﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:01-06-2016
Ran by SWAN (2016-06-02 14:27:19)
Running from C:\Users\SWAN\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-01-08 22:07:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2071813083-1845976314-806757171-500 - Administrator - Disabled)
Guest (S-1-5-21-2071813083-1845976314-806757171-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2071813083-1845976314-806757171-1003 - Limited - Enabled)
SWAN (S-1-5-21-2071813083-1845976314-806757171-1000 - Administrator - Enabled) => C:\Users\SWAN

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{891F047C-9C42-5CE6-6126-B5EAA6F3CFC7}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Android Handset USB Driver 1.0 (HKLM-x32\...\USB Driver_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BitTorrent (HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Free Video Flip and Rotate version 1.0.8.1215 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.0.8.1215 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
K-Lite Mega Codec Pack 11.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4823.1004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{154C7340-7C70-11E3-A15F-F04DA23A5C58}) (Version: 13.0.879 - Sony)
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
MyFreeCodec (HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\MyFreeCodec) (Version:  - )
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Nvu 1.0 (HKLM-x32\...\Nvu) (Version: 1.0 - CZilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.018 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {22DC2060-BAC7-45C5-8202-8AD9E7774A63} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {2ADB462A-10C5-4A34-875C-C11F75D09FD3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {324B32B2-C369-445E-912A-ED6C59579A20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {3610F1EF-E32C-483F-85CA-1D27648C002F} - System32\Tasks\{996C2E56-CF8D-42B1-8BB4-5B25693FCF2F} => pcalua.exe -a "C:\Program Files (x86)\unIosales\3xzfRV2iP452n4.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {494A6FFB-2ACD-44BA-8806-C84506E6E640} - System32\Tasks\AvastNgJob => C:\Program Files\AVAST Software\Avast\setup\emupdates\20140310\emupdateng.exe
Task: {57097E1E-F755-4031-8FB2-A9C667F57AD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {5D3B9262-B0C3-4B66-BD7A-1274D8139FC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64F0B012-C0A9-4289-BDE1-FC6FB75EC1BB} - System32\Tasks\{466120E4-8C8C-4E51-8B69-F46BFC8B4EEF} => pcalua.exe -a E:\Autorun.exe -d E:\
Task: {6DA97FC4-EC18-4C90-A3AE-6A5C439AADFF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {73FF8692-BA8E-4FB4-9966-CA7528513AB8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {76EF653B-6228-4BB0-AA24-D6509BEE3D4D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {7AB1562B-2B05-4AA9-A52A-3B12C447366D} - System32\Tasks\Driver Booster SkipUAC (SWAN) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {8EA7FB19-561A-43A7-AD47-8CFDA5D00CEF} - System32\Tasks\{C3E3F5FC-6C4D-4BEB-AFB6-6E0AF263B50A} => pcalua.exe -a "C:\Program Files (x86)\HD-V1.9\Uninstall.exe" -c /fcp=1
Task: {8F9384DB-6DA0-4146-A18A-66B0C840B60C} - System32\Tasks\{53B0608A-A69B-449C-9081-1514F98AC435} => pcalua.exe -a C:\Users\SWAN\AppData\Local\Temp\7zSAB62.tmp\MicroInstallerNative.exe -d C:\Users\SWAN\AppData\Local\Temp\7zSAB62.tmp
Task: {A6132231-63DC-4B7E-989A-7F5FFDDB3AE4} - System32\Tasks\{1CA0FA9F-C6F9-42E3-8D18-DFCEB9BCE8C7} => pcalua.exe -a "C:\Program Files (x86)\Torntv V9.0\Uninstall.exe" -c /fromcontrolpanel=1
Task: {B07CDC2B-CD1A-46E7-98A7-96D8AC0D5469} - System32\Tasks\{B99D28A7-9F65-43D0-9F08-97012174B353} => pcalua.exe -a "C:\Program Files (x86)\We Love Deals\We Love Deals.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {C0CC8FC6-AFCD-44EF-AFB5-EB7B0758A1F4} - System32\Tasks\{C2BAE604-973C-4300-B96B-A3EBE077AEB1} => pcalua.exe -a C:\Users\SWAN\AppData\Roaming\webssearches\UninstallManager.exe -c  -ptid=amt <==== ATTENTION
Task: {C690D7D7-4A64-4F06-99AD-BEC021C42B6B} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {DEB6FDDE-38D8-432C-8CB6-06F4B620D8AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-04-12] (Microsoft Corporation)
Task: {E8DFCE47-6623-4190-A8CB-3082C3B1EE8A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {E8E61980-3B76-4872-8E49-96DBEC59B232} - System32\Tasks\{8AD2C5F6-A865-4382-AB5F-20B308586C86} => pcalua.exe -a C:\Users\SWAN\AppData\Local\Temp\7zSAD74.tmp\MicroInstallerNative.exe -d C:\Users\SWAN\AppData\Local\Temp\7zSAD74.tmp

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\SWAN\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_emfinbmielocnlhgmfkkmkngdoccbadn\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn
ShortcutWithArgument: C:\Users\SWAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn

==================== Loaded Modules (Whitelisted) ==============

2013-06-04 19:40 - 2013-06-04 19:40 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-04 11:36 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-05-13 06:05 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 06:05 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-05-13 06:05 - 2016-05-11 13:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\sharepoint.com -> hxxps://spstrutnov.sharepoint.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2071813083-1845976314-806757171-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-02-26 15:53 - 00000916 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 keystone.mwbsys.com 
127.0.0.1 sirius.mwbsys.com 
127.0.0.1 bactem.mwbsys.com 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2071813083-1845976314-806757171-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SWAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: APSDaemon => 
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => 
MSCONFIG\startupreg: Infium => 
MSCONFIG\startupreg: KiesPreload => 
MSCONFIG\startupreg: KiesTrayAgent => 
MSCONFIG\startupreg: QIP Internet Guardian => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Windows => 

