Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2020
Ran by Turtel437 (09-09-2020 20:11:40)
Running from C:\Users\Turtel437\Downloads
Windows Server 2019 Essentials Version 1809 17763.1457 (X64) (2020-06-02 09:03:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-736157781-1329237808-919620891-1006 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-736157781-1329237808-919620891-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-736157781-1329237808-919620891-503 - Limited - Disabled)
Guest (S-1-5-21-736157781-1329237808-919620891-501 - Limited - Disabled)
Kubek (S-1-5-21-736157781-1329237808-919620891-1005 - Limited - Enabled) => C:\Users\Kubek
Stormware (S-1-5-21-736157781-1329237808-919620891-1001 - Administrator - Enabled) => C:\Users\Stormware
Turtel437 (S-1-5-21-736157781-1329237808-919620891-1002 - Administrator - Enabled) => C:\Users\Turtel437
WDAGUtilityAccount (S-1-5-21-736157781-1329237808-919620891-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Broadcom Drivers and Management Applications (HKLM\...\{4B3B7115-3942-4DCC-A8E4-42995C76D044}) (Version: 216.0.4.2 - Broadcom Corporation)
Browser for SQL Server 2019 (HKLM-x32\...\{5E366957-8D78-4BB5-A790-96F97A9766BD}) (Version: 15.0.2000.5 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 85.0.5675.86 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Dell EMC OpenManage Systems Management Software (64-Bit) (HKLM\...\{EAD64C1A-88C0-43C9-874F-E49D2F7A2514}) (Version: 9.4.0 - Dell Inc.)
Dell EMC SupportAssist Enterprise (HKLM\...\{C91A5119-D1B4-437D-9502-E72EA9D8EA63}) (Version: 2.0.50.32 - Dell EMC)
DELL EMC System Update (HKLM\...\{A56F372D-1C13-4F2B-8D85-28B6EC0E2BB4}) (Version: 1.8.0 - Dell, Inc.)
Dell SupportAssist (HKLM\...\{57CBE96A-3AA5-4421-A87C-6C6C3B6C5ECA}) (Version: 3.6.0.97 - Dell Inc.)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
ESET File Security (HKLM\...\{1B437ACE-5403-45B0-AD06-1F259B9EC9B2}) (Version: 7.1.12010.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hotfix 4033 for SQL Server 2019 (KB4548597) (64-bit) (HKLM\...\KB4548597) (Version: 15.0.4033.1 - Microsoft Corporation)
Integration Services (HKLM-x32\...\{51883D17-F2BD-4CBC-825E-867A13E1E3BB}) (Version: 15.0.2000.92 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{f3b1c211-1159-4262-bb97-84150cda9096}) (Version: 10.1.18243.8188 - Intel(R) Corporation)
Kaspersky Anti-Ransomware Tool for Business (HKLM-x32\...\{166AE239-F67B-45BA-A647-3B55A7EE5D1D}) (Version: 3.0.1.2058 - Kaspersky Lab)
Matrox Graphics Software (remove only) (HKLM-x32\...\Matrox Vista Driver Uninstaller) (Version: 4.4.1.3 - Matrox Graphics Inc.)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{E36FFC78-D25E-4962-872B-9CE0E50E62CD}) (Version: 17.5.1.1 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{74A97B61-DE37-40DF-9E00-B302E5D3C4CE}) (Version: 18.3.0.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation)
Microsoft SQL Server 2019 Setup (English) (HKLM\...\{4DABAEE3-3EDB-4908-B7FB-6C0080708E4A}) (Version: 15.0.4033.1 - Microsoft Corporation)
Microsoft SQL Server 2019 T-SQL Language Service (HKLM\...\{31D27B41-A051-49D8-907A-62E0F4A2188C}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.5.1 (HKLM-x32\...\{819022b1-484d-41b2-8972-dbb375fd4f07}) (Version: 15.0.18333.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27029 (HKLM-x32\...\{64ff2cb0-807c-4ee9-87ef-ec1b2ede0daf}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27029 (HKLM-x32\...\{f50edb7e-c25e-47b4-bc4f-7ec4a4d256b1}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation)
OpenOffice 4.1.7 (HKLM-x32\...\{0DF1E791-63F3-491F-BE56-3013DEDC03B9}) (Version: 4.17.9800 - Apache Software Foundation)
Pantum M7100DW Series (HKLM\...\Pantum M7100DW Series) (Version: 5.1.1.23 - Zhuhai Pantum Electronics Co.,Ltd.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Python 3.7.7 (64-bit) (HKU\S-1-5-21-736157781-1329237808-919620891-1002\...\{6b043b92-4219-49e9-98cb-80558c6db697}) (Version: 3.7.7150.0 - Python Software Foundation)
