-AACD-3E659BB0FB0A}) (Version: 2.3.1801 - Nahimic) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.0.1051 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{25779f5d-6b0a-4e11-89e8-441b93c6ce2b}) (Version: 19.10.0 - Intel Corporation)
KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.)
LauncherSetup Install (HKLM\...\{17638D96-803E-44AD-89BE-0CE66259DC5C}) (Version: 2.3.1801 - Nahimic) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-762332511-957338753-2835426052-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.)
Nahimic 2 Audio Driver (HKLM\...\{3EE2914F-C4E2-474C-A6C8-33E18DC2F03A}) (Version: 2.3.1801 - Nahimic) Hidden
Nahimic 2 Audio Driver (HKLM-x32\...\{2f1e21d5-7b9e-48b6-bb37-5297967a2023}) (Version: 2.3.18 - Nahimic)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.16 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.16 - NVIDIA Corporation) Hidden
ProductDaemonSetup Install (HKLM\...\{7ED0B673-1FBD-46EC-B17D-7174821EB8FD}) (Version: 2.3.1801 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{F6A8B742-629A-41FD-A025-B11D5F8E5622}) (Version: 2.3.1801 - Nahimic) Hidden
RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8125 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{F6E94387-38E9-4D98-9FE1-038F575768BA}) (Version: 13.017.06089 - Application)
Shortcut Manager (HKLM-x32\...\{263B2528-9E7A-42DD-B132-490D9BD4CA3B}) (Version: 1.1.1607.1401 - Application) Hidden
Shortcut Manager (HKLM-x32\...\InstallShield_{263B2528-9E7A-42DD-B132-490D9BD4CA3B}) (Version: 1.1.1607.1401 - Application)
Simcity version 10.1.0.0 (HKLM-x32\...\Simcity_is1) (Version: 10.1.0.0 - Mr DJ)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
SonicMapper Install Configurator (HKLM\...\{607FA1B4-A231-44A9-A0AB-FC26A37B1A96}) (Version: 2.3.1801 - Nahimic) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.184 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.1 - TeamSpeak Systems GmbH)
Tixati (HKLM-x32\...\tixati) (Version: - )
TriDef SmartCam (MSI) 2.1.2 (HKLM-x32\...\webcam-msi-pkg) (Version: 2.1.2 - Dynamic Digital Depth Australia Pty Ltd)
UIInstallUpgrade (HKLM\...\{C8F39EBE-55E5-4C3C-91A2-11C5CD532156}) (Version: 2.3.1801 - Nahimic) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-762332511-957338753-2835426052-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04A11EBA-63C0-4DCA-BB6A-8FF04B7A8B95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {0FF06238-51E6-466F-90ED-8C81F24888AC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {16D0801C-975D-4EF4-AE6F-71FD17871D89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {18694421-7C0E-464B-A9C4-DC55791EB1EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {1902C7B7-6D66-44B8-95D9-6F307813582B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1A80CF90-311C-44A0-8C5A-F8A4D239BEC0} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {24954304-1FE0-441B-A701-2597BFBECE43} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary
Task: {3717EDAC-D409-4C9B-897A-662BD44405F5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {39DC567D-B6A5-4776-B08A-E560E57D0BA4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {474AC79F-6305-4B5B-9973-43981C7A93D4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5FF85D24-7063-4F0D-872F-C74DAF4CCA42} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {667A67FD-73EF-4E5A-BCEB-40621635B840} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67944D27-1E38-4230-A07B-7CFC18837006} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe (A-Volute -> )
Task: {69E723B2-1D69-40CB-AF17-BE37B2308B75} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B1ECB92-4017-4AEF-A129-85EFC31B24ED} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7303319C-23C2-4FF8-B933-D72E241F0834} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {7A454DC1-B402-4C1A-AB44-A9EDA54F97AC} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe (A-Volute -> )
Task: {7EBD1867-B24A-45E9-809A-5A8026E09441} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {963145FD-8F7C-490F-8B1C-4918DF5CDCB5} - System32\Tasks\MSI_Shortcut Manager => C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe (Micro-Star International CO., LTD. -> Application) [File not signed]
Task: {99BC3D0F-F1A3-48BF-9B84-D687E73017F9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A369D052-AD35-4EC3-AA25-D9CC785D3FE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {BC4EA02C-1A3E-4A1F-B60F-AB8CEA43F122} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C2C04D3F-510E-4FEC-B5FD-F1745EE89B16} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAD5E043-BDA0-4DAD-A063-6452D77DBFD4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-762332511-957338753-2835426052-1001 => C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
