Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by admin (14-06-2020 08:14:52)
Running from C:\Users\admin\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-04-11 09:45:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-122242894-4265345237-2629763782-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-122242894-4265345237-2629763782-500 - Administrator - Disabled)
Guest (S-1-5-21-122242894-4265345237-2629763782-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_2) (Version: 15.1.2 - Adobe Systems Incorporated)
Adobe Animate 2019 (HKLM-x32\...\FLPR_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_3) (Version: 10.0.3 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0_2) (Version: 24.0.2 - Adobe Systems Incorporated)
Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_3) (Version: 14.0.3 - Adobe Systems Incorporated)
Adobe InDesign 2020 (HKLM-x32\...\IDSN_15_0_2) (Version: 15.0.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_9) (Version: 20.0.9 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6E93B248-22B6-48B2-A568-2E49C65B2EA4}) (Version: 13.5.0.20 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Axure RP 9 (HKLM-x32\...\{1462429E-8213-408D-B243-2C42B813898F}) (Version: 9.0.0.3665 - Axure Software Solutions, Inc.) Hidden
Axure RP 9 (HKLM-x32\...\{ed10e08f-68d0-42bd-96b0-a259a54f6fc9}) (Version: 9.0.0.3665 - Axure Software Solutions, Inc.)
BleachBit (HKLM-x32\...\BleachBit) (Version: 2.0 - BleachBit)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2540DN series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Brother P-touch Editor 5.2 (HKLM-x32\...\{456127E4-D660-4680-8C96-609AD6C485E2}) (Version: 5.2.0130 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
Dell OS Recovery Tool (HKLM-x32\...\{DC9A5A75-8655-4E1F-B1F0-4D1D8A14BF09}) (Version: 2.3.6066.0 - Dell) Hidden
Dell OS Recovery Tool (HKLM-x32\...\{f0deb949-9f06-446c-8829-e23f999840b8}) (Version: 2.3.6066 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.121 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM\...\{00000060-0200-4FD1-8F3D-148929CC1385}) (Version: 20.60.0 - Intel Corporation)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
iTunes (HKLM\...\{739B363A-A8C1-4D32-843D-07603700D19F}) (Version: 12.10.6.2 - Apple Inc.)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kerio Control VPN Client (HKLM\...\{FC9CF903-C52C-42BE-A8AD-4824EEB90400}) (Version: 9.2.3171 - Kerio Technologies Inc.)
LibreOffice 6.3.6.2 (HKLM\...\{6664E413-D143-48B3-823F-50084561A0B6}) (Version: 6.3.6.2 - The Document Foundation)
Live! Cam Sync HD VF0770 Driver (1.00.02.00) (HKLM\...\Creative VF0770) (Version:  - Creative Technology Ltd.)
Loom 0.37.1 (HKU\S-1-5-21-122242894-4265345237-2629763782-1000\...\{3643b966-bc28-5bc8-95ff-3d47d66438db}) (Version: 0.37.1 - Loom, Inc.)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{C3682243-2218-4F80-A94A-EB0D7B7AF739}) (Version: 11.3.6020.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Mozilla Firefox 77.0 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0 (x64 en-US)) (Version: 77.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
Opera Stable 68.0.3618.125 (HKLM-x32\...\Opera 68.0.3618.125) (Version: 68.0.3618.125 - Opera Software)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
qBittorrent 4.2.2 (HKLM-x32\...\qBittorrent) (Version: 4.2.2 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Seznam prohlížeč (HKU\S-1-5-21-122242894-4265345237-2629763782-1000\...\Seznam Browser) (Version: 6.5.1 - Seznam.cz a.s.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology)
Synology Drive Client (remove only) (HKLM\...\Synology Drive) (Version: 6.0.0.11050 - Synology, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
Telegram Desktop version 1.5.4 (HKU\S-1-5-21-122242894-4265345237-2629763782-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.4 - Telegram Messenger LLP)
Toggl Desktop (HKU\S-1-5-21-122242894-4265345237-2629763782-1000\...\TogglDesktop) (Version:  - Toggl)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
VCDS verze 10.6.4 (HKLM-x32\...\{51970586-34F9-4EF8-A15C-67EB0EC609DA}_is1) (Version: 10.6.4 - Ross-Tech, LLC)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Veeam Agent for Microsoft Windows (HKLM\...\{39C68361-38C1-4528-8064-AA5A182DBE0B}) (Version: 2.0.0.700 - Veeam Software AG)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.22 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Zoom (HKU\S-1-5-21-122242894-4265345237-2629763782-1000\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
ZXPInstaller (HKLM-x32\...\ZXPInstaller) (Version:  - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-122242894-4265345237-2629763782-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-05-12] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1_S-1-5-21-122242894-4265345237-2629763782-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-05-12] () [File not signed]
ContextMenuHandlers1_S-1-5-21-122242894-4265345237-2629763782-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
