Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by jtrac (05-01-2023 14:26:24)
Running from D:\DOWN
Microsoft Windows 10 Pro Version 21H2 19044.2364 (X64) (2022-02-09 11:26:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3412725004-164030467-415606481-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3412725004-164030467-415606481-503 - Limited - Disabled)
Guest (S-1-5-21-3412725004-164030467-415606481-501 - Limited - Disabled)
jtrac (S-1-5-21-3412725004-164030467-415606481-1001 - Administrator - Enabled) => C:\Users\jtrac
WDAGUtilityAccount (S-1-5-21-3412725004-164030467-415606481-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
ABBYY FineReader 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.1496 - ABBYY Production LLC)
Acronis Disk Director (HKLM-x32\...\{AE5BBAA8-5AF2-40DB-A13D-F015439EC7C7}) (Version: 12.5.163 - Acronis)
Acronis Drivers (HKLM\...\{A4CA4077-B027-4853-B37B-3355A5BE6E3F}) (Version: 25.0.39230 - Acronis) Hidden
Acronis True Image for Western Digital (HKLM-x32\...\{B8C55C96-CF01-4692-8F20-E3E8AD877A3B}) (Version: 25.0.39230 - Acronis) Hidden
Acronis True Image for Western Digital (HKLM-x32\...\{B8C55C96-CF01-4692-8F20-E3E8AD877A3B}Visible) (Version: 25.0.39230 - Acronis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_0) (Version: 23.0.0.36 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AM-DeadLink 4.3 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.3 - www.aignes.com)
AnyMP4 Video Converter Ultimate 7.2.52 (HKLM-x32\...\{B77ACAAE-53EE-43c3-86F1-4AEA52F6CDD5}_is1) (Version: 7.2.52 - AnyMP4 Studio)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 6.9.1 - AOMEI International Network Limited.)
Avidemux VC++ 64bits (HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\{4d8c42c8-5d0c-4992-9e59-13c5068aaa37}) (Version: 2.8.0 - Mean)
Beyond Compare 4.4.4 (HKLM\...\BeyondCompare4_is1) (Version: 4.4.4.27058 - Scooter Software)
calibre 64bit (HKLM\...\{5465488D-C103-4202-AC52-DC8CDF2F901D}) (Version: 6.10.0 - Kovid Goyal)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.84.0000 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L550 Series Printer Uninstall (HKLM\...\EPSON L550 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7CC286A8-EEC5-491F-A4B5-02BD4E656BF6}) (Version: 4.6.2 - Seiko Epson Corporation)
Epubor Ultimate (HKLM-x32\...\Epubor Ultimate) (Version: 3.0.14.402 - Epubor Inc.)
Fakturky 755F (HKLM-x32\...\Fakturky 755F_is1) (Version: 755F - Milan Bánovský)
FastCopy (HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\FastCopy) (Version: 4.2.1 - H.Shirouzu & FastCopy Lab, LLC.)
Glary Utilities PRO 5.199 (HKLM-x32\...\Glary Utilities 5) (Version: 5.199.0.228 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{1DD659FE-014E-43E0-B848-0C4C89AD124E}) (Version: 1.6.8.0 - HP Inc.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5171 - Intel Corporation)
IObit Uninstaller 12 (HKLM-x32\...\IObitUninstall) (Version: 12.2.0.6 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.2 - IObit Information Technology)
IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Master PDF Editor 5.3.12 (HKLM\...\Master PDF Editor 5.3.12_is1) (Version: 5.3.12 - Code Industry Ltd.)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
MP3 Splitter Joiner Pro v4.2 build 2612 (HKLM-x32\...\{F88C04C9-9CDC-4830-A533-CC5E3D69F2A1}_is1) (Version:  - Hoo Technologies)
Mp3tag v3.18 (HKLM-x32\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 2.0 - F.J. Wechselberger)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11126.20188 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.1 - Power Software Ltd)
PSPad editor (HKLM-x32\...\PSPad editor 32bit_is1) (Version: 5.0.6.589 - Jan Fiala)
Q-Dir (HKLM\...\Q-Dir) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
Similarity 64-bit 2.5.1 (HKLM\...\{3D3C412A-8521-4C5C-83F3-94CC8223C309}) (Version: 2.5.2415 - GAR Software)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Universal Document Converter (HKLM-x32\...\Universal Document Converter_is1) (Version: 6.7 - fCoder SIA)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Windows 10 Manager (HKLM\...\{A3BAA471-5A6F-4FB1-8FB4-E634169065F0}) (Version: 3.6.0 - Yamicsoft) Hidden
Windows 10 Manager (HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\Windows 10 Manager 3.6.0) (Version: 3.7.2 - Yamicsoft)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{3EE8FA69-F2A5-4BDB-9E23-3ABB2421B4FA}) (Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{124A05DC-3C47-4EEF-85CE-56D6C1CAE62B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{E5807449-CA84-42F6-9CE3-A0E2BDA9E24B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.22.14.0_x64__v10z8vjag6ke6 [2022-12-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3412725004-164030467-415606481-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_0_39230.dll [2021-12-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-11-27] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-11] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-11-27] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-11] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-23] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2022-11-27] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-11] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3412725004-164030467-415606481-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-03] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-04-04 08:41 - 2021-06-22 13:41 - 000014336 _____ () [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\libamcbconsole.dll