Task: {CCDF3DCC-293D-4C65-868C-592FE2E11768} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7541630-01B5-436A-8F2F-D0021A9E891A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D943A4D3-AA94-48A4-B65A-881DD2B6C6F9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DA986A83-9B9E-4C1E-B751-37B49FF8547B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBBB2A61-0999-44B9-A9B5-C78083CDBBE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe
Task: {DCEACD36-A57E-4A86-B7B2-EB74759DB237} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe (A-Volute -> Nahimic)
Task: {E9C6D774-423A-42D5-94FB-E64B9D8339D3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F01A3239-455D-4257-9082-3B421A250DE7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FD42D829-D22F-4D68-8C03-164E76F6FE6C} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed]
Task: {FDE66DAA-D812-4ACD-85E0-7DE5C1684512} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-06-08 17:37 - 2017-06-08 17:37 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () [File not signed] C:\Users\dement s.r.o¨\AppData\Local\MEGAsync\ShellExtX64.dll
2017-06-08 17:37 - 2017-06-08 17:37 - 000301848 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
2017-07-05 17:58 - 2017-07-05 17:58 - 005089048 _____ (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
2015-06-12 03:35 - 2015-06-12 03:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2016-07-14 21:44 - 2016-07-14 21:44 - 000916248 _____ (Micro-Star International CO., LTD. -> Application) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe
2013-05-24 17:22 - 2013-05-24 17:22 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\WinIo64.dll
2017-06-08 17:37 - 2017-06-08 17:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-12-17 16:38 - 2018-12-17 16:38 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-762332511-957338753-2835426052-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dement s.r.o¨\Desktop\xxsračkylals\xxxtentacion-wallpapers-8.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A381F6C2-52D3-4381-B754-D0A204F0309F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D65B753-26EF-43C5-B67A-0C6F7736E24B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{5024B994-F46A-4FD5-9AAC-07E410515EE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{117FA97D-0218-4242-B89C-C9786D08B89A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A40797B-932F-4B9F-AAB2-5E18300A0B3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{D98C552C-3F8C-4F73-8F36-34D6B2945AE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A608EA9D-2B6E-4858-B21C-9A905840A704}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4BD2F48F-72C0-4FA0-9602-D0395C880C7D}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{64CF5B71-475B-4576-90ED-4CCC41B801B3}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{16E8B306-AAFB-4D74-9E93-0927E402B57E}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{BDE0D52E-44FD-4D44-B85E-592EAA939F02}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{E2EE9008-E654-42EB-BE18-CE4594B3B20A}] => (Allow) D:\stažené soubory\crysis3\Mr DJ\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{3A4E1B97-4EA0-40A1-8F79-C1CEA2AC09A5}] => (Allow) D:\stažené soubory\crysis3\Mr DJ\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH) [File not signed]
FirewallRules: [{FE0179C7-3CCC-4D0E-A680-9F60DC3DE567}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [{AB913FC9-A696-421E-A6DB-8DD9998D6447}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [{0B5E0D3A-5B17-45B6-BC35-6E3EE90641CF}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{040876BB-81F7-4A39-A6C0-68F00520FD4C}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{5918234F-2DF4-462D-858F-9B9272E089FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FFFF02DE-AC06-4A5F-B825-0C675804DEA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2D018C9-DF39-45D8-822A-543A5C01AA2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{34F7FA10-E531-4127-B1CC-146C4A1F62C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{10D08DB6-7E5C-43FD-9F0B-2F53EB6657F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F528FF48-709D-4FC6-BDAF-BB4E5D77EB1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2F88D0DE-1663-4069-BC1B-369C6B023A62}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6F1CA3AA-C06A-4A20-B55B-9F2CBD0DD6E8}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [{5629C4E5-2D07-4503-9F25-2B6E501A7F62}] => (Allow) D:\hry\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B1CA28BC-FF66-4411-BBDB-19485C69159F}] => (Allow) D:\hry\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4AEC61C3-7FF8-4754-AF71-71E1D4933B29}] => (Allow) D:\hry\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{DCE9B889-E722-4EEF-B062-9B165A16A218}] => (Allow) D:\hry\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{08AACA28-0E92-4C73-ADAC-E50B84CED206}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/25/2019 06:46:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0x18d4
