Prosím o kontrolu logu

Tondys · Příspěvekod **Tondys** » 25 úno 2016 11:35

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Tonda (2016-02-25 11:33:38)
Running from C:\Users\Tonda\Desktop
Windows 8.1 Single Language (X64) (2015-07-29 23:07:33)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1060879729-762033656-2367951757-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1060879729-762033656-2367951757-503 - Limited - Disabled)
Guest (S-1-5-21-1060879729-762033656-2367951757-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1060879729-762033656-2367951757-1006 - Limited - Enabled)
Tonda (S-1-5-21-1060879729-762033656-2367951757-1001 - Administrator - Enabled) => C:\Users\Tonda

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.54.1095 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.54.1095 - Rivet Networks)
Manažer napájení (HKLM-x32\...\{F5663E7F-79CA-4022-8B39-D855A4E0BF58}) (Version: 1.1.0 - David Čapek)
Media Preview (HKLM\...\{A122AD66-B765-4B61-8B2B-EFEDE5BB9779}) (Version: 1.2.5.264 - BabelSoft)
MediaPortal (HKLM-x32\...\MediaPortal) (Version: 1.12.0 - Team MediaPortal)
MediaPortal TV Server / Client (HKLM-x32\...\MediaPortal TV Server) (Version: 1.12.0 - Team MediaPortal)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
RAPID Mode (Version: 1.0.1.91 - Samsung Electronics Co., Ltd.) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12487C86-56D5-461C-B774-94DFF5D2F245} - \COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} -> No File <==== ATTENTION
Task: {27FC304C-042C-4C13-BD67-11813B2F8106} - \COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} -> No File <==== ATTENTION
Task: {2A776280-EC24-47C0-8DB3-BE0B1F1EAE06} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {38D7391E-8442-4557-BD56-CE610DB8AE08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24] (Google Inc.)
Task: {4D1B5DCE-1A8B-447B-9108-A95CBEF20F78} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-10-16] (Samsung Electronics.)
Task: {67D8BC90-8D3C-4310-8744-264220A9424C} - \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} -> No File <==== ATTENTION
Task: {88AC1C1A-773B-4D60-8C05-23C4C3A3A5E8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-22] (Microsoft Corporation)
Task: {902C6D6B-5A68-4FBC-B6E2-198B42047F41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {95873D0C-E319-4F3B-8F9C-B308394DBDDD} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-12-04] (Advanced Micro Devices, Inc.)
Task: {9C8D4E75-501A-46D0-91D5-6FD5A4DAAF08} - \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} -> No File <==== ATTENTION
Task: {A14A803E-E828-4E6B-897F-B516CA0F9ED7} - \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} -> No File <==== ATTENTION
Task: {C2DA6C5B-2531-4317-8236-6CC4278FFFCB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for TONDA-Tonda Tonda => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {E1651E60-A11C-4DD2-AE07-DDCF2B3DC3E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-30 07:16 - 2015-07-15 03:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-08-19 11:20 - 2015-08-11 10:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2013-02-01 14:09 - 2013-02-01 14:09 - 12907520 _____ () C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
2015-10-01 09:42 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-10-01 09:42 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-10-01 09:42 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-12-09 00:50 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 00:50 - 2015-11-25 05:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-12-09 00:50 - 2015-11-25 05:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-01 09:42 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 00:50 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 00:50 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 09:42 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-22 19:16 - 2015-06-22 19:16 - 00131584 _____ () C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\StreamingServer.dll
2016-02-24 11:43 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-24 11:43 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2015-10-30 12:02 - 2015-10-16 00:46 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\Drivers\avgntflt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\avipbb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\avkmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\avnetflt.sys:$CmdTcID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2016-02-17 18:33 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1060879729-762033656-2367951757-1001\Control Panel\Desktop\\Wallpaper -> E:\Stažené soubory\forest_2-wallpaper-1920x1080.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "Raptr"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{6259F23A-787A-4D15-ABBB-9145B3D18B7A}C:\users\tonda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tonda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{53A6A0A7-2FF2-44B5-92C6-87ADAE273134}C:\users\tonda\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tonda\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{AD792A3E-8849-4997-8543-16129758FD49}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5B11A20B-0CF7-45A6-A903-3ADFD43E0E64}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B49E0F70-5044-47FB-AE0E-7581CC66D815}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{16C66F90-01CA-412D-8F9E-CB07B7ACA2B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B3D8A075-0A07-4DFD-8EF8-7C62919DE468}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TvService.exe
FirewallRules: [{E01B45F5-6A37-46E1-BD0B-090DDF7DB811}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TvService.exe
FirewallRules: [{96572DA0-6DA5-4610-90AA-87A538E8750F}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\SetupTv.exe
FirewallRules: [{54A756D8-9BF9-4CC6-A3DF-C6173BA7C656}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\SetupTv.exe
FirewallRules: [{63842A75-8F64-4D94-BEF5-67427BEBE974}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal\MediaPortal.exe
FirewallRules: [{4663B54D-7531-4D5A-B4B5-6C5BD917588C}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal\MediaPortal.exe
FirewallRules: [{06D0F54B-54FD-42BC-89C0-F07C57022353}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{7DA39AA9-A68B-4716-BB82-E1FB96D982C4}C:\program files (x86)\team mediaportal\mediaportal\configuration.exe] => (Allow) C:\program files (x86)\team mediaportal\mediaportal\configuration.exe
FirewallRules: [UDP Query User{399531C9-4303-4433-A141-205156917D1B}C:\program files (x86)\team mediaportal\mediaportal\configuration.exe] => (Allow) C:\program files (x86)\team mediaportal\mediaportal\configuration.exe
FirewallRules: [{DC4F0C72-8D50-478F-B6A4-70EAC6CE3530}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{54A65FAC-3AA5-45FA-B8F7-7CF089561752}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{19E2F760-6890-44CA-8AFA-46F261D4FDE3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{1AF0CAA3-9B30-4BEB-BA84-255E3B1486F7}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9856EAB7-F5F2-44A0-AB37-95C58CD2A1BD}] => (Allow) LPort=1688
FirewallRules: [{36F5250E-02D2-4BD6-A8C8-63D528DF8ED7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