2022-02-10 08:13 - 2014-11-03 04:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2022-04-04 08:41 - 2015-05-21 13:32 - 000068784 _____ (Aomei Technology Co., Limited -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\vcomp.dll
2022-02-09 15:14 - 2018-05-15 07:34 - 000026112 _____ (Copyright (c) Code Industry Ltd) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3412725004-164030467-415606481-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2022-02-16 06:47:22&iid=3b588d00-1c8b-4329-b3d7-2b94c6b1badf&bName=
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2022-10-20] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-11-28] (HP Inc. -> HP Inc.)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-11-28] (HP Inc. -> HP Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-11-23 10:36 - 2022-11-23 10:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Users\jtrac\AppData\Local\Microsoft\WindowsApps;C:\Program Files\Calibre2\;;C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Windows Live\Shared;
HKU\S-1-5-21-3412725004-164030467-415606481-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jtrac\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3412725004-164030467-415606481-1001\...\StartupApproved\Run: => "CCleanerssProfessional"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D784BB5A-B775-45D1-BBFD-E65ABA76D88A}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{09E616B6-96FA-4D1F-A4B4-4CDCA630E533}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{785A1437-235C-4AD0-9E8A-E25CAF09EF71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3854B4FF-1DC8-408D-9495-7F5F78F8B75A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E59CE40C-FE66-40C7-8D69-D483F30CD62E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B728E6F-2331-4C27-B197-4B05EAF85AA9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A713B3A-608B-47C6-92A5-CBB8F3842594}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{4F3C81BB-E72C-4BFA-9A3C-8C93A9879F5A}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [TCP Query User{57361BBB-9C40-416D-811A-72EFAAF4C2A7}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe () [File not signed]
FirewallRules: [UDP Query User{E4987988-E2E6-4158-87A0-393D56AA4881}C:\program files (x86)\epubor\ultimate\epuborultimate.exe] => (Allow) C:\program files (x86)\epubor\ultimate\epuborultimate.exe () [File not signed]
FirewallRules: [{38B2E158-0034-4AC1-AD74-F329A11E9B07}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{7FB2F2C5-7D5F-4758-A2A2-6B07D078699E}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{9BDD3E75-A86D-48C4-99F8-41B938500E62}] => (Allow) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{D7EC710C-44F4-4AB8-8F26-F6D2116A9825}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{43C2A841-7036-42E9-A7D7-B93B91698081}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{181FBFC9-BC9F-4680-971E-3EC84F3C86D9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{5897059C-DBB0-4E24-A3EB-9D5D0A8D4B67}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{005EAB63-75F5-4532-A26D-22E7BA3A4707}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{89DC51E0-A553-4F29-A8C0-0ECBBFCF14C5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{477FC33D-FAC6-4D48-BCF1-387A27E90428}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{380A05A7-BCBF-401C-A727-B4E5C3D75804}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{FE34F903-1362-47A3-BDA7-4AAD30CD9E67}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{9EDEC8AE-C722-463E-81DA-9B0158B2F6B5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{ABB712A7-D608-44AC-AB67-0B3FC7B0A75B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{86CF41FA-333C-4B5B-9995-B79FD6B5A02B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{C44F2624-3B66-4CD5-AE3D-112696D132F5}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{063B42FB-C64E-483F-9D86-A08500950F8F}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{055F0F57-11AC-4F31-8B3D-B6A03CB4F18B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{A9777297-1E7D-43EA-ADB6-CADE71BF2B90}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{534E741D-AE97-4B62-9D6B-6C2A6E0DB84B}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [TCP Query User{41A937E7-4D29-4A90-A41A-AAD7EF01C326}C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{1FA9F03C-19B7-4803-97B1-110C99E59391}C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jtrac\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{21A344ED-D6DA-41F5-924E-A4A436985B73}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B9A742C4-55CC-43F8-91B6-464DBC1EE1E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA571A54-C5E5-4519-BA43-542C08947B60}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDA7ACE4-ECDB-4E9C-B681-D49EF392DA13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E6667A9-7013-42E2-A023-C1BF1E8203D8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B8D3C5E-7664-42B0-BAC1-0ACF88F76F59}] => (Allow) LPort=2869
FirewallRules: [{F407B7D2-BDB5-4397-9877-05D4F7B3F4B1}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2E141BB2-2889-40B9-B507-DB14E512DA4E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2EF8A8BE-E0B1-4C83-B45A-4FA441C77382}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)

