Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by jtrac (05-01-2023 08:00:37)
Running from C:\Users\jtrac\OneDrive\Plocha
Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) (2022-02-09 11:26:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3412725004-164030467-415606481-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3412725004-164030467-415606481-503 - Limited - Disabled)
Guest (S-1-5-21-3412725004-164030467-415606481-501 - Limited - Disabled)
jtrac (S-1-5-21-3412725004-164030467-415606481-1001 - Administrator - Enabled) => C:\Users\jtrac
WDAGUtilityAccount (S-1-5-21-3412725004-164030467-415606481-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
ABBYY FineReader 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.1496 - ABBYY Production LLC)
Acronis Disk Director (HKLM-x32\...\{AE5BBAA8-5AF2-40DB-A13D-F015439EC7C7}) (Version: 12.5.163 - Acronis)
Acronis Drivers (HKLM\...\{A4CA4077-B027-4853-B37B-3355A5BE6E3F}) (Version: 25.0.39230 - Acronis) Hidden
Acronis True Image for Western Digital (HKLM-x32\...\{B8C55C96-CF01-4692-8F20-E3E8AD877A3B}) (Version: 25.0.39230 - Acronis) Hidden
Acronis True Image for Western Digital (HKLM-x32\...\{B8C55C96-CF01-4692-8F20-E3E8AD877A3B}Visible) (Version: 25.0.39230 - Acronis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_0) (Version: 23.0.0.36 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AM-DeadLink 4.3 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.3 - www.aignes.com)
AnyMP4 Video Converter Ultimate 7.2.52 (HKLM-x32\...\{B77ACAAE-53EE-43c3-86F1-4AEA52F6CDD5}_is1) (Version: 7.2.52 - AnyMP4 Studio)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 6.9.1 - AOMEI International Network Limited.)
Audacity 3.2.3 (HKLM\...\Audacity_is1) (Version: 3.2.3 - Audacity Team)
Avidemux VC++ 64bits (HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\{4d8c42c8-5d0c-4992-9e59-13c5068aaa37}) (Version: 2.8.0 - Mean)
Beyond Compare 4.4.4 (HKLM\...\BeyondCompare4_is1) (Version: 4.4.4.27058 - Scooter Software)
calibre 64bit (HKLM\...\{5465488D-C103-4202-AC52-DC8CDF2F901D}) (Version: 6.10.0 - Kovid Goyal)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.84.0000 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L550 Series Printer Uninstall (HKLM\...\EPSON L550 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7CC286A8-EEC5-491F-A4B5-02BD4E656BF6}) (Version: 4.6.2 - Seiko Epson Corporation)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.14.402 - Epubor Inc.)
Fakturky 755F (HKLM-x32\...\Fakturky 755F_is1) (Version: 755F - Milan Bánovský)
FastCopy (HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\FastCopy) (Version: 4.2.1 - H.Shirouzu & FastCopy Lab, LLC.)
FlashBrowser version 0.7 (HKLM-x32\...\{73E7F6CF-E0C5-42EC-BC35-1AB1A50D7BFF}_is1) (Version: 0.7 - AS3)
Glary Utilities PRO 5.199 (HKLM-x32\...\Glary Utilities 5) (Version: 5.199.0.228 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{1DD659FE-014E-43E0-B848-0C4C89AD124E}) (Version: 1.6.8.0 - HP Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5171 - Intel Corporation)
IObit Uninstaller 12 (HKLM-x32\...\IObitUninstall) (Version: 12.2.0.6 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.2 - IObit Information Technology)
IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Master PDF Editor 5.3.12 (HKLM\...\Master PDF Editor 5.3.12_is1) (Version: 5.3.12 - Code Industry Ltd.)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
MP3 Splitter Joiner Pro v4.2 build 2612 (HKLM-x32\...\{F88C04C9-9CDC-4830-A533-CC5E3D69F2A1}_is1) (Version:  - Hoo Technologies)
Mp3tag v3.18 (HKLM-x32\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 2.0 - F.J. Wechselberger)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11126.20188 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.1 - Power Software Ltd)
PSPad editor (HKLM-x32\...\PSPad editor 32bit_is1) (Version: 5.0.6.589 - Jan Fiala)
Q-Dir (HKLM\...\Q-Dir) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
Similarity 64-bit 2.5.1 (HKLM\...\{3D3C412A-8521-4C5C-83F3-94CC8223C309}) (Version: 2.5.2415 - GAR Software)
Tipard Video Converter Ultimate 10.3.22 (HKLM-x32\...\{F2922911-108A-4d9e-B33A-2A101444F4CE}_is1) (Version: 10.3.22 - Tipard Studio)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Universal Document Converter (HKLM-x32\...\Universal Document Converter_is1) (Version: 6.7 - fCoder SIA)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Windows 10 Manager (HKLM\...\{A3BAA471-5A6F-4FB1-8FB4-E634169065F0}) (Version: 3.6.0 - Yamicsoft) Hidden
Windows 10 Manager (HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\Windows 10 Manager 3.6.0) (Version: 3.7.2 - Yamicsoft)
Windows Installer (HKLM-x32\...\{798E61D4-8923-4E77-A74B-2DF264394A48}) (Version: 5.0.4 - AdvancedWindowsManager) Hidden
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.22.14.0_x64__v10z8vjag6ke6 [2022-12-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3412725004-164030467-415606481-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-11-27] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-11] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-11-27] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-11] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-23] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-11-27] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-11] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3412725004-164030467-415606481-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-03] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-04-04 08:41 - 2021-06-22 13:41 - 000014336 _____ () [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\libamcbconsole.dll
