Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by Hombre (05-01-2018 20:24:45)
Running from C:\Users\Hombre\Desktop
Windows 10 Pro Version 1709 16299.125 (X64) (2017-12-22 14:08:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1316363965-161402098-3267105952-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1316363965-161402098-3267105952-503 - Limited - Disabled)
Guest (S-1-5-21-1316363965-161402098-3267105952-501 - Limited - Disabled)
Hombre (S-1-5-21-1316363965-161402098-3267105952-1002 - Administrator - Enabled) => C:\Users\Hombre
OEM (S-1-5-21-1316363965-161402098-3267105952-1001 - Administrator - Enabled) => C:\Users\OEM
WDAGUtilityAccount (S-1-5-21-1316363965-161402098-3267105952-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_1) (Version: 7.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.2.1 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8730.2165 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2165 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2165 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8730.2165 - Microsoft Corporation) Hidden
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATTENTION
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.7145 - Kakao Corp.)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6105 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Spotify (HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{17515373-7495-4995-9089-B7D6DF455C38}) (Version: 2.6.0.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Wondershare Video Converter Ultimate(Build 10.0.7.97) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.0.7.97 - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1316363965-161402098-3267105952-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FEAF0A67C64F}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1316363965-161402098-3267105952-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-24] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A7A3E7F-700B-4D1D-912E-D64E9643D644} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-05] (Microsoft Corporation)
Task: {24E9F4A5-7DD8-4A64-A25C-5796FA1ADFA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-01-05] (Microsoft Corporation)
Task: {2F533857-BF9A-4175-B139-70CD44CA7DDE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-22] (Dropbox, Inc.)
Task: {3742FAEC-D9AC-4E39-886C-4B3696F3AF16} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-07-29] (Realtek Semiconductor)
Task: {430D4A16-7F00-4D03-80FB-E43D08C7A34E} - \Online Application V2G1 -> No File <==== ATTENTION
Task: {45BC683A-4ECB-4DBC-901D-02A59399F95A} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
Task: {58C92EEF-A9BA-4135-8AA9-E818EDC950A5} - \Online Application V2G2 -> No File <==== ATTENTION
Task: {5C75DE98-7A76-43FD-A5EA-7F1788D0B618} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-G63PH12-Hombre => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {5F09EDB3-F3F8-4E1D-8CD6-630547F8E727} - System32\Tasks\Githulg0 => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Githulg0\Githulg0.dll",bthpkycEqV <==== ATTENTION
Task: {6086951F-473D-4C5D-B801-6D39869285C9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-25] (Microsoft Corporation)
Task: {6CF6B592-B44C-4562-AEEB-31318414776E} - \Online Application V2G5 -> No File <==== ATTENTION
Task: {8920950A-DA4F-43D0-BA91-BCEEDE4C43FB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-25] (Microsoft Corporation)
Task: {9AC36FDC-2EE2-4F4E-8DB7-E858AB2FCF22} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-22] (Google Inc.)
Task: {9C28CF1B-6E8B-4F1E-9C85-93FC10095003} - \AutoKMS -> No File <==== ATTENTION
Task: {A4D56D1E-4837-41DC-8A97-D2C9746DE9EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-22] (Google Inc.)
Task: {B23FE69D-43FC-4162-959F-96E3C06662C3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {B50867DE-8B04-477E-B95B-229C2BC50BAB} - \KMSAutoNet -> No File <==== ATTENTION
Task: {B62DC704-3982-4A3B-92F2-F94D9C86C209} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-22] (Dropbox, Inc.)
Task: {B6D8E66D-53AC-41E9-8A88-D7B293B29BEB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BA92FD0E-3DDC-4FCF-A01A-D33A378019BD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-05] (Microsoft Corporation)
Task: {D2470697-4A06-40B4-AB4E-F3F95BDF93DD} - \Online Application V2G6 -> No File <==== ATTENTION
Task: {D67FAA8F-D73C-4D33-97E2-65B3E9065B87} - \Online Application V2G4 -> No File <==== ATTENTION
Task: {D8D7155E-3126-4452-9817-76963DEFC07C} - System32\Tasks\AdobeAAMUpdater-1.0-HOMBRE-Hombre => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {DB427B54-716F-4816-AC5A-F7A27BB4F539} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-01-05] (Microsoft Corporation)
Task: {E778BCC6-78DF-4B5C-BCD3-13F12B8BBF29} - \Online Application V2G3 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer: 
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer: 