Python 3.7.7 Core Interpreter (64-bit) (HKLM\...\{9BE0AC23-0551-4755-94A3-F4D377E3CF16}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Development Libraries (64-bit) (HKLM\...\{937814BD-E132-48AA-95BF-1DA243130C61}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Documentation (64-bit) (HKLM\...\{9EED2F05-DE91-4CE8-B562-AB64115D2CD5}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Executables (64-bit) (HKLM\...\{60776648-6B18-47AC-AAA3-0C0DCFC28F26}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 pip Bootstrap (64-bit) (HKLM\...\{DE9BCC96-48C4-4275-A383-C49B3957A617}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Standard Library (64-bit) (HKLM\...\{5F12F065-8081-4D3A-B4B1-9A90953CE8CF}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Tcl/Tk Support (64-bit) (HKLM\...\{F21D9D7C-3E98-4CF3-B450-30F794588EA7}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Test Suite (64-bit) (HKLM\...\{40D70865-BA27-44B6-AA5C-2215098AEA50}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python 3.7.7 Utility Scripts (64-bit) (HKLM\...\{3B826D9B-4141-455E-967A-B0984088BC2E}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{06667732-CFB4-44B1-86AF-D7FDF9962B84}) (Version: 3.7.7008.0 - Python Software Foundation)
SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{E3E84B2C-FCF6-469F-9FE7-5E8934DB69AD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{83660798-3DA3-4197-B48A-D2F6FC52CCF5}) (Version: 15.0.18333.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{88B2AD79-69CF-486A-A778-BB4D1A1245BC}) (Version: 15.0.18333.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{716FFA4B-418E-461E-B49D-F18A7673B522}) (Version: 15.0.18333.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{5B1F6B58-4DC3-44CD-B9C7-AF7CD68A14C7}) (Version: 15.0.18333.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{519E7EBD-C514-4104-B205-574E7E6039DE}) (Version: 15.0.18333.0 - Microsoft Corporation) Hidden
STORMWARE POHODA E1 SK Jazz (HKLM-x32\...\{0D7B87F3-122F-4B70-86F2-CD26DCDB3003}) (Version: 12500.192 - STORMWARE)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
WinSCP 5.17.6 (HKLM-x32\...\winscp3_is1) (Version: 5.17.6 - Martin Prikryl)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-03-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-03-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-03-26] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Turtel437\Desktop\zasoby.lnk -> C:\ScriptPohoda\zasoby.bat ()
ShortcutWithArgument: C:\Users\Public\Desktop\SupportAssist Enterprise.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /c "start hxxp://localhost:9099/SupportAssist/resx/login.jsp"
==================== Loaded Modules (Whitelisted) =============
2019-12-25 08:47 - 2019-12-25 08:47 - 000837144 _____ (Avago Technologies U.S. Inc -> Avago Technologies) [File not signed] C:\Program Files\Dell\SysMgt\sm\storelibir-3.dll
2019-12-25 08:47 - 2019-12-25 08:47 - 000790880 _____ (Avago Technologies U.S. Inc. -> Avago Technologies) [File not signed] C:\Program Files\Dell\SysMgt\sm\storelibit.dll
2019-12-25 08:47 - 2019-12-25 08:47 - 000314880 _____ (Avago Technologies) [File not signed] C:\Program Files\Dell\SysMgt\sm\storelib.dll
2014-11-10 02:25 - 2014-11-10 02:25 - 000816128 _____ (Broadcom Corporation) [File not signed] C:\Program Files\Dell\SysMgt\shared\bin\bmapia.dll
2020-09-09 18:49 - 2020-09-09 18:49 - 000198144 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Windows\Temp\jna--1929334599\jna168803032843688313.dll
2019-12-25 08:47 - 2019-12-25 08:47 - 000390304 _____ (LSI Corporation -> LSI Corporation) [File not signed] C:\Program Files\Dell\SysMgt\sm\storelibir.dll
2019-12-25 08:47 - 2019-12-25 08:47 - 000576160 _____ (LSI Corporation -> LSI Corporation) [File not signed] C:\Program Files\Dell\SysMgt\sm\storelibir-2.dll
2017-08-03 20:11 - 2017-08-03 20:11 - 000556544 _____ (QLogic Corporation) [File not signed] C:\Program Files\Dell\SysMgt\shared\bin\qlmapia.dll
2020-07-02 10:06 - 2020-07-02 10:06 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:16 - 2020-09-09 18:42 - 000000938 ____R C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-736157781-1329237808-919620891-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-736157781-1329237808-919620891-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-736157781-1329237808-919620891-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-736157781-1329237808-919620891-500\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-80-957441422-1458543631-4002447012-1271817580-1826578072\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.35.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SLBM-MUX-IN-TCP] => (Allow) %SystemRoot%\system32\MuxSvcHost.exe => No File