2022-02-10 08:13 - 2014-11-03 04:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2022-04-04 08:41 - 2015-05-21 13:32 - 000068784 _____ (Aomei Technology Co., Limited -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\vcomp.dll
2022-02-09 15:14 - 2018-05-15 07:34 - 000026112 _____ (Copyright (c) Code Industry Ltd) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2022-10-20] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-11-28] (HP Inc. -> HP Inc.)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-11-28] (HP Inc. -> HP Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-11-23 10:36 - 2022-11-23 10:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Users\jtrac\AppData\Local\Microsoft\WindowsApps;C:\Program Files\Calibre2\;;C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Windows Live\Shared;
HKU\S-1-5-21-3412725004-164030467-415606481-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jtrac\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\StartupApproved\Run: => "CCleanerssProfessional"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D784BB5A-B775-45D1-BBFD-E65ABA76D88A}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{09E616B6-96FA-4D1F-A4B4-4CDCA630E533}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{785A1437-235C-4AD0-9E8A-E25CAF09EF71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3854B4FF-1DC8-408D-9495-7F5F78F8B75A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E59CE40C-FE66-40C7-8D69-D483F30CD62E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B728E6F-2331-4C27-B197-4B05EAF85AA9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A713B3A-608B-47C6-92A5-CBB8F3842594}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{4F3C81BB-E72C-4BFA-9A3C-8C93A9879F5A}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [TCP Query User{57361BBB-9C40-416D-811A-72EFAAF4C2A7}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe () [File not signed]
FirewallRules: [UDP Query User{E4987988-E2E6-4158-87A0-393D56AA4881}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe () [File not signed]
FirewallRules: [{38B2E158-0034-4AC1-AD74-F329A11E9B07}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{7FB2F2C5-7D5F-4758-A2A2-6B07D078699E}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{9BDD3E75-A86D-48C4-99F8-41B938500E62}] => (Allow) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{D7EC710C-44F4-4AB8-8F26-F6D2116A9825}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{43C2A841-7036-42E9-A7D7-B93B91698081}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{181FBFC9-BC9F-4680-971E-3EC84F3C86D9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{5897059C-DBB0-4E24-A3EB-9D5D0A8D4B67}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{005EAB63-75F5-4532-A26D-22E7BA3A4707}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{89DC51E0-A553-4F29-A8C0-0ECBBFCF14C5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{477FC33D-FAC6-4D48-BCF1-387A27E90428}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{380A05A7-BCBF-401C-A727-B4E5C3D75804}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{FE34F903-1362-47A3-BDA7-4AAD30CD9E67}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{9EDEC8AE-C722-463E-81DA-9B0158B2F6B5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{ABB712A7-D608-44AC-AB67-0B3FC7B0A75B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{86CF41FA-333C-4B5B-9995-B79FD6B5A02B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{C44F2624-3B66-4CD5-AE3D-112696D132F5}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{063B42FB-C64E-483F-9D86-A08500950F8F}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{055F0F57-11AC-4F31-8B3D-B6A03CB4F18B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{A9777297-1E7D-43EA-ADB6-CADE71BF2B90}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{534E741D-AE97-4B62-9D6B-6C2A6E0DB84B}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [TCP Query User{41A937E7-4D29-4A90-A41A-AAD7EF01C326}C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{1FA9F03C-19B7-4803-97B1-110C99E59391}C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{21A344ED-D6DA-41F5-924E-A4A436985B73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B9A742C4-55CC-43F8-91B6-464DBC1EE1E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA571A54-C5E5-4519-BA43-542C08947B60}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDA7ACE4-ECDB-4E9C-B681-D49EF392DA13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E6667A9-7013-42E2-A023-C1BF1E8203D8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B8D3C5E-7664-42B0-BAC1-0ACF88F76F59}] => (Allow) LPort=2869
FirewallRules: [{F407B7D2-BDB5-4397-9877-05D4F7B3F4B1}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2E141BB2-2889-40B9-B507-DB14E512DA4E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2EF8A8BE-E0B1-4C83-B45A-4FA441C77382}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)

