Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021
Ran by wadmin (01-04-2021 14:03:07)
Running from C:\Users\wadmin\Downloads
Windows 10 Home Version 20H2 19042.906 (X64) (2021-03-13 17:28:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-881515810-4021369577-3290217884-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-881515810-4021369577-3290217884-503 - Limited - Disabled)
Guest (S-1-5-21-881515810-4021369577-3290217884-501 - Limited - Disabled)
wadmin (S-1-5-21-881515810-4021369577-3290217884-1001 - Administrator - Enabled) => C:\Users\wadmin
WDAGUtilityAccount (S-1-5-21-881515810-4021369577-3290217884-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Americké/AltGR slovak - Custom (HKLM\...\{9565DDA5-31D5-4DF8-ACCC-AE96B6C396BA}) (Version: 1.0.3.40 - Company)
Balík softvéru eID (HKLM-x32\...\{b0b6d0ff-6512-432a-b667-742f673bbc68}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
D.Launcher (x86) (HKLM-x32\...\{89B7C4D5-23FB-448B-9E0A-683A4C842AC8}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{031978EA-8E98-4AC0-8588-B7AA96FA753D}) (Version: 4.0.23 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{1D5A92D5-3794-4D73-971F-0ED4B92D0999}) (Version: 4.0.17 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{543e4ced-e4c8-4b5d-ae1d-2964a4ec5827}) (Version: 1.0.28 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{59FF6B38-294E-4001-AB13-552A1C10E607}) (Version: 4.0.2033 - DITEC, a.s.)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{4B151E0A-84AA-4F9C-BED0-21EF44CE5879}) (Version: 3.4.0 - Ministerstvo vnútra Slovenskej republiky)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
inSSIDer (HKU\S-1-5-21-881515810-4021369577-3290217884-1001\...\inSSIDer) (Version: 5.4.0 - MetaGeek, LLC)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.36.86 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-881515810-4021369577-3290217884-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NiceHash Miner 3.0.5.6 (only current user) (HKU\S-1-5-21-881515810-4021369577-3290217884-1001\...\8abad8e2-b957-48ed-92ba-4339c2a40e78) (Version: 3.0.5.6 - H-BIT, d.o.o.)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Grafický ovládač 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)

Packages:
=========
Bang ＆ Olufsen Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.15.226.0_x64__v10z8vjag6ke6 [2021-03-13] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-17] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-13] (NVIDIA Corp.)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-03-27] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-01] (Spotify AB) [Startup Task]
Thunderbolt Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.30.0_x64__8j3eq9eme6ctt [2021-03-13] (INTEL CORP)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_90e7fc0ae28339a2\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\wadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Easy Viewer.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc
ShortcutWithArgument: C:\Users\wadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Floating for YouTube™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel
ShortcutWithArgument: C:\Users\wadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Postman.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop

==================== Loaded Modules (Whitelisted) =============

2018-03-19 14:12 - 2018-03-19 14:12 - 000113678 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libgcc_s_dw2-1.dll
2018-03-19 14:12 - 2018-03-19 14:12 - 001542158 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libstdc++-6.dll
2019-02-11 19:20 - 2019-02-11 19:20 - 000038912 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_date_time-vc100-mt-1_49.dll
2019-02-11 19:20 - 2019-02-11 19:20 - 000140288 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_filesystem-vc100-mt-1_49.dll
2019-02-11 19:20 - 2019-02-11 19:20 - 000592896 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_log-vc100-mt-1_49.dll
2019-02-11 19:20 - 2019-02-11 19:20 - 000240128 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_serialization-vc100-mt-1_49.dll
2019-02-11 19:20 - 2019-02-11 19:20 - 000015360 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_system-vc100-mt-1_49.dll
2019-02-11 19:20 - 2019-02-11 19:20 - 000047616 _____ () [File not signed] C:\Program Files (x86)\EAC MW klient\boost_thread-vc100-mt-1_49.dll
2018-04-26 09:57 - 2018-04-26 09:57 - 001888256 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EAC MW klient\xerces-c_3_1.dll
2018-10-27 21:24 - 2018-10-27 21:24 - 000007680 _____ (Company) [File not signed] C:\Windows\system32\Layout01.dll
2021-03-13 19:46 - 2021-03-13 19:48 - 042499072 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.dll
2018-03-19 14:12 - 2018-03-19 14:12 - 000047104 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libwinpthread-1.dll
2019-11-14 12:23 - 2019-11-14 12:23 - 000363008 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files (x86)\EAC MW klient\libcurl.dll
2020-02-23 00:33 - 2020-02-23 00:33 - 002443264 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\libcrypto-1_1.dll
2020-02-23 00:35 - 2020-02-23 00:35 - 000499712 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EAC MW klient\libssl-1_1.dll
2018-09-03 16:31 - 2018-09-03 16:31 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\imageformats\qgif.dll
2018-09-03 16:31 - 2018-09-03 16:31 - 001019904 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\platforms\qwindows.dll
2018-09-03 16:02 - 2018-09-03 16:02 - 004730368 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Core_mw_x86_5.dll
2018-09-03 16:15 - 2018-09-03 16:15 - 005056512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Gui_mw_x86_5.dll
2019-11-15 12:26 - 2019-11-15 12:26 - 000722944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Network_mw_x86_5.dll
2018-09-03 16:45 - 2018-09-03 16:45 - 002609152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Qml_mw_x86_5.dll
2018-09-03 16:54 - 2018-09-03 16:54 - 002747904 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Quick_mw_x86_5.dll
2018-09-03 16:25 - 2018-09-03 16:25 - 004667904 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Widgets_mw_x86_5.dll
2018-09-03 16:05 - 2018-09-03 16:05 - 000155136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\Qt5Xml_mw_x86_5.dll
2018-09-03 17:00 - 2018-09-03 17:00 - 000011264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\QtQuick.2\qtquick2plugin.dll
2019-04-17 16:21 - 2019-04-17 16:21 - 000090624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\EAC MW klient\scenegraph\softwarecontext.dll
2019-07-01 13:51 - 2019-07-01 13:51 - 006623384 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-03-13 20:10 - 2021-03-04 00:55 - 000000867 _____ C:\Windows\system32\drivers\etc\hosts
90.64.245.16 hyperv.pc
90.64.245.16 rsl.pc

