﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by vlcaci (2016-02-13 20:33:30)
Running from C:\Users\vlcaci\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-10-28 16:09:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2337894898-3612372095-3724559166-500 - Administrator - Disabled)
Guest (S-1-5-21-2337894898-3612372095-3724559166-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2337894898-3612372095-3724559166-1003 - Limited - Enabled)
vlcaci (S-1-5-21-2337894898-3612372095-3724559166-1000 - Administrator - Enabled) => C:\Users\vlcaci

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version:  - )
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)
Energy Management (x32 Version: 7.0.3.4 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{CDF9E1C8-4B97-4F8B-A848-7DD0E8BEB89F}) (Version: 47.0.2526.18 - Google Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6431.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4400 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.315.1 - Vimicro)
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{36CE10BD-A076-4DE3-A8A7-2F61E3FB2E6A}) (Version: 6.20.55.14 - Lenovo)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 cs)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 24.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 cs)) (Version: 24.0 - Mozilla)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.15.1 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Viber (HKU\S-1-5-21-2337894898-3612372095-3724559166-1000\...\{7de2db6a-6f4b-4b45-82b9-57d5d7f1c952}) (Version: 5.4.0.1664 - Viber Media Inc.)
Viber (x32 Version: 5.4.0.1664 - Viber Media Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4AD6F583-7301-4918-AFBF-4A46167B1EFE} - System32\Tasks\{3FF184F4-A54F-4ED3-A22E-64B25A8A75F3} => pcalua.exe -a C:\drivers\WIN\4IN1_W7\setup.exe -d C:\drivers\WIN\4IN1_W7
Task: {5150ED2B-53CB-4175-89DA-EDE3B7F89138} - System32\Tasks\{128CE875-3C69-4730-9DC1-F1EC986C8589} => pcalua.exe -a "C:\drivers\Touchpad Driver (Synaptics, Elan)\Setup.exe" -d "C:\drivers\Touchpad Driver (Synaptics, Elan)"
Task: {538C213C-C88A-4DD7-A8AC-7AAB4F2C7D71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {70123479-9B08-44C9-849A-8180D2F8CC41} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9DC7C769-D0B8-4573-8950-EEED11D3A228} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A57B65D8-2C1A-4BBA-998B-83648B5E08EE} - System32\Tasks\{79F97A43-6ADC-4C79-8447-ECCDF8EF7D6C} => pcalua.exe -a "C:\drivers\WLAN Driver (Broadcom, Qualcomm)\Setup.exe" -d "C:\drivers\WLAN Driver (Broadcom, Qualcomm)"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2008-12-20 03:20 - 2013-10-28 17:40 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-03-10 16:30 - 2013-10-28 17:40 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-08 15:36 - 2013-10-28 17:40 - 00011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 03:20 - 2013-10-28 17:40 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-09 13:26 - 2015-11-09 13:26 - 51657424 _____ () C:\Users\vlcaci\AppData\Local\Viber\Viber.exe
2015-11-09 13:19 - 2015-11-09 13:19 - 00089088 _____ () C:\Users\vlcaci\AppData\Local\Viber\qfacebook.dll
2015-09-29 04:37 - 2015-09-29 04:37 - 00010240 _____ () C:\Users\vlcaci\AppData\Local\Viber\libEGL.dll
2015-09-29 04:37 - 2015-09-29 04:37 - 01601536 _____ () C:\Users\vlcaci\AppData\Local\Viber\libGLESv2.dll
2015-11-09 13:19 - 2015-11-09 13:19 - 00389632 _____ () C:\Users\vlcaci\AppData\Local\Viber\imageformats\qsvg.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll
2015-09-29 17:25 - 2015-09-29 17:25 - 00690176 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-09-29 17:26 - 2015-09-29 17:26 - 00057856 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtQuick\Window.2\windowplugin.dll
2015-09-29 05:04 - 2015-09-29 05:04 - 00184320 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtMultimedia\declarative_multimedia.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00044032 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtQml\StateMachine\qtqmlstatemachine.dll
2015-09-29 04:58 - 2015-09-29 04:58 - 00012288 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtQml\Models.2\modelsplugin.dll
2015-09-29 17:34 - 2015-09-29 17:34 - 00425984 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtLocation\declarative_location.dll
2015-09-29 05:03 - 2015-09-29 05:03 - 00065024 _____ () C:\Users\vlcaci\AppData\Local\Viber\QtPositioning\declarative_positioning.dll
2013-11-08 16:45 - 2012-07-19 02:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-02-11 10:10 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-11 10:10 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2337894898-3612372095-3724559166-1000\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-2337894898-3612372095-3724559166-1000\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2337894898-3612372095-3724559166-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\vlcaci\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.122.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{593A016B-B43D-4331-9870-A8B01C8554CA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{ACD35FC2-0260-409C-AEBA-CE94B515F010}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{AD2C4DC0-CFBC-4DCE-B051-61655B214FDB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{4C6021F9-9D91-4D5B-89DE-7AFE4E540043}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D38E27B1-473C-418E-8F2D-C44DBB3AE77A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2E8FE690-DF3C-475D-A5F1-882AA0F21B24}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{94C8766E-6216-4615-9581-7419DFDF1E1D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2BAD32FC-7D26-44A5-A8C3-84DF29D10D07}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{370B07A2-EFD0-4A38-A784-E56D20713575}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{36001C5B-D4A9-4387-9738-8B6B190491CD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8D6AD288-D475-4411-9E69-158C45E7850C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1619F8FF-B40B-4E22-A173-E3819672A6F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C4CA3310-C530-4458-9B34-E9E72FDC503C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE80C6CA-E557-4A63-BB9A-3C18EAC8A686}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
FirewallRules: [{3D01EEE1-2771-49F5-BFED-F974E52AA70B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2016 08:06:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2016 07:34:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2016 10:31:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2016 10:27:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2016 04:34:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2016 09:16:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2016 09:04:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/10/2016 08:42:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/10/2016 08:29:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