Čas spuštění chybující aplikace: 0x01d4cd31f8a68e64
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: 0385239b-8d2c-42ee-a99a-7f402f27d075
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/17/2019 02:53:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0xb28
Čas spuštění chybující aplikace: 0x01d4c6c81b5e2b0a
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: 8424952a-afdd-4684-a023-bb0b81512dec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/17/2019 11:00:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x5f4
Čas spuštění chybující aplikace: 0x01d4c6a61f1f61c8
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: e1491632-dbe2-4552-bd92-8f7ae253308c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/17/2019 09:12:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0x19e8
Čas spuštění chybující aplikace: 0x01d4c698867ecdcb
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: a4bde5c8-447f-44ad-8041-f54aba6afe76
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/16/2019 08:26:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x12a0
Čas spuštění chybující aplikace: 0x01d4c62147f69663
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 938f4408-fe37-4741-9251-203330cfa050
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2019 11:08:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DragonCenter_Updater.exe, verze: 1.0.1706.2701, časové razítko: 0x5951b164
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.441, časové razítko: 0x428de48c
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2ca4
Čas spuštění chybující aplikace: 0x01d4c2baf06922fb
Cesta k chybující aplikaci: C:\ProgramData\MSI\Dragon Center\DragonCenter_Updater.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 599aff5c-914a-4f0c-b971-2e4b5e2be2a2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/12/2019 11:08:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DragonCenter_Updater.exe, verze: 1.0.1706.2701, časové razítko: 0x5951b164
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.441, časové razítko: 0x428de48c
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2ca4
Čas spuštění chybující aplikace: 0x01d4c2baf06922fb
Cesta k chybující aplikaci: C:\ProgramData\MSI\Dragon Center\DragonCenter_Updater.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c566033c-b716-47e4-8d0f-1ad51f59a371
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/10/2019 10:20:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.17134.471, časové razítko: 0x7ba55a2a
Název chybujícího modulu: NAHIMICV3apo.dll, verze: 6.3.9600.17246, časové razítko: 0x587def09
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000033636a
ID chybujícího procesu: 0x8e0
Čas spuštění chybující aplikace: 0x01d4c121d694b8a8
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\NAHIMICV3apo.dll
ID zprávy: 55a412ab-6065-4fc7-a51c-fee67b3bf1f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/15/2019 04:59:27 PM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli MSI\dement s.r.o¨ (SID: S-1-5-21-762332511-957338753-2835426052-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/15/2019 04:58:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/15/2019 04:58:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/15/2019 04:58:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/15/2019 04:58:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/15/2019 04:58:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll
Error: (03/15/2019 04:58:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (03/15/2019 04:58:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-01-06 15:14:49.741
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-06 15:14:49.736
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-01-06 09:49:53.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-06 09:49:53.004
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-01-05 16:17:14.080
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-05 16:17:14.078
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2019-01-02 02:10:44.599
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2019-01-02 02:10:44.596
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 8080 MB
Available physical RAM: 3797.17 MB
Total Virtual: 9552 MB
Available Virtual: 4436.42 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:117.94 GB) (Free:73.91 GB) NTFS
Drive d: (Data) (Fixed) (Total:914.47 GB) (Free:302.39 GB) NTFS
\\?\Volume{45eda6e0-8f24-4079-b570-3049317a875a}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{83fa5610-340b-4238-bb36-a5152dce075d}\ (BIOS_RVY) (Fixed) (Total:17.04 GB) (Free:0.22 GB) NTFS
\\?\Volume{65efa783-3392-4fdf-bcc4-b8f4919a97c6}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BB62D815)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: BB62D833)
Partition: GPT.