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CF3B0EAC-1269-4AC7-9F05-F86EC4907BBB}] => (Allow) C:\Users\SWAN\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{60D10FBC-A384-469A-AE6F-D7751191F7D4}] => (Allow) C:\Users\SWAN\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{305337A9-8509-481C-A27D-73E55EA4A223}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8E45C885-0780-4E7C-B149-D318E0FD318B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1F7997E1-1A03-49D8-B653-75ACEAAABDCE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AE56261A-7E2E-4CE1-9987-476F4E4515DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E6D15AE0-9DAA-43DE-BF48-4941FD39F467}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{58139B13-E9FE-4EE8-805D-A8FD73CD0A74}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{49E02DD6-AC33-444C-A6EC-E5525B52F75C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{8E549EB7-E6C6-4748-AB9A-78C3E2BA8D7F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{319AF72F-FC0B-4D3E-97A0-BA22A86171DE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{08171C5E-46DD-4C71-93E9-6EC5B3706F3C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{00ABA841-3004-4630-A976-9F6960DB26B6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{4DAB9987-1255-4D12-B667-F57F2599C4BD}C:\program files\java\jdk1.7.0_71\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\java.exe
FirewallRules: [UDP Query User{4ACE498D-408A-4332-B320-A900B995037F}C:\program files\java\jdk1.7.0_71\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\java.exe
FirewallRules: [TCP Query User{E62E8CF4-B9CA-4DBA-8693-9D783F5337ED}D:\hry\chivalry medieval warfare\binaries\win32\udk.exe] => (Allow) D:\hry\chivalry medieval warfare\binaries\win32\udk.exe
FirewallRules: [UDP Query User{3240D691-5F66-4AA5-9228-C5D88D2D3F83}D:\hry\chivalry medieval warfare\binaries\win32\udk.exe] => (Allow) D:\hry\chivalry medieval warfare\binaries\win32\udk.exe
FirewallRules: [TCP Query User{9831DB26-4560-4143-8887-DC5675E19465}D:\hry\the witcher 2\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\hry\the witcher 2\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{06336539-D2FA-4620-80A9-ACAD285811FF}D:\hry\the witcher 2\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\hry\the witcher 2\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [{54039D02-5C74-4AAA-8D64-E04A039C96D8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{6AF8EE8D-D15C-4398-97F9-4CC5F241046C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{09E3AAA2-8B58-431F-A8B3-B5AB6E2F09F0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1E4612ED-48CF-46D3-960E-6F952AF78CCA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{9D51ACFB-F915-4D7E-A126-07228409ABB0}D:\hry\counter-strike\hl.exe] => (Allow) D:\hry\counter-strike\hl.exe
FirewallRules: [UDP Query User{5F3AD5B8-4F4B-428A-858B-1EE5F62FBC04}D:\hry\counter-strike\hl.exe] => (Allow) D:\hry\counter-strike\hl.exe
FirewallRules: [{A12999DE-1A5B-4D8B-AD59-17D749392DFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-02-2016 16:03:18 Naplánovaný kontrolní bod
15-02-2016 13:16:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
22-02-2016 17:55:11 Naplánovaný kontrolní bod
25-02-2016 23:45:05 ??????? Counter-Strike 1.6
26-02-2016 00:00:27 Driver Booster : CDC Object Exchange (OBEX)
04-03-2016 17:56:45 Naplánovaný kontrolní bod
12-03-2016 20:40:51 Windows Update
26-03-2016 17:54:38 Naplánovaný kontrolní bod
03-04-2016 15:38:29 Naplánovaný kontrolní bod
11-04-2016 14:49:55 Naplánovaný kontrolní bod
18-04-2016 16:52:26 Naplánovaný kontrolní bod
27-04-2016 15:43:36 Naplánovaný kontrolní bod
04-05-2016 18:24:37 Naplánovaný kontrolní bod
09-05-2016 12:40:15 Instalační služba modulů systému Windows
09-05-2016 12:42:29 Instalační služba modulů systému Windows
09-05-2016 12:52:48 Driver Booster : AMD High Definition Audio Device
28-05-2016 17:20:04 Naplánovaný kontrolní bod
02-06-2016 08:21:45 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2016 02:26:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2016 01:29:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/02/2016 01:01:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (06/02/2016 01:01:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/02/2016 01:01:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/02/2016 12:58:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2016 07:53:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (06/02/2016 07:53:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/02/2016 07:53:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/02/2016 07:50:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -550.


System errors:
=============
Error: (06/02/2016 02:24:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby: 
%%1058

Error: (06/02/2016 02:24:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo: 
cdrom

Error: (06/02/2016 12:57:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby: 
%%1058

Error: (06/02/2016 12:56:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo: 
cdrom

Error: (06/02/2016 08:18:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Advanced SystemCare Service 9 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/02/2016 07:48:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby: 
%%1058

Error: (06/02/2016 07:48:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo: 
cdrom

Error: (06/02/2016 07:48:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:21:14, ‎2.‎6.‎2016) bylo neočekávané.

Error: (06/01/2016 03:41:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby: 
%%1058

Error: (06/01/2016 03:41:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo: 
cdrom


==================== Memory info =========================== 

Processor: AMD A4-4000 APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 71%
Total physical RAM: 3281.81 MB
Available physical RAM: 932.17 MB
Total Virtual: 13280.02 MB
Available Virtual: 10871.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.97 GB) (Free:17.58 GB) NTFS
Drive d: () (Fixed) (Total:638.44 GB) (Free:539.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00AEC2CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=638.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================