FirewallRules: [ComPlusRemoteAdministration-DCOM-In] => (Allow) C:\Windows\system32\dllhost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WindowsServerBackup-wbengine-In-TCP-NoScope] => (Allow) C:\Windows\system32\wbengine.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E21871C2-BFC8-43F1-9B54-A187A576C181}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{7F7D6A06-27FC-4784-BBB0-E3DA7E8A7D7B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{E8E0209E-DF19-4F44-83B5-3A7F89E60469}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{7F38F334-E157-434F-884B-5E56328F1164}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{E73F3F48-852C-4F26-B7C0-4CF2FB7A36F3}] => (Allow) D:\PohodaE1\Pohoda.exe (STORMWARE s.r.o. -> STORMWARE s.r.o.)
FirewallRules: [{A4443A75-B3B9-4A17-9B6C-D3F14D38D370}] => (Allow) D:\PohodaE1\Pohoda.exe (STORMWARE s.r.o. -> STORMWARE s.r.o.)
FirewallRules: [{C442893D-F717-425F-9301-51E73E537E09}] => (Allow) LPort=1433
FirewallRules: [{3CB8C16D-857E-42FA-922E-E0915F9D84AD}] => (Allow) LPort=1111
FirewallRules: [{75D06345-812A-4538-9211-9F3722319130}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{968D3C13-41FA-476C-BBD4-1360FAE84056}] => (Allow) LPort=1346
FirewallRules: [{D9CFAC0B-AD19-432D-8606-9D6FDAA87025}] => (Allow) LPort=1344
FirewallRules: [{11CC6867-D844-40AB-A7B5-8A8413046B01}] => (Allow) LPort=1345
FirewallRules: [{341C5469-69E3-47EE-B75D-13E383E7B776}] => (Allow) LPort=1347
FirewallRules: [{21BB7E91-1A1C-490D-89C2-045694B3ECBB}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security 10.1 for Windows Server\kavfsgt.exe => No File
FirewallRules: [{9D950335-F3AE-4D27-8C09-7804DB37DF00}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security 10.1 for Windows Server\kavfsgt.exe => No File
FirewallRules: [{2DDE56AC-8952-4F5E-AA3C-D74ACF0BDB53}] => (Allow) LPort=15000
FirewallRules: [{A9C3192D-28A8-4E49-AFF4-ABE9B8A1B305}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:114.4 GB) (Free:69.32 GB) (61%)
Check "VSS" service
==================== Faulty Device Manager Devices ============
Name: Intel(R) USB 3.1 eXtensible Host Controller - 1.10 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: HL-DT-ST DVD+-RW GU90N
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/09/2020 06:47:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: hhctrl.ocx_unloaded, version: 10.0.17763.475, time stamp: 0x20226a0f
Exception code: 0xc0000005
Fault offset: 0x000262f4
Faulting process id: 0x1250
Faulting application start time: 0x01d686c8dae7c413
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: hhctrl.ocx
Report Id: 85ba0365-1929-459c-9da0-092ac8f75bdd
Faulting package full name:
Faulting package-relative application ID:
Error: (09/09/2020 06:47:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x1250
Faulting application start time: 0x01d686c8dae7c413
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 37dfb450-94df-44ff-93a7-af1869daa118
Faulting package full name:
Faulting package-relative application ID:
Error: (09/09/2020 06:47:08 PM) (Source: Spybot Auto Update) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/09/2020 06:40:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: hhctrl.ocx_unloaded, version: 10.0.17763.475, time stamp: 0x20226a0f
Exception code: 0xc0000005
Fault offset: 0x000262f4
Faulting process id: 0x2360
Faulting application start time: 0x01d686c7e6c846d8
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: hhctrl.ocx
Report Id: 2f06bc65-3377-4424-92af-a551ea797f19
Faulting package full name:
Faulting package-relative application ID:
Error: (09/09/2020 06:40:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x2360
Faulting application start time: 0x01d686c7e6c846d8
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 10295d0b-bb92-477e-833c-2e61bd5a346c
Faulting package full name:
Faulting package-relative application ID:
Error: (09/09/2020 06:40:18 PM) (Source: Spybot Auto Update) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/09/2020 06:37:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: hhctrl.ocx_unloaded, version: 10.0.17763.475, time stamp: 0x20226a0f
Exception code: 0xc0000005
Fault offset: 0x000262f4
Faulting process id: 0x2f34
Faulting application start time: 0x01d686c77546e7c8
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: hhctrl.ocx
Report Id: 7171c2f1-9f25-4f5f-8dee-ea5feebefca8
Faulting package full name:
Faulting package-relative application ID:
Error: (09/09/2020 06:37:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Faulting module name: SDUpdate.exe, version: 2.8.68.100, time stamp: 0x5ea5e0d1
Exception code: 0xc0000005
Fault offset: 0x00005c92
Faulting process id: 0x2f34
Faulting application start time: 0x01d686c77546e7c8
Faulting application path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Faulting module path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Report Id: 02c49864-363c-48f3-a139-1e4a258bd899
