﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by toshiba1 (2016-04-15 18:13:13)
Running from C:\Users\toshiba1\Desktop
Windows 8.1 (X64) (2015-02-13 09:23:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-701734586-4249835382-1002098473-500 - Administrator - Disabled)
Guest (S-1-5-21-701734586-4249835382-1002098473-501 - Limited - Disabled)
toshiba1 (S-1-5-21-701734586-4249835382-1002098473-1001 - Administrator - Enabled) => C:\Users\toshiba1

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{931B988B-0973-0DF5-C3B7-572935D34DCD}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.2.0 - AppEx Networks)
AVG (HKLM\...\AvgZen) (Version: 1.51.2.3593 - AVG Technologies)
AVG Zen (Version: 1.51.58 - AVG Technologies) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Deskjet 1510 series Nápověda (HKLM-x32\...\{FB815CBF-148E-42A4-8741-4924C28C118F}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
LibreOffice 4.4.1.2 (HKLM-x32\...\{4A754DA6-6E12-40AF-BAF0-B7D60C6BE005}) (Version: 4.4.1.2 - The Document Foundation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 cs)) (Version: 38.5.0 - Mozilla)
Mozilla Thunderbird 38.7.0 (x86 cs) (HKU\S-1-5-21-701734586-4249835382-1002098473-1001\...\Mozilla Thunderbird 38.7.0 (x86 cs)) (Version: 38.7.0 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-701734586-4249835382-1002098473-1001\...\MyFreeCodec) (Version:  - )
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Název společnosti:)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-701734586-4249835382-1002098473-1001\...\SeznamInstall) (Version:  - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Studie vylepšování produktu HP Deskjet 1510 series (HKLM\...\{45124A5E-2F92-4D57-A914-82DC6684C1BB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 1510 series (HKLM\...\{BF7E34C1-4669-46ED-A8DA-244125F41B89}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {37805D9F-EE6A-4647-A9A7-A075E5023AF2} - System32\Tasks\TVInstallRestore => C:\Users\toshiba1\AppData\Local\Temp\TeamViewer\TeamViewer_.exe [2016-03-02] (TeamViewer) <==== ATTENTION
Task: {59E5448E-A0E4-479E-8529-45985411C113} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {5DE23165-55AA-4C1F-BFAB-4BDC3C1021C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: {622EA183-A466-4467-93EB-69EBE81FAE46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {7675895D-C41A-4C3D-99E4-4D040A067924} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: {998AC5E2-1B22-40EC-ACBF-773112BC4424} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-03-13 01:25 - 2013-03-13 01:25 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-05-27 17:46 - 2015-05-26 13:35 - 00079872 _____ () C:\Users\toshiba1\AppData\Roaming\Seznam.cz\bin\17912libfoxloader-x64.dll
2015-02-23 20:35 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\toshiba1\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-02-23 20:35 - 2015-05-26 13:36 - 00073896 _____ () C:\Users\toshiba1\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-03-13 01:25 - 2013-03-13 01:25 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2015-02-23 20:35 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\toshiba1\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-05-27 17:46 - 2015-05-26 13:37 - 00078504 _____ () C:\Users\toshiba1\AppData\Roaming\Seznam.cz\bin\17909libfoxloader.dll
2016-04-14 20:08 - 2016-04-14 20:07 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-04-12 22:31 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 22:31 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-701734586-4249835382-1002098473-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.10.10.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "KiesTrayAgent"
HKU\S-1-5-21-701734586-4249835382-1002098473-1001\...\StartupApproved\StartupFolder: => "Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk"
HKU\S-1-5-21-701734586-4249835382-1002098473-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{95707FE5-D4DB-475A-82A9-A769D849F2F0}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{78AC9C42-8289-4971-93F5-886A9377769E}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{44B1EA6E-21C2-4B2C-AFBA-2DA9986C0BCF}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{4BD40242-77E3-433C-A2C2-BF7DF0133594}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{77EB6D5C-E2B9-41D3-AA79-CFAD1C1309C3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BDC96EA8-F552-4F57-8143-C8DB73DD10BB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{46CC17CF-0BD2-40F8-8A33-208BB954EA29}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DBC4061A-F157-4E0C-84BF-1A100C0B10BB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{82A82DC1-B53A-40C6-903F-7A44B3BADB3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{49FC7913-4362-47B7-BC0C-7FE66FD7C27D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B6F72641-C66D-409E-AB40-A17C7AB78D56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

13-02-2016 09:44:51 Operace obnovení
24-03-2016 19:36:18 Naplánovaný kontrolní bod
08-04-2016 10:47:02 Operace obnovení

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2016 06:00:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: toshiba)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/15/2016 05:59:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: toshiba)
Description: Balíček Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (04/15/2016 04:13:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: toshiba)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/15/2016 04:12:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: toshiba)
Description: Aplikace Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbwe+App se nespustila ve stanovenou dobu.

Error: (04/15/2016 10:35:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: toshiba)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/15/2016 10:34:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: toshiba)
Description: Balíček Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (04/15/2016 06:21:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: toshiba)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/15/2016 06:20:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: toshiba)
Description: Aplikace Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbwe+App se nespustila ve stanovenou dobu.

Error: (04/15/2016 12:13:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: toshiba)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/15/2016 12:12:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: toshiba)
Description: Balíček Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.


System errors:
=============
Error: (04/14/2016 08:13:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/12/2016 10:19:35 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: Byl spuštěn systémový časovač sledovacího zařízení.

Error: (04/12/2016 09:58:46 PM) (Source: DCOM) (EventID: 10010) (User: toshiba)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/11/2016 05:01:49 PM) (Source: DCOM) (EventID: 10016) (User: toshiba)
Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}toshibatoshiba1S-1-5-21-701734586-4249835382-1002098473-1001LocalHost (pomocí LRPC)Microsoft.BingWeather_3.0.4.337_x64__8wekyb3d8bbweS-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330

Error: (04/09/2016 03:16:45 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: Byl spuštěn systémový časovač sledovacího zařízení.

Error: (04/09/2016 02:57:04 PM) (Source: DCOM) (EventID: 10010) (User: toshiba)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/08/2016 12:14:49 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: Byl spuštěn systémový časovač sledovacího zařízení.

Error: (04/06/2016 06:44:15 AM) (Source: DCOM) (EventID: 10010) (User: toshiba)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (04/03/2016 04:26:40 PM) (Source: DCOM) (EventID: 10016) (User: toshiba)
Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}toshibatoshiba1S-1-5-21-701734586-4249835382-1002098473-1001LocalHost (pomocí LRPC)Microsoft.BingFinance_3.0.4.336_x64__8wekyb3d8bbweS-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472

Error: (04/03/2016 02:36:08 PM) (Source: DCOM) (EventID: 10010) (User: toshiba)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


==================== Memory info =========================== 

Processor: AMD E1-2100 APU with Radeon(TM) HD Graphics 
Percentage of memory in use: 43%
Total physical RAM: 3533.51 MB
Available physical RAM: 1982.22 MB
Total Virtual: 4173.51 MB
Available Virtual: 2316.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.12 GB) (Free:666.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: AE92B2FC)

Partition: GPT.

==================== End of Addition.txt ============================