﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-04-2016
Ran by Filip (2016-04-18 20:11:01)
Running from C:\Users\Filip\Desktop
Windows 8.1 (X64) (2015-03-20 17:33:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2823346003-503312802-3612261594-500 - Administrator - Disabled)
Filip (S-1-5-21-2823346003-503312802-3612261594-1002 - Administrator - Enabled) => C:\Users\Filip
Guest (S-1-5-21-2823346003-503312802-3612261594-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2823346003-503312802-3612261594-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-2823346003-503312802-3612261594-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
4K Video Downloader 3.8 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.8.0.1830 - Open Media LLC)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1078 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
ESET Smart Security (HKLM\...\{420F27A7-A46B-4D90-97C9-57C08037761B}) (Version: 8.0.312.3 - ESET, spol s r. o.)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.3.1 - PandoraTV)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\cbe8636f7dd0cf1d) (Version: 1.6.2.0 - Lenovo)
LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.80.20121017 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Ovládací panel NVIDIA 354.35 (Version: 354.35 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
VirtualDJ 8 (HKLM-x32\...\{6B8D3A67-346D-410E-81D2-3BFE228D263D}) (Version: 8.1.2587.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66  - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2823346003-503312802-3612261594-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023D7E44-4046-42A3-BBEF-244B1572178D} - System32\Tasks\{DADC9006-9F8B-41D7-8FB3-B3BBA91703A6} => Chrome.exe hxxp://ui.skype.com/ui/0/7.3.0.101/sk/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {0D36B793-0A34-4F41-8E90-E4B61306CB20} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {2F2548F6-8222-49D2-913C-4827942C9D83} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2823346003-503312802-3612261594-1002 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {33697E6F-83BD-4AA9-BDDA-AB53E7E147F0} - System32\Tasks\{6DEFADFE-D2FB-4DD5-B73E-7EB57A5EE0D0} => Chrome.exe hxxp://ui.skype.com/ui/0/7.3.0.101/en/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {6832412D-040A-49EE-9E1F-40368B676214} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {87AA3FD9-484C-410D-8535-F1A28CA952F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-23] (Google Inc.)
Task: {A29F74FB-7221-4D0B-B0D3-D0C4971C564D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {B12861DF-C4DF-4ECD-9D90-74792C1646AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-23] (Google Inc.)
Task: {BFCF557E-2DC9-4616-8699-8670AB29183C} - System32\Tasks\GoogleUpdateTaskMachineUA1d091a0fb3aca02 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-23] (Google Inc.)
Task: {C27D0F28-0125-4B33-8CB7-4297146DCF9C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {CBF8103A-1AE0-42C9-9D6C-E3E9C0D7A608} - System32\Tasks\{005F0565-9900-4657-BB75-DED095C0F26C} => Chrome.exe hxxp://ui.skype.com/ui/0/7.3.0.101/cs/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {CD0BB06B-00FA-4DCD-BACB-DA0CEE91DB4D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
Task: {D7702871-4C2E-4B29-8529-34EF8B15CA0E} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe [2016-04-18] (ESET)
Task: {F82FF949-A346-4B2C-9620-3372F82D8D82} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {FE2CDDF4-B1D7-451D-AF68-2AD3AD3E22DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d091a0fb3aca02.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-11-27 22:29 - 2015-10-15 05:59 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-27 23:20 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-27 22:40 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-05-22 04:29 - 2014-05-22 04:29 - 00033536 _____ () C:\Program Files\Lenovo\iMController\AutoUpdate.exe
2015-03-23 01:37 - 2016-04-17 14:57 - 47503472 _____ () C:\Users\Filip\AppData\Roaming\Spotify\libcef.dll
2015-03-23 01:37 - 2016-04-17 14:57 - 01584240 _____ () C:\Users\Filip\AppData\Roaming\Spotify\libglesv2.dll
2015-03-23 01:37 - 2016-04-17 14:57 - 00082032 _____ () C:\Users\Filip\AppData\Roaming\Spotify\libegl.dll
2016-04-11 21:38 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 21:38 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2014-11-27 22:33 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-04-08 23:31 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\Filip\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1001\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2823346003-503312802-3612261594-1002\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-04-08 12:14 - 00450774 ____R C:\windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15463 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2823346003-503312802-3612261594-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Filip\Pictures\Camera Roll\WIN_20151205_172205.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{37F46E78-F58B-47AF-B6C3-45C8FC688314}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FE8AAB40-85D6-4E93-B118-F10347C6D471}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C97BF1D8-BBF5-4F7F-81D7-1C497A1F959A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6EECCF68-DC56-4834-B415-FFDD1248AB8E}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7F6EC2A2-017F-49A7-A5A8-D6112450A465}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9774C947-F596-4BFA-8BAE-8B02BC751CB2}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{28FCFB15-5F47-4BDF-BE8A-811E6271DDCD}] => (Allow) LPort=55100
FirewallRules: [{B00BB280-6ECE-4D22-AB8F-D0DB64874B49}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{1A962F25-AE66-4791-AA1F-FDFA1340DD81}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E67025F9-EA2B-41DD-A645-130C2FF03C35}] => (Allow) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DCA9D198-BAED-416A-99E9-480AAB0947A1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{AAEC4167-FF28-4C52-A700-F99472EAC537}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{04E030E2-B4B4-4C36-BA44-EA8FE8200E82}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{4A246556-06D1-446F-AB5D-15FC5304BED4}C:\users\filip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\filip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{11B7E746-B57C-4E81-A374-1EA6BE9370CB}C:\users\filip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\filip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AA701D93-489C-4A69-AB58-18E68086A0C7}] => (Allow) C:\Users\Filip\AppData\Roaming\PT\updater.exe
FirewallRules: [{4E679449-BFCA-4B84-BD82-2087DEE5379D}] => (Allow) C:\Users\Filip\AppData\Roaming\PT\updater.exe
FirewallRules: [{8C1D5B90-EA3A-40E5-A630-C117E7AD1877}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