20-02-2016 16:04:20 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2016 11:06:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/24/2016 11:06:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/24/2016 02:29:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/24/2016 02:29:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/22/2016 01:48:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/22/2016 01:48:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/21/2016 03:12:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/20/2016 11:48:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/20/2016 11:48:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TONDA)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/20/2016 04:04:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

System errors:
=============

Error: (02/25/2016 11:22:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/25/2016 11:22:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/25/2016 11:22:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/25/2016 11:22:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/25/2016 11:22:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/25/2016 11:22:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/25/2016 11:22:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TVService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/25/2016 11:22:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MySQL byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/25/2016 11:22:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Samsung RAPID Mode Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

CodeIntegrity:
===================================
Date: 2016-02-18 17:34:26.207
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-18 16:49:46.221
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-18 16:42:07.889
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-18 16:28:28.086
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-18 16:18:41.023
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 13:20:51.828
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-09 20:27:33.390
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 8140.24 MB
Available physical RAM: 4847.67 MB
Total Virtual: 8540.24 MB
Available Virtual: 4645.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.24 GB) (Free:59.65 GB) NTFS
Drive e: () (Fixed) (Total:931.41 GB) (Free:384.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: AEAE9EC2)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A16F3141)

Partition: GPT.

==================== End of Addition.txt ============================

Reklama

Příspěvekod **Orcus** » 25 úno 2016 15:16

Poklepej na ikonu OTL na ploše. Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL


 :Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Users\*.tmp
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
 
 
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt  /c
ipconfig /release /c
ipconfig /renew /c
netsh winsock reset all /c
netsh int ip reset all /c

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[EMPTYJAVA]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

+

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1060879729-762033656-2367951757-1001\Software\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusť FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah

Tondys · Příspěvekod **Tondys** » 25 úno 2016 19:43

Fix result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by Tonda (2016-02-25 19:41:51) Run:3
Running from C:\Users\Tonda\Desktop
Loaded Profiles: Tonda (Available Profiles: Tonda)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1060879729-762033656-2367951757-1001\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1060879729-762033656-2367951757-1001\Software\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully

The system needed a reboot.

==== End of Fixlog 19:41:58 ====

Tondys · Příspěvekod **Tondys** » 25 úno 2016 19:44

All processes killed
========== OTL ==========
========== REGISTRY ==========
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Tonda
->Temp folder emptied: 40465 bytes
->Temporary Internet Files folder emptied: 95625 bytes
->Google Chrome cache emptied: 130122496 bytes
->Flash cache emptied: 1089 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 52 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 21569981191 bytes

Total Files Cleaned = 20 695,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Tonda
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Tonda

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 02252016_193913

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
C:\Users\Tonda\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
File move failed. C:\Users\Tonda\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Příspěvekod **jerabina** » 25 úno 2016 21:33

Co problémy?

Tondys · Příspěvekod **Tondys** » 25 úno 2016 22:17

Stále stejné.

Tondys · Příspěvekod **Tondys** » 25 úno 2016 22:19

Přemýšlím jestli ještě nezopakovat postup po kterém nám to na den fungovalo. Třeba to "zamrznutí" a vrácení problémů byla jen nešťastná náhoda. Zákon schválnosti... Nebo si všimnu nějaké zákonitosti.

Příspěvekod **jaro3** » 26 úno 2016 09:17

Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Počítač
Místní disk C

Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku

Tondys · Příspěvekod **Tondys** » 26 úno 2016 12:25

Aktualizovaná verze software je již zcela jiná (stáhl jsem ji ze stránek Kaspersky lab.), nenalezl jsem možnost uložit "report". Nicméně program vymazal soubor C:\Windows\SECOH-QAD.dll

Příspěvekod **jerabina** » 26 úno 2016 21:43

Hmm .. tento soubor se teď začal nějak vyskytovat více.

Co problémy?

Tondys · Příspěvekod **Tondys** » 26 úno 2016 22:57

Nic nového, stále to samé...

Příspěvekod **jaro3** » 27 úno 2016 09:23

Tohle si vyzkoušel?
https://www.google.com/chrome/cleanup-tool/

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online