==================== End of Addition.txt ============================
Re: winscomrssrv.dll problém
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by dement s.r.o¨ (administrator) on MSI (15-03-2019 17:22:55)
Running from D:\stažené soubory
Loaded Profiles: dement s.r.o¨ (Available Profiles: dement s.r.o¨)
Platform: Windows 10 Home Version 1803 17134.472 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Dynamic Digital Depth Australia Pty Ltd -> DDD Group Plc.) C:\Program Files (x86)\TriDef\SmartCam\TriDefSmartCamService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dement s.r.o¨\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Micro-Star International CO., LTD. -> Application) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => %ProgramFiles%\Windows Defender\MSASCuiL.exe
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-03-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [709816 2017-04-19] (A-Volute -> Nahimic)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301848 2017-06-08] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-07-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-03-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2df5554d-b771-488d-9c09-303fdbdd5db1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7ff39c06-0eab-4cb6-8bfb-991ee416d608}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-762332511-957338753-2835426052-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-762332511-957338753-2835426052-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.youtube.com/?gl=CZ&hl=cs"
CHR Profile: C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default [2019-03-15]
CHR Extension: (Prezentace) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-12]
CHR Extension: (Dokumenty) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-12]
CHR Extension: (Disk Google) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-12]
CHR Extension: (YouTube) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-12]
CHR Extension: (Tabulky) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-12]
CHR Extension: (Heroes & Generals) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2018-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (AdBlock) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-12]
CHR Extension: (Gmail) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-14]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-14] (ESET, spol. s r.o. -> ESET)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2397816 2017-04-05] (Intel Corporation - pGFX -> Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-03-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183568 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-06-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2017-06-08] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [270424 2017-07-10] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TriDefSmartCamService; c:\program files (x86)\tridef\smartcam\tridefsmartcamservice64.exe [11076576 2017-03-11] (Dynamic Digital Depth Australia Pty Ltd -> DDD Group Plc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S3 HnGService; D:\hry\HG\Heroes & Generals\live\hngservice.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WdNisSvc; "%ProgramFiles%\Windows Defender\NisSrv.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-03-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107744 2019-03-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-03-14] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50280 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82472 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-03-14] (ESET, spol. s r.o. -> ESET)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-03-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [179472 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [161096 2016-09-19] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_c0371d6f71af28d4\nvlddmkm.sys [16936528 2018-01-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-07-10] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-07-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [64088 2017-07-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TriDefSmartCam; C:\WINDOWS\system32\DRIVERS\TriDefSmartCam.sys [48304 2017-02-20] (Dynamic Digital Depth Australia Pty Ltd -> DDD Group Plc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-15 16:56 - 2019-03-15 16:58 - 000000000 ____D C:\AdwCleaner
2019-03-15 16:56 - 2019-03-15 16:56 - 007316688 _____ (Malwarebytes) C:\Users\dement s.r.o¨\Desktop\adwcleaner_7.2.7.0.exe
2019-03-15 16:32 - 2019-03-15 17:22 - 000000000 ____D C:\FRST
2019-03-15 04:00 - 2019-03-15 04:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-07 18:01 - 2019-03-15 04:00 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-03 15:11 - 2019-03-03 15:11 - 000000196 _____ C:\Users\dement s.r.o¨\Desktop\http---goo.gl-S1qiev.url
2019-02-15 17:49 - 2019-02-15 17:50 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Roaming\EasyAntiCheat