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-881515810-4021369577-3290217884-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wadmin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D1C7905A-0B1E-43D5-AC83-D517D9601EDF}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\eda6abd0-94eb-11ea-a64d-17be303ea466\bins\15.2\miniz.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\eda6abd0-94eb-11ea-a64d-17be303ea466\bins\15.2\miniz.exe () [File not signed]
FirewallRules: [UDP Query User{773308E4-71C9-4753-8F71-F114DD550B33}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\eda6abd0-94eb-11ea-a64d-17be303ea466\bins\15.2\miniz.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\eda6abd0-94eb-11ea-a64d-17be303ea466\bins\15.2\miniz.exe () [File not signed]
FirewallRules: [TCP Query User{5FA782FC-CB8C-4284-AA21-A125CD59915B}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\15.4\nanominer-windows-3.2.2-cuda11\nanominer.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\15.4\nanominer-windows-3.2.2-cuda11\nanominer.exe () [File not signed]
FirewallRules: [UDP Query User{CEE684F3-B208-4E77-8663-4A0D7EB94634}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\15.4\nanominer-windows-3.2.2-cuda11\nanominer.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\15.4\nanominer-windows-3.2.2-cuda11\nanominer.exe () [File not signed]
FirewallRules: [TCP Query User{901E94B0-8807-46B8-B2CC-D25EFB59DFC3}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe () [File not signed]
FirewallRules: [UDP Query User{DC79EF12-66BA-40E6-9857-FA6D4CA6F5D5}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe () [File not signed]
FirewallRules: [TCP Query User{A4C98E69-AD76-4D6F-94B2-11FA9492A94F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{2511B63D-FF0E-4A4E-8689-85DDAF5E60B2}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{848E21E1-9402-4489-8CCD-21B6A586B5BD}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe () [File not signed]
FirewallRules: [UDP Query User{875A4A0D-B13B-43EC-87CD-C203F6319227}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe () [File not signed]
FirewallRules: [{A180711D-0921-4945-A215-60E707B3860E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0EC48F2-CA98-4260-BAE8-B2B6288A4998}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{798AE69D-DEA2-4031-8BCB-F78849BB0D11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74DF8487-0107-47BC-A21B-1602BFF031BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DFB5E59-2ED2-4C04-8019-C787001641EE}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{C16BA2BC-086C-4CE9-B524-949F85501566}C:\programdata\logishrd\logioptions\software\8.36.86\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\8.36.86\logioptionsmgr.exe => No File
FirewallRules: [UDP Query User{97E6DC24-5135-4527-A4E1-C392679A261E}C:\programdata\logishrd\logioptions\software\8.36.86\logioptionsmgr.exe] => (Allow) C:\programdata\logishrd\logioptions\software\8.36.86\logioptionsmgr.exe => No File
FirewallRules: [TCP Query User{94A808B9-0829-4529-B785-17F74D223C44}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{DB6099EA-1A71-49EB-9528-53EF9815EF32}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{8156F429-01FE-4198-B83B-92DE3F106B81}C:\users\wadmin\downloads\anydesk.exe] => (Allow) C:\users\wadmin\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{87E78528-CF1F-45A0-9D47-E018F0820290}C:\users\wadmin\downloads\anydesk.exe] => (Allow) C:\users\wadmin\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [TCP Query User{A30446C6-2849-482E-A69D-D002ACA4AF66}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe () [File not signed]
FirewallRules: [UDP Query User{B6CDB44A-14E0-475B-A1FD-374840A520BB}C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe] => (Allow) C:\users\wadmin\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe () [File not signed]
FirewallRules: [{0F7907F5-F55C-4A83-901A-2804A40127C5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{50B525C2-FEC8-44FB-8654-EF487EADC689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52CF3B60-CC57-4C1D-8F04-2A3ED594C330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8680EAC8-0652-44F2-9D2B-997E285ADB12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B96CAF1D-A105-4E57-96AE-D7B8C5E10F09}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF00B328-7376-4FD1-B721-E75AA8CD23F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A715205C-5005-4C77-B0AB-EE8ADDB743D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBF89CD2-7776-4E0F-A381-96DB69F7D4E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{073C0A3F-FB7F-47E1-88EB-A44D8F805815}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

