Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-12-2020
Ran by rluci (12-12-2020 18:42:46)
Running from C:\Users\rluci\Downloads
Windows 10 Pro Version 2004 19041.685 (X64) (2020-08-23 07:29:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1971311988-3073939653-1663255489-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1971311988-3073939653-1663255489-503 - Limited - Disabled)
Guest (S-1-5-21-1971311988-3073939653-1663255489-501 - Limited - Disabled)
rluci (S-1-5-21-1971311988-3073939653-1663255489-1001 - Administrator - Enabled) => C:\Users\rluci
WDAGUtilityAccount (S-1-5-21-1971311988-3073939653-1663255489-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Disabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
COMODO Antivirus (HKLM\...\{693F782C-8D75-4029-B003-BBA5AF2C0726}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.215 - ALPSALPINE CO., LTD.)
eM Client (HKLM-x32\...\{3D529DE7-1FC9-4225-B21F-754706DDEBEE}) (Version: 8.0.3385.0 - eM Client Inc.)
Flexibooks 4.6.1 (64 bit) (HKLM\...\{D36F5D15-E633-45E7-803B-4FC66F183092}) (Version: 4.6.1 - Fraus Media s.r.o. 2016)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OpenXcom 1.0 (HKLM-x32\...\OpenXcom) (Version: 1.0.0.0 - OpenXcom Developers)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.12.1002.1309 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1130.111812 - Razer Inc.)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
RogueKiller version 14.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Packages:
=========
App for Instagram: View, Upload Photo -> C:\Program Files\WindowsApps\57868Codaapp.UploadforInstagram_1.2.2.0_x64__4bn2s5v6tep1y [2019-08-30] (Codaapp)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-27] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1910.3.0_x86__kgqvnymyfvs32 [2020-12-04] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_10.0.5.0_x86__m9bz608c1b9ra [2020-11-09] (Nordcurrent)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1535.0_x64__8wekyb3d8bbwe [2020-11-01] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-23] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0 [2020-11-30] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1971311988-3073939653-1663255489-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\rluci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-10-29 03:26 - 2020-10-29 03:26 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2020-10-29 03:26 - 2020-10-29 03:26 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2019-04-11 18:42 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1971311988-3073939653-1663255489-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL =
hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1971311988-3073939653-1663255489-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL =
hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-04-11 18:07 - 2020-12-12 17:12 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rluci\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 93.91.240.101 - 93.91.240.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1971311988-3073939653-1663255489-1001\...\StartupApproved\Run: => "eM Client"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5B2F03ED-62AD-47AC-9C9C-B32F4FE0D116}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kami\Spiritfarer.exe () [File not signed]
FirewallRules: [{E23A1273-BE14-4B57-94F5-5409B80BF3C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kami\Spiritfarer.exe () [File not signed]
FirewallRules: [{6116C299-C94C-4060-8213-2806EE5CC62E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{691C6F91-6721-451A-B09A-99BF95E927E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{0F7C9696-7364-4BAE-8345-2E7737A1F50F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{C1BC2490-9464-4180-9CD8-E18801FA3812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{B7A18145-B87A-4D50-AD48-6E9A6965B8E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{3475F50F-4AD7-44D7-850F-593D715B15B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Sims 3\Game\Bin\Sims3Launcher.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{342B8EDF-2517-4E57-96C4-972B1EE4614B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{395C6387-D87F-4070-BDEA-659C7B791845}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{713D6E70-B063-4B8D-A3D6-B1D860FCB12C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{CABF6577-46CF-4B89-86D0-3ABF533592B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B05FBFD1-9A50-4CD7-9C83-C7F7BB36CB57}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{0636400F-AF0F-4F99-BCE1-86EDFE884FF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{C0CE41A3-689C-40D0-992C-224E5207F230}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{E7DFD056-72EE-4B68-B122-08CD107C1350}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D9AA632B-9AAB-4DFF-BA42-989FDDFD1273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{CF874547-C94E-46CE-901A-5F7BF9B74756}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{CB78EB95-03F4-4D04-8DA1-5344F677508F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{9A519F14-BF3D-43B3-9269-1FF1A9ADC857}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{3AFE551E-6CBF-435A-88F5-7722B7364F21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{A6B574D4-DA72-47CD-BBAA-69269F3AA7DC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F6BE0329-945C-4D40-8C79-2F572BE485E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1423F01A-263B-4BFE-BED8-B7D89C455483}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96DB7A3B-102B-4453-9916-44CF34505D0C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6FA628E-D0DE-466E-8F1A-668F8458F76E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{219DB366-CC97-4DD1-B744-C5B9B09FC061}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3572A214-BE5F-46D7-89B9-21185C583299}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{51256812-D40D-4B03-A6AF-2B59D3F8F621}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{327194FA-DC6D-442B-AA41-D6FB047B8AA9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6EDAC312-4CA5-49F6-946B-8C04B77EF0B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6228AE5D-DAED-47A9-BC22-FEB9740166F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5AE7F16B-927D-476F-957C-716AA2750A13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1B34ECA-562E-4215-A98D-2642C442DD0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64220E73-1A09-4F49-A17D-560A27F3A0D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{EDC0FD19-C341-484B-AEE6-3AD9529EF329}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{82B4CE09-6EF9-4C6C-BBB9-C6140D304224}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F512203D-7B6C-4800-B40D-F36824C44601}C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4EF44DE5-D334-46A9-8DA5-ABAF5F69BBD4}C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\rluci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA53684E-C80B-4BDA-BAA3-1DF387ED54CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09793FCC-289A-4B9D-8445-1857026EE081}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0E192F3-50EA-4D98-A75F-3CF5383918B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E7390E2-85F3-4252-AB82-BFBB59C95F08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A942CC4-6F07-4693-A438-BB696AB8E56A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7E982A18-6C66-4E0B-AE87-42A491D31786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02732587-3EDE-455C-9F82-8667CE9E5967}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAA7477E-FA9E-41FE-BB70-CB83555367DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D3F4597-937E-4B02-BFAE-CCBCB5025CDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5C807B5-272D-44E5-ADB4-D8E7436D27FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{694EE39C-D2DE-4EB8-BAF6-90F137971B94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{596C6977-5870-4E93-90FB-38841AF26C2B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.147.684.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
10-12-2020 20:20:06 End of disinfection
11-12-2020 16:55:20 JRT Pre-Junkware Removal
12-12-2020 18:30:19 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/12/2020 05:44:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AntiMalware.exe, verze: 3.2.27.0, časové razítko: 0x5f21537e
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x5f641e44
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6ac3
ID chybujícího procesu: 0x2874
Čas spuštění chybující aplikace: 0x01d6d0a5e124dccc
Cesta k chybující aplikaci: C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: d8393f23-5345-49c7-a3c7-5f80dfb523ae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2020 05:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.662, časové razítko: 0x996782f8
Název chybujícího modulu: Explorer.EXE, verze: 10.0.19041.662, časové razítko: 0x996782f8
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001a830b
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d6d0a587bf080c
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\Explorer.EXE
ID zprávy: 8c521d8e-b544-4ae5-b196-b65fee570504
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2020 05:12:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002d759
ID chybujícího procesu: 0x924
Čas spuštění chybující aplikace: 0x01d6d0a190f4af94
Cesta k chybující aplikaci: C:\Users\rluci\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 902d5e93-221a-43b4-8a61-075cfdf3f954
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/12/2020 05:12:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])
Error: (12/12/2020 05:12:18 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\wbem\wmiprvse.exe; Popis = zoek.exe restore point; Chyba = 0x8007043c).
Error: (12/12/2020 05:08:45 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/12/2020 10:56:56 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (12/11/2020 04:59:00 PM) (Source: MsiInstaller) (EventID: 11606) (User: DELL-LUCIE)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
System errors:
=============
Error: (12/12/2020 05:40:01 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (12/12/2020 05:40:01 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
Error: (12/12/2020 05:40:01 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (12/12/2020 05:40:00 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (12/12/2020 05:39:53 PM) (Source: DCOM) (EventID: 10005) (User: DELL-LUCIE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby netprofm s argumenty Není k dispozici za účelem spuštění serveru:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Windows Defender:
===================================
Date: 2020-11-19 17:58:23.1810000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-11-19 17:58:23.1800000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-11-19 17:58:23.1800000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-11-19 17:58:23.1710000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2020-11-19 17:58:23.1710000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.826.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===================================
Date: 2020-12-12 18:30:46.7420000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-12 18:30:46.6960000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-12 18:30:41.1990000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-12 18:22:45.1180000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-12 18:09:41.6760000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-12 17:55:33.8320000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-12 17:44:01.0890000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-12 17:42:43.8800000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. A24 02/01/2018
Motherboard: Dell Inc. 0PXPYJ
Processor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
Percentage of memory in use: 46%
Total physical RAM: 8097.09 MB
Available physical RAM: 4330.71 MB
Total Virtual: 10145.09 MB
Available Virtual: 6096.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.32 GB) (Free:354 GB) NTFS
\\?\Volume{8b58cccd-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{8b58cccd-0000-0000-0000-801a77000000}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 8B58CCCD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=535 MB) - (Type=27)
==================== End of Addition.txt =======================