31-03-2016 23:28:59 Installed Microsoft Project Professional 2010
09-04-2016 13:09:49 Naplánovaný kontrolní bod
13-04-2016 11:19:06 Windows Update
17-04-2016 16:16:08 Removed Proxy Switcher
18-04-2016 19:56:02 Removed Microsoft Project Professional 2010

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2016 10:50:42 PM) (Source: LenovoWiFiHotspotSvr) (EventID: 1) (User: )
Description: LenovoWiFiHotspotSvrm_WlanMgr stop HN error. failed with 0

Error: (04/14/2016 10:50:42 PM) (Source: PhoneCompanionVap_WLAN) (EventID: 1) (User: )
Description: PhoneCompanionVap_WLANWlanMgr : ForceStop error. failed with 1062

Error: (04/14/2016 10:49:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_PcaSvc, verzia: 6.3.9600.17415, časová značka: 0x54504177
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.18194, časová značka: 0x56951674
Kód výnimky: 0xc0000008
Odstup chyby: 0x00000000000925fa
Identifikácia chybujúceho procesu: 0x19ec
Čas spustenia chybujúcej aplikácie: 0xsvchost.exe_PcaSvc0
Cesta chybujúcej aplikácie: svchost.exe_PcaSvc1
Cesta chybujúceho modulu: svchost.exe_PcaSvc2
Identifikácia hlásenia: svchost.exe_PcaSvc3
Celé meno chybujúceho balíka: svchost.exe_PcaSvc4
Identifikácia chybujúcej aplikácie vzhľadom na balík: svchost.exe_PcaSvc5

Error: (04/14/2016 10:45:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_PcaSvc, verzia: 6.3.9600.17415, časová značka: 0x54504177
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.18194, časová značka: 0x56951674
Kód výnimky: 0xc0000008
Odstup chyby: 0x00000000000925fa
Identifikácia chybujúceho procesu: 0x454
Čas spustenia chybujúcej aplikácie: 0xsvchost.exe_PcaSvc0
Cesta chybujúcej aplikácie: svchost.exe_PcaSvc1
Cesta chybujúceho modulu: svchost.exe_PcaSvc2
Identifikácia hlásenia: svchost.exe_PcaSvc3
Celé meno chybujúceho balíka: svchost.exe_PcaSvc4
Identifikácia chybujúcej aplikácie vzhľadom na balík: svchost.exe_PcaSvc5