21-03-2021 17:54:47 Balík softvéru eID
26-03-2021 09:28:16 Inštalátor modulov systému Windows
28-03-2021 14:57:29 Installed Americké/AltGR slovak - Custom
30-03-2021 10:42:39 Nainštalovaný GemPcCCID
31-03-2021 11:30:09 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/01/2021 11:17:14 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SPECTRE-WADMIN)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/30/2021 11:31:00 AM) (Source: EID SK Card CSP v2.0) (EventID: 26) (User: )
Description: Event-ID 26

Error: (03/30/2021 10:48:54 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SPECTRE-WADMIN)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/30/2021 09:17:58 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SPECTRE-WADMIN)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/30/2021 01:09:44 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SPECTRE-WADMIN)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (03/30/2021 01:08:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (03/30/2021 01:08:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (03/29/2021 01:57:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: miner.exe, verzia: 0.0.0.0, časová značka: 0x60117948
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.19041.844, časová značka: 0x60a6ca36
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000fef89
Identifikácia chybujúceho procesu: 0x367c
Čas spustenia chybujúcej aplikácie: 0x01d72492a462b628
Cesta chybujúcej aplikácie: C:\Users\wadmin\AppData\Local\Programs\NiceHash Miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.8\miner.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 9c5d00aa-75db-420b-a3d8-c1064db81a70
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (04/01/2021 11:20:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/31/2021 08:04:49 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {45ed6759-65b1-4f57-babf-2c11d1d03a9c}, had event 74

Error: (03/30/2021 07:25:59 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {45ed6759-65b1-4f57-babf-2c11d1d03a9c}, had event 74

Error: (03/30/2021 07:23:38 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: )
Description: 9\_TZ.TZ012021-03-30T17:23:38.9001102Z373

Error: (03/30/2021 07:23:37 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: )
Description: 9\_TZ.TZ012021-03-30T17:23:37.8941865Z373

Error: (03/30/2021 07:23:36 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: NT AUTHORITY)
Description: 9\_TZ.TZ012021-03-30T17:23:36.8631379Z373

Error: (03/30/2021 07:23:36 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: NT AUTHORITY)
Description: 9\_TZ.TZ012021-03-30T17:23:36.2737159Z373

Error: (03/30/2021 07:23:35 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: NT AUTHORITY)
Description: 9\_TZ.TZ012021-03-30T17:23:35.8477563Z373


Windows Defender:
================
Date: 2021-04-01 06:57:18
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-29 22:10:21
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-28 21:44:56
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-26 22:43:24
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-26 11:47:30
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
﻿
CodeIntegrity:
===============
Date: 2021-04-01 13:27:15
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Layout01.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: AMI F.11 02/01/2021
Motherboard: HP 86E7
Processor: Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 16087.66 MB
Available physical RAM: 8083.43 MB
Total Virtual: 39639.66 MB
Available Virtual: 29942.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:944.15 GB) (Free:861.41 GB) NTFS

\\?\Volume{a59cf81b-4e3e-4cc3-bd17-3b7b0aff3f62}\ (zalohasys) (Fixed) (Total:8.3 GB) (Free:3.24 GB) NTFS
\\?\Volume{11696ff1-7bab-43c8-b192-7f1ee8ee4427}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{a5bc5f49-ee2d-4a89-81e5-9738d0da4958}\ () (Fixed) (Total:0.81 GB) (Free:0.1 GB) NTFS
\\?\Volume{999bb056-1e62-482d-971f-4860c947bf68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 3E75BAAA)

Partition: GPT.

==================== End of Addition.txt =======================