Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2017
Ran by VladimirK (22-10-2017 13:54:33)
Running from C:\Users\vladimirk\Desktop
Windows 8.1 Pro (Update) (X64) (2016-09-06 09:28:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-1678474182-328064794-2018569793-1001 - Administrator - Enabled) => C:\Users\admin1
Administrator (S-1-5-21-1678474182-328064794-2018569793-500 - Administrator - Disabled)
Guest (S-1-5-21-1678474182-328064794-2018569793-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Call of Duty - United Offensive (HKLM-x32\...\{A662E280-64A8-4CF5-8407-13D0808602B3}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty - United Offensive (HKLM-x32\...\InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}) (Version: 1.00.0000 - Activision)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
ESET Endpoint Antivirus (HKLM\...\{BE081690-1595-409A-B241-E8E89978AAB3}) (Version: 6.4.2014.2 - ESET, spol. s r.o.)
Garmin MapSource (HKLM-x32\...\{58FA5D40-E35A-47ED-8AFA-68CCC758559E}) (Version: 6.15.11 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 100 Mobile L411 14.0 Rel. 6 (HKLM\...\{36419AF2-1B07-4517-984B-ACCA10782FCC}) (Version: 14.0 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4189 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1036 - Intel Corporation)
Intel(R) USB 3.0 Host Controller Adaptation Driver (HKLM\...\{9472AEE5-5D4D-4329-8BD8-B282FD33B8E0}) (Version: 1.0.0.26 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{A5830729-36A3-4900-8135-D8A972914342}) (Version: 1.0.0.516 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
L411 (HKLM-x32\...\{97FC7F51-C03A-49FE-ACCC-242C99475BC2}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
L411_Help (HKLM-x32\...\{5420FFDB-0FF9-4E6F-88BB-2382B586B3C5}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
L411_Software_Min (HKLM-x32\...\{1C33CD2B-91E8-4623-B5CC-EFB020E9554E}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
Malwarebytes verzia 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Media Player Codec Pack 4.4.2 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.2 - Media Player Codec Pack)
Microsoft Office 2013 Standard (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 sk) (HKLM\...\Mozilla Firefox 55.0.3 (x64 sk)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Opera Stable 48.0.2685.39 (HKLM-x32\...\Opera 48.0.2685.39) (Version: 48.0.2685.39 - Opera Software)
Photomatix Pro version 5.1 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.1 - HDRsoft Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.340 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.57 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39063 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Slovakia TOPO v2 (HKLM-x32\...\{A1E15B5F-E414-4595-A1B5-94A2F07EF9CB}) (Version: 2.00 - CONAN s.r.o.)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
StrongDC++ 2.41 (HKLM-x32\...\StrongDC++) (Version: 2.41 - Big Muscle)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Weather Watcher Live (HKLM-x32\...\{98FDC595-92B3-48D5-80D6-FE7AABD9191B}_is1) (Version: Weather Watcher Live (Build: 5/25/17) - Singer's Creations)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows 8 Codec Pack 2.0.7 (HKLM-x32\...\Windows 8 - Codec Pack) (Version: 2.0.7 - Windows 8 Codec Pack)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Intel Corporation (iagpioe) System  (02/28/2015 603.9600.1920.60719) (HKLM\...\F7BD032DC4815E48C8FFD310F4793B930D5F4837) (Version: 02/28/2015 603.9600.1920.60719 - Intel Corporation)