ContextMenuHandlers6_S-1-5-21-122242894-4265345237-2629763782-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-05-12] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ ( (Microsoft Corporation) [File not signed])  [File is in use ] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-09-16 11:50 - 2019-09-16 11:50 - 000515072 _____ ( (Microsoft Corporation) [File not signed])  [File is in use ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\msvcm80.dll
2018-11-12 13:18 - 2018-11-12 13:18 - 000245760 _____ ( (Microsoft Corporation) [File not signed])  [File is in use ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2018-04-15 12:01 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-04-12 13:02 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000345600 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\fct-qt.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 021790171 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icudt53.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 003506395 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuin53.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 002223218 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuuc53.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000033280 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qgif.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000043008 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qicns.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000032768 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qico.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000507904 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qjp2.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000239104 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qjpeg.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000430080 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qtiff.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000834555 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libcurl-4.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000121524 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libgcc_s_dw2-1.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 003331103 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libsqlite3-0.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 001547595 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libstdc++-6.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000691712 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\platforms\qwindows.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000156160 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\WinCFWrapper.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000124430 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\zlib1.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 001367552 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000198144 _____ () [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\WinCFWrapper.dll
2018-04-15 12:01 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-04-15 12:01 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-04-15 12:01 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-04-15 12:01 - 2014-06-16 16:04 - 000080384 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLEng.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000028672 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Concurrent.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 004620288 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Core.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 003921408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Gui.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 001448448 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Network.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 006133760 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Widgets.dll
2018-04-12 13:22 - 2018-04-30 14:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-16 11:50 - 2019-09-16 11:50 - 001062400 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCP80.dll
2019-09-16 11:50 - 2019-09-16 11:50 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000065629 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libwinpthread-1.dll
2019-02-09 12:55 - 2015-03-25 03:58 - 000180224 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_YLMBPEE.DLL
2020-05-12 16:45 - 2020-05-12 16:45 - 002781303 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\LIBEAY32.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 000809896 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\bin\SSLEAY32.dll
2020-05-12 16:45 - 2020-05-12 16:45 - 002822144 _____ (TODO: <Company name>) [File not signed] C:\Users\admin\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-08-23 11:20 - 000000846 _____ C:\Windows\system32\drivers\etc\hosts
192.168.168.1	gorila