2019-02-15 17:49 - 2019-02-15 17:49 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-02-15 17:47 - 2019-02-15 17:50 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-02-15 17:47 - 2019-02-15 17:47 - 000000639 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2019-02-15 17:47 - 2019-02-15 17:47 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-02-15 17:47 - 2019-02-15 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-15 17:20 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-15 17:05 - 2018-09-14 21:34 - 000759064 _____ C:\WINDOWS\system32\perfh019.dat
2019-03-15 17:05 - 2018-09-14 21:34 - 000150924 _____ C:\WINDOWS\system32\perfc019.dat
2019-03-15 17:05 - 2018-09-14 21:08 - 000773230 _____ C:\WINDOWS\system32\perfh015.dat
2019-03-15 17:05 - 2018-09-14 21:08 - 000151568 _____ C:\WINDOWS\system32\perfc015.dat
2019-03-15 17:05 - 2018-09-14 21:03 - 003525944 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-15 17:05 - 2018-04-12 16:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-15 17:05 - 2018-04-12 16:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-15 17:05 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-15 17:00 - 2017-07-11 01:16 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-15 16:58 - 2018-09-14 21:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-15 16:58 - 2018-09-12 15:49 - 000000000 __SHD C:\Users\dement s.r.o¨\IntelGraphicsProfiles
2019-03-15 16:58 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-03-15 08:48 - 2018-09-14 20:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-15 03:59 - 2017-05-18 23:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-14 17:51 - 2018-11-29 10:54 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-03-14 17:51 - 2018-11-29 10:54 - 000107744 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000082472 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000050280 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2019-03-10 05:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-07 16:31 - 2018-09-14 21:01 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-762332511-957338753-2835426052-1001
2019-03-07 16:31 - 2018-09-14 20:57 - 000002418 _____ C:\Users\dement s.r.o¨\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-07 16:31 - 2018-09-12 15:51 - 000000000 ___RD C:\Users\dement s.r.o¨\OneDrive
2019-03-06 17:07 - 2018-09-12 15:59 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-28 21:18 - 2018-09-13 18:22 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Roaming\TS3Client
2019-02-25 18:46 - 2019-01-01 15:17 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-02-18 22:22 - 2018-12-09 14:38 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Roaming\Origin
2019-02-18 22:22 - 2018-12-09 14:35 - 000000000 ____D C:\ProgramData\Origin
2019-02-18 13:22 - 2018-12-17 16:39 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-17 14:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-17 11:00 - 2018-10-06 17:32 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Local\CrashDumps
2019-02-15 17:49 - 2018-12-09 14:38 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Local\Origin
2019-02-15 17:37 - 2018-12-17 16:38 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-15 17:37 - 2017-07-11 01:13 - 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2018-12-18 20:02 - 2018-05-13 15:53 - 000000395 _____ () C:\Users\dement\UserAccountControlSettingsDevice.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-14 20:53
==================== End of FRST.txt ============================
Ran by dement s.r.o¨ (administrator) on MSI (15-03-2019 17:22:55)
Running from D:\stažené soubory
Loaded Profiles: dement s.r.o¨ (Available Profiles: dement s.r.o¨)
Platform: Windows 10 Home Version 1803 17134.472 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Dynamic Digital Depth Australia Pty Ltd -> DDD Group Plc.) C:\Program Files (x86)\TriDef\SmartCam\TriDefSmartCamService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\dement s.r.o¨\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Micro-Star International CO., LTD. -> Application) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => %ProgramFiles%\Windows Defender\MSASCuiL.exe
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-03-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [709816 2017-04-19] (A-Volute -> Nahimic)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301848 2017-06-08] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-07-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-03-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2df5554d-b771-488d-9c09-303fdbdd5db1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7ff39c06-0eab-4cb6-8bfb-991ee416d608}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-762332511-957338753-2835426052-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-762332511-957338753-2835426052-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.youtube.com/?gl=CZ&hl=cs"
CHR Profile: C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default [2019-03-15]
CHR Extension: (Prezentace) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-12]