==================== Restore Points =========================

31-12-2022 08:55:06 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2023 07:46:06 AM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4084,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 07:41:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6672,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/05/2023 07:27:43 AM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (3992,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 07:27:43 AM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (3992,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 07:26:25 AM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (3992,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/04/2023 03:55:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (3736,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/04/2023 03:55:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (3736,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/04/2023 03:55:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (3736,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (01/05/2023 07:45:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1TH6EDE)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/04/2023 03:55:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1TH6EDE)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/03/2023 04:57:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1TH6EDE)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/03/2023 04:57:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1TH6EDE)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/03/2023 04:57:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1TH6EDE)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/03/2023 09:09:36 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku E: bylo zjištěno poškození.

Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x9000000000009. Název souboru je <nelze určit název souboru>. Poškozený atribut indexu je :$SII:$INDEX_ALLOCATION.

Error: (01/03/2023 09:09:36 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku E: bylo zjištěno poškození.

Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x9000000000009. Název souboru je <nelze určit název souboru>. Poškozený atribut indexu je :$SII:$INDEX_ALLOCATION.

Error: (01/03/2023 09:09:35 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku E: bylo zjištěno poškození.

Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x9000000000009. Název souboru je <nelze určit název souboru>. Poškozený atribut indexu je :$SII:$INDEX_ALLOCATION.


Windows Defender:
================
Date: 2023-01-05 08:00:35
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0
Název: Trojan:Win32/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\jtrac\AppData\Roaming\G6Wa3wt3.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Users\jtrac\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.381.1746.0, AS: 1.381.1746.0, NIS: 1.381.1746.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 08:00:31
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Název: Trojan:Script/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\jtrac\_readme.txt
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Users\jtrac\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.381.1746.0, AS: 1.381.1746.0, NIS: 1.381.1746.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 07:57:52
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Název: Trojan:Script/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\_readme.txt
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Users\jtrac\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.381.1746.0, AS: 1.381.1746.0, NIS: 1.381.1746.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 07:57:46
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre&threatid=2147724510&enterprise=0
Název: Trojan:Win32/Tiggre
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\5U7VGMLM4Z.tmp; service:_AppServicei
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Users\jtrac\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.381.1746.0, AS: 1.381.1746.0, NIS: 1.381.1746.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 07:57:27
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre&threatid=2147724510&enterprise=0
Název: Trojan:Win32/Tiggre
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\5U7VGMLM4Z.tmp
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Users\jtrac\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.381.1746.0, AS: 1.381.1746.0, NIS: 1.381.1746.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
﻿
CodeIntegrity:
===============
Date: 2023-01-04 08:05:55
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: Hewlett-Packard L01 v02.33 07/15/2014
Motherboard: Hewlett-Packard 1998
Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 49%
Total physical RAM: 8103.52 MB
Available physical RAM: 4132.36 MB
Total Virtual: 16295.52 MB
Available Virtual: 11742.36 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:237.34 GB) (Free:165.04 GB) (Model: SanDisk SD8SB8U256G1122) NTFS
Drive d: (PRACKAV) (Fixed) (Total:2794.5 GB) (Free:1122.92 GB) (Model: TOSHIBA HDWD130) NTFS

\\?\Volume{4137a2b2-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:1.13 GB) (Free:0.17 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4137A2B2)
Partition 1: (Active) - (Size=1.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================