Windows Driver Package - Intel Corporation (iai2ce) System  (02/28/2015 603.9600.2425.60717) (HKLM\...\358163B8DA80E489A41CAAC6542BF9E6245297EA) (Version: 02/28/2015 603.9600.2425.60717 - Intel Corporation)
Windows Driver Package - Intel Corporation (iauarte) System  (02/16/2015 603.9600.2426.59928) (HKLM\...\EBFE7C1B6A8869998B8883D5FAFEA855A69722C8) (Version: 02/16/2015 603.9600.2426.59928 - Intel Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
YoWindow (HKLM-x32\...\yowindow) (Version: 3 - RepkaSoft)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_EN_is1) (Version: 19.1704.2.21 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2015-01-31] (Qualcomm®Atheros®)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2016-05-24] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2016-05-24] (ESET)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2015-01-31] (Qualcomm®Atheros®)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-09-06] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2016-05-24] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2423E6C4-7E75-4C98-9066-63C502712931} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {305B74A3-1BC4-493E-AE74-D361EED87DD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-01] (Google Inc.)
Task: {5FA4E214-1A23-46C5-8868-36BF5B6F6EDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-01] (Google Inc.)
Task: {737C01B6-80A9-4A38-8BBA-0919790CC921} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)
Task: {7D80AAB6-FFE0-4720-8449-5104D53530EF} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {8131D684-29AC-45E1-83E3-BCFCCAD7EF5F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [2017-10-14] (Adobe Systems Incorporated)
Task: {829C9AE4-4C95-4750-A2D3-F6FF39D54DE6} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {850318B1-619E-4067-97CC-A51D6DAEA43F} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {8ABC62DC-29EB-4A04-8FA6-CBE37ED097C6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {8CE1D73B-EF6D-4E07-BF40-46E8D0796802} - System32\Tasks\Opera scheduled Autoupdate 1501692119 => C:\Users\vladimirk\AppData\Local\Programs\Opera\launcher.exe [2017-10-10] (Opera Software)
Task: {D40B718A-3888-4E64-97E5-22ADAD8A05C3} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {E838F17E-0FBD-4EF8-9F65-53EDD732D14B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {F874D190-0BD1-438D-A98E-C3728B74D1AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-04-20 00:36 - 2016-09-06 13:17 - 000391784 _____ () C:\Windows\system32\igfxTray.exe
2015-01-31 04:47 - 2015-01-31 04:47 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2015-01-31 04:44 - 2015-01-31 04:44 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2015-01-31 04:51 - 2015-01-31 04:51 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2016-08-16 02:15 - 2016-08-16 02:15 - 000897224 _____ () C:\Windows\SysWOW64\Codecs\TrayMenu.exe
2015-02-18 15:47 - 2015-02-18 15:47 - 000330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2017-10-12 16:13 - 2017-10-12 16:13 - 091444312 _____ () C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera_browser.dll
2017-10-12 16:13 - 2017-10-12 16:13 - 002545752 _____ () C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\swiftshader\libglesv2.dll
2017-10-12 16:13 - 2017-10-12 16:13 - 000144472 _____ () C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7933 more sites.

IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123simsen.com -> www.123simsen.com

There are 7933 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-10-22 11:53 - 000454436 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15595 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Control Panel\Desktop\\Wallpaper -> C:\Users\vladimirk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\StartupFolder: => "YoWindow.lnk"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "WeatherWatcherLive"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "Codec Pack Update Checker"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DA89A9C8-5BD4-44E7-8685-B5C81CEFB444}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{0AF1C106-B24B-4B49-916F-B33717478FDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9A2FEFC1-6354-4D98-A1E0-EB750A346B61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D986BCEF-8DA6-4FC0-95DE-2B8519A59433}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [TCP Query User{8D332EFB-6018-4F20-B40F-4B70790B1493}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [UDP Query User{9CDEED83-40AB-46A7-8F54-5B8445577DF2}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [TCP Query User{5A5D8C16-AEA3-4DE7-846A-2A480E1D3E77}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe
FirewallRules: [UDP Query User{E0508AB9-0C7F-4CF3-938E-A04F3F7CC836}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe
FirewallRules: [TCP Query User{2BEAE33A-86CF-4C39-B997-24C18D7AFFB1}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe
FirewallRules: [UDP Query User{98CDD77A-4A1C-4612-BACC-479F857D6236}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe
FirewallRules: [{69CEF894-14D2-487D-A33F-88D532687F78}] => (Allow) C:\Users\vladimirk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF9593E3-7949-4E00-8ACC-98C749FF797D}] => (Allow) C:\Users\vladimirk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0A2DBC1C-BCAC-4508-B6FC-219AC1C34FB4}] => (Allow) C:\Users\vladimirk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94126851-B297-4A33-84A2-D39D3BC06A29}] => (Allow) C:\Users\vladimirk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9BA1562E-0E31-48BB-8892-2CD0BFEDA40F}] => (Allow) C:\Users\vladimirk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{57ED50C7-B3BF-4706-8812-DA0575F4B1FF}] => (Allow) C:\Users\vladimirk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{8FAC01B4-BAB0-4557-B382-37FDEA6F7E75}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe
FirewallRules: [UDP Query User{90788585-A6CE-416B-96F0-82F637CFE169}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe
FirewallRules: [TCP Query User{484AD26B-CB5D-4B11-8BE8-B8362D9E2A2E}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe
FirewallRules: [UDP Query User{FB6B2779-F4D8-4C8E-88C8-0D2C03089DCD}C:\program files\strongdc++\strongdc.exe] => (Allow) C:\program files\strongdc++\strongdc.exe
FirewallRules: [TCP Query User{3D3C542E-2FD5-493D-97B9-2E44B633232D}C:\program files (x86)\strongdc++\strongdc.exe] => (Allow) C:\program files (x86)\strongdc++\strongdc.exe
FirewallRules: [UDP Query User{01ABF865-549D-46BF-87D9-51C394FB1807}C:\program files (x86)\strongdc++\strongdc.exe] => (Allow) C:\program files (x86)\strongdc++\strongdc.exe
FirewallRules: [TCP Query User{78B19C99-8A9F-4531-84F4-6266BD58DAA7}C:\program files (x86)\strongdc++\strongdc.exe] => (Block) C:\program files (x86)\strongdc++\strongdc.exe
FirewallRules: [UDP Query User{387D6327-65AD-41B1-BFD6-EB1A9A91B9B1}C:\program files (x86)\strongdc++\strongdc.exe] => (Block) C:\program files (x86)\strongdc++\strongdc.exe
FirewallRules: [{FEBD768C-2530-4FAA-B117-A19F6F40F45F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0DF259E5-C505-4730-862B-FB66314B9778}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{77C2431A-CD53-46B6-8D14-BF0EFBCD357D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{24E5C669-26C7-4843-84DF-784FAE651B37}] => (Allow) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.35\opera.exe
FirewallRules: [{92022BF8-11DA-4BFA-A3D6-5ABE4DA6528F}] => (Allow) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
FirewallRules: [TCP Query User{255ED51A-FD15-48CD-B027-FB25936D68C1}C:\users\vladimirk\appdata\local\temp\rar$exa0.441\o&o defrag professional v20.5.603 64bit\o&o defrag\local\stubexe\0x5000d478b8019648\oodag.exe] => (Block) C:\users\vladimirk\appdata\local\temp\rar$exa0.441\o&o defrag professional v20.5.603 64bit\o&o defrag\local\stubexe\0x5000d478b8019648\oodag.exe
FirewallRules: [UDP Query User{A6032DD9-E644-4C8A-AA0D-8B9C0FDD6606}C:\users\vladimirk\appdata\local\temp\rar$exa0.441\o&o defrag professional v20.5.603 64bit\o&o defrag\local\stubexe\0x5000d478b8019648\oodag.exe] => (Block) C:\users\vladimirk\appdata\local\temp\rar$exa0.441\o&o defrag professional v20.5.603 64bit\o&o defrag\local\stubexe\0x5000d478b8019648\oodag.exe

==================== Restore Points =========================

26-08-2017 13:12:15 Scheduled Checkpoint
22-09-2017 15:51:40 Installed DirectX

==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2017 07:27:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/22/2017 07:27:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 08:33:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 08:33:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 06:39:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 06:39:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 07:32:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 07:32:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 05:32:47 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/21/2017 05:32:47 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (10/22/2017 01:14:06 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: SOI)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 01:09:41 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 11:36:06 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: SOI)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 11:34:41 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 11:28:33 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain SOI due to the following: 
Pre splnenie požiadavky na prihlásenie nie sú k dispozícii žiadne prihlasovacie servery.


This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (10/22/2017 09:59:41 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 09:58:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: SOI)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 08:24:42 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 08:20:08 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: SOI)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (10/22/2017 07:27:53 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N3160 @ 1.60GHz
Percentage of memory in use: 65%
Total physical RAM: 3921.61 MB
Available physical RAM: 1353.3 MB
Total Virtual: 4625.61 MB
Available Virtual: 1138.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:194.97 GB) (Free:125.25 GB) NTFS
Drive e: () (Fixed) (Total:270.45 GB) (Free:96.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BC658CCE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================