CHR Extension: (Dokumenty) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-12]
CHR Extension: (Disk Google) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-12]
CHR Extension: (YouTube) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-12]
CHR Extension: (Tabulky) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-12]
CHR Extension: (Heroes & Generals) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2018-09-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (AdBlock) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-12]
CHR Extension: (Gmail) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\dement s.r.o¨\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-14]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-14] (ESET, spol. s r.o. -> ESET)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2397816 2017-04-05] (Intel Corporation - pGFX -> Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-03-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183568 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-06-06] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2017-06-08] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-01-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [270424 2017-07-10] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TriDefSmartCamService; c:\program files (x86)\tridef\smartcam\tridefsmartcamservice64.exe [11076576 2017-03-11] (Dynamic Digital Depth Australia Pty Ltd -> DDD Group Plc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S3 HnGService; D:\hry\HG\Heroes & Generals\live\hngservice.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WdNisSvc; "%ProgramFiles%\Windows Defender\NisSrv.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-03-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107744 2019-03-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-03-14] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50280 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82472 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-03-14] (ESET, spol. s r.o. -> ESET)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-03-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [179472 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [161096 2016-09-19] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_c0371d6f71af28d4\nvlddmkm.sys [16936528 2018-01-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-07-10] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-07-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [64088 2017-07-10] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TriDefSmartCam; C:\WINDOWS\system32\DRIVERS\TriDefSmartCam.sys [48304 2017-02-20] (Dynamic Digital Depth Australia Pty Ltd -> DDD Group Plc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-12] (Micro-Star Int'l Co. Ltd. -> )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-15 16:56 - 2019-03-15 16:58 - 000000000 ____D C:\AdwCleaner
2019-03-15 16:56 - 2019-03-15 16:56 - 007316688 _____ (Malwarebytes) C:\Users\dement s.r.o¨\Desktop\adwcleaner_7.2.7.0.exe
2019-03-15 16:32 - 2019-03-15 17:22 - 000000000 ____D C:\FRST
2019-03-15 04:00 - 2019-03-15 04:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-03-07 18:01 - 2019-03-15 04:00 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-07 18:01 - 2019-03-15 04:00 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-03 15:11 - 2019-03-03 15:11 - 000000196 _____ C:\Users\dement s.r.o¨\Desktop\http---goo.gl-S1qiev.url
2019-02-15 17:49 - 2019-02-15 17:50 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Roaming\EasyAntiCheat
2019-02-15 17:49 - 2019-02-15 17:49 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-02-15 17:47 - 2019-02-15 17:50 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-02-15 17:47 - 2019-02-15 17:47 - 000000639 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2019-02-15 17:47 - 2019-02-15 17:47 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-02-15 17:47 - 2019-02-15 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-15 17:20 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-15 17:05 - 2018-09-14 21:34 - 000759064 _____ C:\WINDOWS\system32\perfh019.dat
2019-03-15 17:05 - 2018-09-14 21:34 - 000150924 _____ C:\WINDOWS\system32\perfc019.dat
2019-03-15 17:05 - 2018-09-14 21:08 - 000773230 _____ C:\WINDOWS\system32\perfh015.dat
2019-03-15 17:05 - 2018-09-14 21:08 - 000151568 _____ C:\WINDOWS\system32\perfc015.dat
2019-03-15 17:05 - 2018-09-14 21:03 - 003525944 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-15 17:05 - 2018-04-12 16:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-15 17:05 - 2018-04-12 16:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-15 17:05 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-15 17:00 - 2017-07-11 01:16 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-15 16:58 - 2018-09-14 21:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-15 16:58 - 2018-09-12 15:49 - 000000000 __SHD C:\Users\dement s.r.o¨\IntelGraphicsProfiles