Error: (04/14/2016 02:43:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: bsplayer.exe, verzia: 2.6.9.1078, časová značka: 0x2a425e19
Názov chybujúceho modulu: splitter.ax, verzia: 1.10.262.12, časová značka: 0x4c66576a
Kód výnimky: 0xc0000005
Odstup chyby: 0x00018708
Identifikácia chybujúceho procesu: 0xc44
Čas spustenia chybujúcej aplikácie: 0xbsplayer.exe0
Cesta chybujúcej aplikácie: bsplayer.exe1
Cesta chybujúceho modulu: bsplayer.exe2
Identifikácia hlásenia: bsplayer.exe3
Celé meno chybujúceho balíka: bsplayer.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: bsplayer.exe5

Error: (04/10/2016 03:25:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: bsplayer.exe, verzia: 2.6.9.1078, časová značka: 0x2a425e19
Názov chybujúceho modulu: bsplayer.exe, verzia: 2.6.9.1078, časová značka: 0x2a425e19
Kód výnimky: 0xc0000005
Odstup chyby: 0x000038c0
Identifikácia chybujúceho procesu: 0x19c0
Čas spustenia chybujúcej aplikácie: 0xbsplayer.exe0
Cesta chybujúcej aplikácie: bsplayer.exe1
Cesta chybujúceho modulu: bsplayer.exe2
Identifikácia hlásenia: bsplayer.exe3
Celé meno chybujúceho balíka: bsplayer.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: bsplayer.exe5

Error: (04/10/2016 12:07:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AcroRd32.exe version 15.10.20056.36345 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: bbc

Start Time: 01d1917c3fd8d8ac

Termination Time: 167

Application Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

Report Id: 63030df5-fe9f-11e5-8290-d07e3530f132

Faulting package full name: 

Faulting package-relative application ID:

Error: (04/08/2016 01:59:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: bsplayer.exe, verzia: 2.6.9.1078, časová značka: 0x2a425e19
Názov chybujúceho modulu: splitter.ax, verzia: 1.10.262.12, časová značka: 0x4c66576a
Kód výnimky: 0xc0000005
Odstup chyby: 0x00018708
Identifikácia chybujúceho procesu: 0xc98
Čas spustenia chybujúcej aplikácie: 0xbsplayer.exe0
Cesta chybujúcej aplikácie: bsplayer.exe1
Cesta chybujúceho modulu: bsplayer.exe2
Identifikácia hlásenia: bsplayer.exe3
Celé meno chybujúceho balíka: bsplayer.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: bsplayer.exe5

Error: (04/07/2016 11:57:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bsplayer.exe version 2.6.9.1078 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1aec

Start Time: 01d19116e360e96c

Termination Time: 0

Application Path: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe

Report Id: a8b234d8-fd0b-11e5-828f-d07e3530f132

Faulting package full name: 

Faulting package-relative application ID:

Error: (04/06/2016 02:03:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bsplayer.exe version 2.6.9.1078 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2464

Start Time: 01d18ff506c6dcda

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe

Report Id: 96fe9751-fbef-11e5-828e-d07e3530f132

Faulting package full name: 

Faulting package-relative application ID:


System errors:
=============
Error: (04/18/2016 07:25:18 PM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/18/2016 07:24:48 PM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/18/2016 08:59:40 AM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/18/2016 08:59:08 AM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/18/2016 03:59:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch bola ukončená s nasledujúcou chybou: 
%%1062

Error: (04/18/2016 03:57:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (04/17/2016 02:56:09 PM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/17/2016 02:56:09 PM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/17/2016 02:56:09 PM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/17/2016 02:21:39 PM) (Source: DCOM) (EventID: 10010) (User: FILIPICKO)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


CodeIntegrity:
===================================
  Date: 2015-05-27 11:58:51.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-27 11:58:51.739
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 55%
Total physical RAM: 8084.27 MB
Available physical RAM: 3616.87 MB
Total Virtual: 11540.27 MB
Available Virtual: 5908.16 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.4 GB) (Free:696.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00126B70)

Partition: GPT.

==================== End of Addition.txt ============================