==================== Restore Points =========================

05-01-2023 10:30:01 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2023 02:27:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 02:27:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 02:27:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 02:27:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 02:27:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 02:26:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 02:26:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/05/2023 02:26:00 PM) (Source: ESENT) (EventID: 483) (User: )
Description: svchost (4080,P,98) SRUJet: Pokus o vytvoření složky C:\WINDOWS\system32\SRU\ selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření složky selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Diagnostics HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Epson Scanner Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Network HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Reimage Real Time Protector byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/05/2023 02:22:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AOMEI Backupper Scheduler Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2023-01-05 14:01:43
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Vigorf.A&threatid=2147714397&enterprise=0
Název: HackTool:Win32/Vigorf.A
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\INSTALPRAC\SYSTEM\All activation\Activators\GUI MBR SLIC Loader 0.621 by DDDC v1.2 by Kolizey\SLIC_ToolKit_V3.2\SLIC_ToolKit_V3.2.EXE
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Program Files\Beyond Compare 4\BCompare.exe
Verze bezpečnostních informací: AV: 1.381.1761.0, AS: 1.381.1761.0, NIS: 1.381.1761.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 14:01:41
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS.I!MTB&threatid=2147743522&enterprise=0
Název: HackTool:MSIL/AutoKMS.I!MTB
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\INSTALPRAC\SYSTEM\Aktivátor Windows a MS Office\KMSAutoEasy EN.exe; file:_E:\INSTALPRAC\SYSTEM\Aktivátor Windows a MS Office\TunMirror.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Program Files\Beyond Compare 4\BCompare.exe
Verze bezpečnostních informací: AV: 1.381.1761.0, AS: 1.381.1761.0, NIS: 1.381.1761.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 14:01:38
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS.I!MTB&threatid=2147743522&enterprise=0
Název: HackTool:MSIL/AutoKMS.I!MTB
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_E:\INSTALPRAC\SYSTEM\Aktivátor Windows a MS Office\KMSAutoEasy EN.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Program Files\Beyond Compare 4\BCompare.exe
Verze bezpečnostních informací: AV: 1.381.1761.0, AS: 1.381.1761.0, NIS: 1.381.1761.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 13:57:30
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0
Název: Trojan:Win32/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\INSTALPRAC\POMOCSYS\SpyBot Search & Destroy\2.9.82\Patch\patch.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Program Files\Beyond Compare 4\BCompare.exe
Verze bezpečnostních informací: AV: 1.381.1761.0, AS: 1.381.1761.0, NIS: 1.381.1761.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-01-05 13:56:00
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Vigorf.A&threatid=2147714384&enterprise=0
Název: Trojan:Win32/Vigorf.A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\INSTALPRAC\POMOCSYS\AbbasPC.Net_Beyond Compare 4.3.7.25118\Keygen-ZWT.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1TH6EDE\jtrac
Název procesu: C:\Program Files\Beyond Compare 4\BCompare.exe
Verze bezpečnostních informací: AV: 1.381.1761.0, AS: 1.381.1761.0, NIS: 1.381.1761.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
﻿Event[0]:

Date: 2022-11-28 13:07:30
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack.G!MSR&threatid=2147762519&enterprise=0
Název: HackTool:Win32/Crack.G!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_G:\INSTALPRAC\SYSTEM\Acronis True Image 2019 23.4.1 build 14690 Final\Activation\ActivationAcronisTI(H).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: D:\INSTALPRAC\POMOCSYS\Beyond Compare 4.3.4\Portable\App\BCompare\BCompare.exe
Akce: Karanténa
Stav akce:  No additional actions required
Kód chyby: 0x80070015
Popis chyby: Zařízení není připraveno. 
Verze bezpečnostních informací: AV: 1.379.1077.0, AS: 1.379.1077.0, NIS: 1.379.1077.0
Verze modulu: AM: 1.1.19800.4, NIS: 1.1.19800.4

CodeIntegrity:
===============
Date: 2023-01-05 10:02:15
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: Hewlett-Packard L01 v02.33 07/15/2014
Motherboard: Hewlett-Packard 1998
Processor: Intel(R) Core(TM) i5-4670 CPU @ 3.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8103.52 MB
Available physical RAM: 3976.97 MB
Total Virtual: 16295.52 MB
Available Virtual: 12158.24 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:237.34 GB) (Free:167.59 GB) (Model: SanDisk SD8SB8U256G1122) NTFS
Drive d: (PRACKAV) (Fixed) (Total:2794.5 GB) (Free:2443.29 GB) (Model: TOSHIBA HDWD130) NTFS
Drive e: (VERBATIM_CESTOV) (Fixed) (Total:1863.01 GB) (Free:343.82 GB) (Model: TOSHIBA MQ04ABD200 USB Device) NTFS

\\?\Volume{4137a2b2-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:1.13 GB) (Free:0.17 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4137A2B2)
Partition 1: (Active) - (Size=1.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 31638EEF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================