2019-03-15 16:58 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-03-15 08:48 - 2018-09-14 20:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-15 03:59 - 2017-05-18 23:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-14 17:51 - 2018-11-29 10:54 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-03-14 17:51 - 2018-11-29 10:54 - 000107744 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000082472 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-03-14 17:51 - 2018-10-17 15:37 - 000050280 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2019-03-10 05:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-07 16:31 - 2018-09-14 21:01 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-762332511-957338753-2835426052-1001
2019-03-07 16:31 - 2018-09-14 20:57 - 000002418 _____ C:\Users\dement s.r.o¨\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-07 16:31 - 2018-09-12 15:51 - 000000000 ___RD C:\Users\dement s.r.o¨\OneDrive
2019-03-06 17:07 - 2018-09-12 15:59 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-28 21:18 - 2018-09-13 18:22 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Roaming\TS3Client
2019-02-25 18:46 - 2019-01-01 15:17 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-02-18 22:22 - 2018-12-09 14:38 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Roaming\Origin
2019-02-18 22:22 - 2018-12-09 14:35 - 000000000 ____D C:\ProgramData\Origin
2019-02-18 13:22 - 2018-12-17 16:39 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-02-17 14:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-17 11:00 - 2018-10-06 17:32 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Local\CrashDumps
2019-02-15 17:49 - 2018-12-09 14:38 - 000000000 ____D C:\Users\dement s.r.o¨\AppData\Local\Origin
2019-02-15 17:37 - 2018-12-17 16:38 - 000000000 ____D C:\Program Files (x86)\Origin
2019-02-15 17:37 - 2017-07-11 01:13 - 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2018-12-18 20:02 - 2018-05-13 15:53 - 000000395 _____ () C:\Users\dement\UserAccountControlSettingsDevice.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-14 20:53
==================== End of FRST.txt ============================
Re: winscomrssrv.dll problém
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
CloseProcesses:
Powershell: Enable-ComputerRestore -Drive "C:\"
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S3 HnGService; D:\hry\HG\Heroes & Generals\live\hngservice.exe [X]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {16D0801C-975D-4EF4-AE6F-71FD17871D89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {24954304-1FE0-441B-A701-2597BFBECE43} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary
Task: {5FF85D24-7063-4F0D-872F-C74DAF4CCA42} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {FDE66DAA-D812-4ACD-85E0-7DE5C1684512} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
FirewallRules: [{16E8B306-AAFB-4D74-9E93-0927E402B57E}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{BDE0D52E-44FD-4D44-B85E-592EAA939F02}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{FE0179C7-3CCC-4D0E-A680-9F60DC3DE567}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [{AB913FC9-A696-421E-A6DB-8DD9998D6447}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [TCP Query User{2F88D0DE-1663-4069-BC1B-369C6B023A62}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6F1CA3AA-C06A-4A20-B55B-9F2CBD0DD6E8}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
S3 WdNisSvc; "%ProgramFiles%\Windows Defender\NisSrv.exe" [X]
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: winscomrssrv.dll problém
Fix result of Farbar Recovery Scan Tool (x64) Version: 13.03.2019 01
Ran by dement s.r.o¨ (15-03-2019 18:11:18) Run:1
Running from D:\stažené soubory
Loaded Profiles: dement s.r.o¨ (Available Profiles: dement s.r.o¨)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CloseProcesses:
Powershell: Enable-ComputerRestore -Drive "C:\"
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S3 HnGService; D:\hry\HG\Heroes & Generals\live\hngservice.exe [X]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {16D0801C-975D-4EF4-AE6F-71FD17871D89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {24954304-1FE0-441B-A701-2597BFBECE43} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary
Task: {5FF85D24-7063-4F0D-872F-C74DAF4CCA42} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {FDE66DAA-D812-4ACD-85E0-7DE5C1684512} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
FirewallRules: [{16E8B306-AAFB-4D74-9E93-0927E402B57E}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{BDE0D52E-44FD-4D44-B85E-592EAA939F02}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{FE0179C7-3CCC-4D0E-A680-9F60DC3DE567}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [{AB913FC9-A696-421E-A6DB-8DD9998D6447}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [TCP Query User{2F88D0DE-1663-4069-BC1B-369C6B023A62}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6F1CA3AA-C06A-4A20-B55B-9F2CBD0DD6E8}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
S3 WdNisSvc; "%ProgramFiles%\Windows Defender\NisSrv.exe" [X]
*****************
Processes closed successfully.
Processes closed successfully.