ShortcutWithArgument: C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\CSS - Shack.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=geiccgjkigajaicecnhdokggninehdlp
ShortcutWithArgument: C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-12-27 12:03 - 2017-12-28 11:26 - 008935088 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-10-24 18:08 - 2016-10-24 18:08 - 000401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:34 - 2017-12-14 02:34 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-05 14:21 - 2017-08-10 18:45 - 000028896 _____ () C:\Program Files (x86)\Wondershare\Video Converter Ultimate\WSVCUUpdateHelper.exe
2017-09-26 02:52 - 2017-09-26 02:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-12-22 10:43 - 2017-12-22 10:43 - 000102088 _____ () C:\Users\Hombre\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2017-12-22 12:41 - 2017-12-05 02:06 - 000725312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-12-22 12:41 - 2017-12-05 02:06 - 002075456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-12-22 12:41 - 2017-12-05 02:06 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-12-22 12:41 - 2017-12-05 02:08 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-12-22 12:41 - 2017-12-05 02:06 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-12-22 12:41 - 2017-12-05 02:08 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-12-22 12:41 - 2017-12-05 02:08 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-12-22 12:41 - 2017-12-05 02:08 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-12-22 12:41 - 2017-12-05 02:09 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-12-22 12:41 - 2017-12-05 02:08 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-12-22 12:41 - 2017-12-05 02:09 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-12-22 12:41 - 2017-12-05 02:09 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-12-22 12:41 - 2017-12-05 02:09 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-12-22 12:41 - 2017-12-05 02:08 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-12-22 12:41 - 2017-12-05 02:08 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-12-22 12:41 - 2017-12-05 02:09 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-12-22 12:41 - 2017-12-05 02:09 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-12-22 12:41 - 2017-12-05 02:09 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-12-22 12:41 - 2017-12-05 02:07 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-12-22 12:41 - 2017-12-05 02:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-12-22 12:41 - 2017-12-05 02:07 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-12-22 12:41 - 2017-12-05 02:08 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-12-22 12:41 - 2017-12-05 02:07 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-12-22 12:41 - 2017-12-05 02:09 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-12-22 12:41 - 2017-12-05 02:07 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-09-20 02:42 - 2017-09-20 02:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 03:04 - 2017-09-20 03:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-12 20:10 - 2017-09-12 20:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-20 02:59 - 2017-09-20 02:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-12 20:11 - 2017-09-12 20:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\38591608.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\63295949.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\D4F2BA97.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\38591608.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\63295949.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\D4F2BA97.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-07-26 05:08 - 2018-01-05 17:43 - 000013980 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz
127.0.0.1	gf.tools.avast.com
127.0.0.1	pair.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	id.avast.com
127.0.0.1	v4618535.iavs9x.u.avast.com
127.0.0.1	v4618535.ivps9x.u.avast.com
127.0.0.1	v4618535.ivps9tiny.u.avast.com
127.0.0.1	v4618535.vpsnitro.u.avast.com
127.0.0.1	v4618535.vpsnitrotiny.u.avast.com
127.0.0.1	v4618535.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com