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (09/09/2020 07:57:41 PM) (Source: DCOM) (EventID: 10016) (User: POLOM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user POLOM\Turtel437 SID (S-1-5-21-736157781-1329237808-919620891-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/09/2020 07:41:11 PM) (Source: DCOM) (EventID: 10016) (User: POLOM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user POLOM\Turtel437 SID (S-1-5-21-736157781-1329237808-919620891-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/09/2020 07:27:36 PM) (Source: DCOM) (EventID: 10016) (User: POLOM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user POLOM\Turtel437 SID (S-1-5-21-736157781-1329237808-919620891-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/09/2020 06:57:52 PM) (Source: DCOM) (EventID: 10016) (User: POLOM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user POLOM\Turtel437 SID (S-1-5-21-736157781-1329237808-919620891-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/09/2020 06:57:14 PM) (Source: DCOM) (EventID: 10016) (User: POLOM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user POLOM\Turtel437 SID (S-1-5-21-736157781-1329237808-919620891-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/09/2020 06:53:45 PM) (Source: DCOM) (EventID: 10016) (User: POLOM)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user POLOM\Turtel437 SID (S-1-5-21-736157781-1329237808-919620891-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/09/2020 06:52:42 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: Unable to bind to the underlying transport for [::]:5700. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
Error: (09/09/2020 06:49:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AntiRansom4 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Windows Defender:
===================================
Date: 2020-09-09 17:33:37.551
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:MSIL/CoinMiner!MTB
ID: 2147763432
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\DATA\SqlManagement\SqlManagement.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\Binn\sqlservr.exe
Signature Version: AV: 1.323.819.0, AS: 1.323.819.0, NIS: 1.323.819.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 17:32:59.459
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:MSIL/CoinMiner!MTB
ID: 2147763432
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\DATA\SqlManagement\SqlManagement.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\Binn\sqlservr.exe
Signature Version: AV: 1.323.819.0, AS: 1.323.819.0, NIS: 1.323.819.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 17:32:37.218
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:MSIL/CoinMiner!MTB
ID: 2147763432
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\DATA\SqlManagement\SqlManagement.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\Binn\sqlservr.exe
Signature Version: AV: 1.323.819.0, AS: 1.323.819.0, NIS: 1.323.819.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 17:31:36.899
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:MSIL/CoinMiner!MTB
ID: 2147763432
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\DATA\SqlManagement\SqlManagement.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\Binn\sqlservr.exe
Signature Version: AV: 1.323.819.0, AS: 1.323.819.0, NIS: 1.323.819.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 17:30:59.165
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:MSIL/CoinMiner!MTB
ID: 2147763432
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\DATA\SqlManagement\SqlManagement.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Microsoft SQL Server\MSSQL15.POHODA\MSSQL\Binn\sqlservr.exe
Signature Version: AV: 1.323.819.0, AS: 1.323.819.0, NIS: 1.323.819.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 12:15:37.355
Description:
Windows Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software.
For more information please see the following:
Name: Virus:VBS/Ramnit.gen!C
ID: 2147651565
Severity: Severe
Category: Virus
Path: containerfile:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA; file:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA->(GZip)->(UTF-8)
Detection Origin: Local machine
Detection Type: Generic
Detection Source: System
Process Name: Unknown
Action: Clean
Action Status: No additional actions required
Error Code: 0x8007065b
Error description: Function failed during execution.