========= Enable-ComputerRestore -Drive "C:\" =========
========= End of Powershell: =========
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\System\CurrentControlSet\Services\HnGService => removed successfully
HnGService => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16D0801C-975D-4EF4-AE6F-71FD17871D89}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16D0801C-975D-4EF4-AE6F-71FD17871D89}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24954304-1FE0-441B-A701-2597BFBECE43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24954304-1FE0-441B-A701-2597BFBECE43}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FF85D24-7063-4F0D-872F-C74DAF4CCA42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FF85D24-7063-4F0D-872F-C74DAF4CCA42}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDE66DAA-D812-4ACD-85E0-7DE5C1684512}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDE66DAA-D812-4ACD-85E0-7DE5C1684512}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16E8B306-AAFB-4D74-9E93-0927E402B57E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BDE0D52E-44FD-4D44-B85E-592EAA939F02}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE0179C7-3CCC-4D0E-A680-9F60DC3DE567}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB913FC9-A696-421E-A6DB-8DD9998D6447}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F88D0DE-1663-4069-BC1B-369C6B023A62}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6F1CA3AA-C06A-4A20-B55B-9F2CBD0DD6E8}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe" => removed successfully
HKLM\System\CurrentControlSet\Services\WdNisSvc => removed successfully
WdNisSvc => service removed successfully
The system needed a reboot.
==== End of Fixlog 18:11:36 ====
Ran by dement s.r.o¨ (15-03-2019 18:11:18) Run:1
Running from D:\stažené soubory
Loaded Profiles: dement s.r.o¨ (Available Profiles: dement s.r.o¨)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CloseProcesses:
Powershell: Enable-ComputerRestore -Drive "C:\"
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S3 HnGService; D:\hry\HG\Heroes & Generals\live\hngservice.exe [X]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {16D0801C-975D-4EF4-AE6F-71FD17871D89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {24954304-1FE0-441B-A701-2597BFBECE43} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary
Task: {5FF85D24-7063-4F0D-872F-C74DAF4CCA42} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {FDE66DAA-D812-4ACD-85E0-7DE5C1684512} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
FirewallRules: [{16E8B306-AAFB-4D74-9E93-0927E402B57E}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{BDE0D52E-44FD-4D44-B85E-592EAA939F02}] => (Allow) D:\hry\HG\Heroes & Generals\live\hng.exe No File
FirewallRules: [{FE0179C7-3CCC-4D0E-A680-9F60DC3DE567}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [{AB913FC9-A696-421E-A6DB-8DD9998D6447}] => (Allow) D:\hry\Mr DJ\Simcity\SimCity\SimCity.exe No File
FirewallRules: [TCP Query User{2F88D0DE-1663-4069-BC1B-369C6B023A62}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{6F1CA3AA-C06A-4A20-B55B-9F2CBD0DD6E8}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
S3 WdNisSvc; "%ProgramFiles%\Windows Defender\NisSrv.exe" [X]
*****************
Processes closed successfully.
Processes closed successfully.
========= Enable-ComputerRestore -Drive "C:\" =========
========= End of Powershell: =========
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\System\CurrentControlSet\Services\HnGService => removed successfully
HnGService => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16D0801C-975D-4EF4-AE6F-71FD17871D89}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16D0801C-975D-4EF4-AE6F-71FD17871D89}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24954304-1FE0-441B-A701-2597BFBECE43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24954304-1FE0-441B-A701-2597BFBECE43}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FF85D24-7063-4F0D-872F-C74DAF4CCA42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FF85D24-7063-4F0D-872F-C74DAF4CCA42}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDE66DAA-D812-4ACD-85E0-7DE5C1684512}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDE66DAA-D812-4ACD-85E0-7DE5C1684512}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16E8B306-AAFB-4D74-9E93-0927E402B57E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BDE0D52E-44FD-4D44-B85E-592EAA939F02}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE0179C7-3CCC-4D0E-A680-9F60DC3DE567}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB913FC9-A696-421E-A6DB-8DD9998D6447}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F88D0DE-1663-4069-BC1B-369C6B023A62}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6F1CA3AA-C06A-4A20-B55B-9F2CBD0DD6E8}D:\hry\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe" => removed successfully
HKLM\System\CurrentControlSet\Services\WdNisSvc => removed successfully
WdNisSvc => service removed successfully
The system needed a reboot.
==== End of Fixlog 18:11:36 ====
Re: winscomrssrv.dll problém
Super, Ako je na tom pocitac?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Přispějete na provoz fóra?