There are 349 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1316363965-161402098-3267105952-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Hombre\Dropbox\Wallpapers\Yosemite Mods\Yosemite.jpg
DNS Servers: 192.168.10.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: WsDrvInst => 3
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "9914210"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "5752729"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "6924361"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "8033641"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "3373313"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "9881336"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "7786930"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "5039966"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "4704533"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "1166603"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "9965416"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "9403823"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "8658810"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "7513416"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "7569208"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "7457585"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "316134"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "3230474"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "9226530"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "2623204"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "8234767"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "4045214"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "4901771"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "3989383"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "40174"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "6390660"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "2607501"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "1928080"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "8948070"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "5491848"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "1386120"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "5947983"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "5970510"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "2011544"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "8388227"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "1171228"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "4454299"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "9674175"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "954190"
HKU\S-1-5-21-1316363965-161402098-3267105952-1002\...\StartupApproved\Run: => "3011934"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D917236B-9A8A-477A-921F-9CCD64B8D5BF}] => (Allow) C:\Users\Hombre\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E3708013-AAAA-4589-AB71-9C6675CE3BA0}] => (Allow) C:\Users\Hombre\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{37A3A692-516C-437B-BF6F-339A5041B3EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6F8182A0-2BA7-4925-82CB-840B56D95ACE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{AFCFD081-66D3-409B-9B55-AD258AA6349E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{A48B6548-E8F7-4126-A15B-864508DBF8A0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{FE6D3D6F-EA21-4A33-94D1-DE1BF1F05302}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B86935E0-80C9-4103-B256-A966950F8957}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5E99B75E-63E9-4400-BD78-A0C7C08BE8F4}C:\users\hombre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hombre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1A2F2C64-7B6B-46D2-BFAB-90F0E60E7638}C:\users\hombre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hombre\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1A499163-2EF6-4A73-A4B3-EA9F55E59C35}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F8D6F7B8-5D86-4C2E-8595-C0C6F3318359}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A2B3A69D-54D5-4BBE-9BE6-5AEA3A449E64}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C62FF403-75E7-42D6-82C3-51BC4694D81E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8C69CD39-D77F-4D2A-8D65-03A58AAEA1DB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{74C1F442-85B9-4B07-A418-2A89CC9F9B83}C:\users\hombre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hombre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{00DE301B-2703-4835-921D-C0A14F06B939}C:\users\hombre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hombre\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F437CDDB-CE34-40B0-9050-91244AAB77F6}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{865F4AE7-7BF1-4F13-B438-DDDFC7162F22}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6EE4A808-158A-40CB-94A9-E54F790EA40E}] => (Allow) C:\Windows\System32\rundll32.exe

==================== Restore Points =========================

05-01-2018 14:51:13 Windows Update
05-01-2018 16:08:27 Operace obnovení

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2018 08:00:14 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR FUNC: rsrc_app_start_app_in_active_user_session FILE: rsrc_app.c LINE: 328 TIME: 1554499 ms

Unable to start capture program. Error = 5

Error: (01/05/2018 07:55:49 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Hotfix for Microsoft Outlook 2010 (KB2598374) produktu Microsoft Office Professional Plus 2010 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/05/2018 07:55:49 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Plus 2010 – Chyba 2902Došlo k vnitřní chybě.  (ixfAssemblyCopy                  ) S žádostí o pomoc se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.

Error: (01/05/2018 07:55:32 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Hotfix for Microsoft Outlook 2010 (KB2598387) produktu Microsoft Office Professional Plus 2010 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/05/2018 07:55:32 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Plus 2010 – Chyba 2902Došlo k vnitřní chybě.  (ixfAssemblyCopy                  ) S žádostí o pomoc se obraťte na službu technické podpory Microsoft Product Support Services (PSS). Informace o kontaktování podpory najdete zde:PSS10R.CHM.

Error: (01/05/2018 07:33:45 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR FUNC: rsrc_app_start_app_in_active_user_session FILE: rsrc_app.c LINE: 328 TIME: 6706023 ms

Unable to start capture program. Error = 5

Error: (01/05/2018 07:33:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2018-01-27T10:11:34Z. Kód chyby: 0x80070005

Error: (01/05/2018 07:33:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2018-01-27T10:12:04Z. Kód chyby: 0x80070005

Error: (01/05/2018 07:32:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2018-01-27T10:11:34Z. Kód chyby: 0x80070005

Error: (01/05/2018 07:32:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2018-01-27T10:12:04Z. Kód chyby: 0x80070005


System errors:
=============
Error: (01/05/2018 08:16:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2018 08:01:28 PM) (Source: DCOM) (EventID: 10016) (User: HOMBRE)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli HOMBRE\Hombre (SID: S-1-5-21-1316363965-161402098-3267105952-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2018 08:01:25 PM) (Source: DCOM) (EventID: 10016) (User: HOMBRE)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli HOMBRE\Hombre (SID: S-1-5-21-1316363965-161402098-3267105952-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2018 08:01:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2018 08:01:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2018 08:01:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2018 08:01:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/05/2018 08:01:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba HNService byla ukončena s následující chybou: 
Systém nemůže nalézt uvedený soubor.

Error: (01/05/2018 08:01:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba FlashruptService64 neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (01/05/2018 08:00:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Klient zásad skupiny neuspěla při spuštění v důsledku následující chyby: 
Přístup byl odepřen.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Percentage of memory in use: 42%
Total physical RAM: 8064.3 MB
Available physical RAM: 4655.38 MB
Total Virtual: 10496.3 MB
Available Virtual: 6894.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.14 GB) (Free:127.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 2F610EE9)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=868 MB) - (Type=27)

==================== End of Addition.txt ============================