Signature Version: AV: 1.323.780.0, AS: 1.323.780.0, NIS: 1.323.780.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 12:07:31.312
Description:
Windows Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software.
For more information please see the following:
Name: Virus:VBS/Ramnit.gen!C
ID: 2147651565
Severity: Severe
Category: Virus
Path: containerfile:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA; file:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA->(GZip)->(UTF-8)
Detection Origin: Local machine
Detection Type: Generic
Detection Source: System
Process Name: Unknown
Action: Clean
Action Status: No additional actions required
Error Code: 0x8007065b
Error description: Function failed during execution.
Signature Version: AV: 1.323.780.0, AS: 1.323.780.0, NIS: 1.323.780.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 11:57:04.425
Description:
Windows Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software.
For more information please see the following:
Name: Virus:VBS/Ramnit.gen!C
ID: 2147651565
Severity: Severe
Category: Virus
Path: containerfile:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA; file:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA->(GZip)->(UTF-8)
Detection Origin: Local machine
Detection Type: Generic
Detection Source: System
Process Name: Unknown
Action: Clean
Action Status: No additional actions required
Error Code: 0x8007065b
Error description: Function failed during execution.
Signature Version: AV: 1.323.780.0, AS: 1.323.780.0, NIS: 1.323.780.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 11:56:39.428
Description:
Windows Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software.
For more information please see the following:
Name: Virus:VBS/Ramnit.gen!C
ID: 2147651565
Severity: Severe
Category: Virus
Path: containerfile:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA; file:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA->(GZip)->(UTF-8)
Detection Origin: Local machine
Detection Type: Generic
Detection Source: System
Process Name: Unknown
Action: Clean
Action Status: No additional actions required
Error Code: 0x8007065b
Error description: Function failed during execution.
Signature Version: AV: 1.323.780.0, AS: 1.323.780.0, NIS: 1.323.780.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
Date: 2020-09-09 11:56:00.603
Description:
Windows Defender Antivirus has encountered a critical error when taking action on malware or other potentially unwanted software.
For more information please see the following:
Name: Virus:VBS/Ramnit.gen!C
ID: 2147651565
Severity: Severe
Category: Virus
Path: containerfile:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA; file:_C:\Users\Turtel437\AppData\Local\Mozilla\Firefox\Profiles\i93fcehp.default-release\cache2\entries\12D1B97554026F7F055EB19389399BA680BC4DBA->(GZip)->(UTF-8)
Detection Origin: Local machine
Detection Type: Generic
Detection Source: User
Process Name: Unknown
Action: Clean
Action Status: No additional actions required
Error Code: 0x8007065b
Error description: Function failed during execution.
Signature Version: AV: 1.323.780.0, AS: 1.323.780.0, NIS: 1.323.780.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
CodeIntegrity:
===================================
Date: 2020-09-09 19:52:27.462
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\sqlncli11.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-09 19:22:27.452
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\sqlncli11.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-09 18:52:27.439
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\sqlncli11.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-09 18:49:28.032
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\sqlncli11.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-09 18:43:27.729
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\sqlncli11.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-09 18:13:27.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\sqlncli11.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-09 17:47:57.835
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\klbackupdisk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-09-09 17:47:57.834
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\kl1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. 2.3.5 09/27/2018
Motherboard: Dell Inc. 00RG5V
Processor: Intel(R) Xeon(R) E-2134 CPU @ 3.50GHz
Percentage of memory in use: 66%
Total physical RAM: 16098.62 MB
Available physical RAM: 5381.8 MB
Total Virtual: 18530.62 MB
Available Virtual: 7911.63 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:114.4 GB) (Free:69.32 GB) NTFS
Drive d: (DATA1) (Fixed) (Total:108.51 GB) (Free:75.71 GB) NTFS
Drive e: (DATA2) (Fixed) (Total:542.53 GB) (Free:509.11 GB) NTFS
Drive f: (DATA3) (Fixed) (Total:994.95 GB) (Free:994.69 GB) NTFS
Drive g: (DATA4) (Fixed) (Total:325.52 GB) (Free:325.32 GB) NTFS
\\?\Volume{43cf4b5f-976c-4b84-80f0-e847357b2d0d}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{153c8ccc-4e61-4339-89c0-32a55d011914}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================