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\UCRT\;C:\Program Files\Intel\UCRT\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\
HKU\S-1-5-21-122242894-4265345237-2629763782-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.168.1 - 192.168.168.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TREZOR Bridge.lnk => C:\Windows\pss\TREZOR Bridge.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TREZOR Bridge.lnk => C:\Windows\pss\TREZOR Bridge.lnk.Startup
MSCONFIG\startupreg: electron.app.Loom => C:\Users\admin\AppData\Local\Programs\Loom\Loom.exe --process-start-args "--loomHidden"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kerio Control VPN Client => "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
MSCONFIG\startupreg: Veeam.EndPoint.Tray.exe => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe -NoControlPanel -CheckNumberOfRunningAgents

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6AA18256-6010-4962-8661-3F18FC07BA3A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B72C5A9B-EF02-4AF5-AC9B-63662D51A23E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{97452E9C-8C74-4344-A8D2-7E5BC0A834D6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{237EE788-B585-49E6-BCC8-3DF9FB136ED8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8AF6E739-7B63-4EA5-9B52-D0C1CBBA4A00}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{90D2C580-EAB7-4AF9-A44A-48261D7B1902}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{95CE5D6A-76BB-46AB-8329-A132D0B641F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A3A1E58-D481-4EA2-8A27-1F1E5C972525}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C14E6F42-6453-458D-B615-E991D797F108}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1BD87CCB-3D6C-4374-A711-EEA45C676E64}] => (Allow) C:\Users\admin\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF5CA59A-D67A-4302-94C3-43B12BDC4E81}] => (Allow) C:\Users\admin\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A8EEC1FD-DF5C-4387-BE80-171316BEFD13}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BD1240B5-A1E0-41FB-9ECC-E833C326B5C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{94B614CA-4546-4624-BE8F-92E4FBC3EB8D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{A63AAE4D-CF1C-4A7E-9848-CC713039D5AD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{7F86CFA0-8AB0-44E9-8964-08E61DD69978}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7850F43B-6F03-42E7-B5D7-9BBBA3AF64C8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CD69B405-B089-4CD7-A9B7-C5E933A383C2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{BC8EBD40-5C68-4761-B6B0-E7D78CA6747F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{3D8E3B54-05F9-4207-BBC2-AE9B85020276}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{944F743B-27A4-4A0E-A586-EC67254FB27C}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{CC038480-A229-42D0-A064-26A71779B2F5}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{2930DD06-96F0-405A-8E0A-2C7201F1424F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{977F7DEB-90F3-4BFE-81D8-BC4E4A8061E3}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{CB434499-A1B8-488D-B17B-E27A2BBB6C41}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [{8D732E21-D976-43DD-99C1-540510D8B166}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software AG -> Veeam Software AG)
FirewallRules: [TCP Query User{26AD7B6B-B750-4BFF-A636-10982A1556DF}C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{15B8823C-51E7-4FE3-8A4D-E69A894187E4}C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [{BB972FF9-81B0-469E-9FE6-FAB0DBC64FE4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FED2F88D-FF79-4F61-9FEE-D41B0DAC6FDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{45668A44-8A42-4190-AC73-FBB71FEBEBE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe (Valve -> )
FirewallRules: [{D5CA5A69-E67E-407C-8145-A23543ED0504}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe (Valve -> )
FirewallRules: [{7A1FBC8A-68AC-471D-ADD9-2EC5E332D479}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{24ED85EA-82A5-435F-8315-6385BC07EE83}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{88806BBD-22DD-4EED-BA15-22406411AA5A}C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{303E75EE-11CC-452B-BE68-1EBCCE2BC17C}C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\admin\appdata\local\synologydrive\synologydrive.app\bin\cloud-drive-connect.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [{4338C014-4DBB-41C1-BEEE-5A8E459D2140}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{30DB92D9-C0E1-4310-9AB3-5B170C74662B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C904FD6B-199F-45BF-9D88-4FBE23259FD1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A1F5DCF9-9CC6-472E-A3FA-7BA42C1D7589}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{238089EE-D828-42A3-8425-FD21364756A0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5BF494D7-AB7E-4E5E-A904-49D345D1551F}] => (Allow) C:\Program Files\Opera\68.0.3618.104\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6D207569-7E86-42DB-9466-40835097472C}] => (Allow) C:\Program Files\Opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1F00EB36-036D-4D44-B9EA-FBA70DD7A1A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D08C4CA-7417-4913-96BC-E06C1172F02B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{76A110F6-6BE0-40ED-B02B-1A80B38A4E4E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{493F576E-C41F-4046-A59A-9CDED1808596}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{81D4924D-BF7E-408F-A956-63A41C5A54C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3131661D-488E-47C2-8A0C-745F7DFB18F4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

11-06-2020 13:01:34 Scheduled Checkpoint
12-06-2020 06:39:01 Windows Update
14-06-2020 03:00:36 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2020 08:09:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18375982

Error: (06/14/2020 08:09:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18375982

Error: (06/14/2020 08:09:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/14/2020 03:00:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19585410

Error: (06/14/2020 03:00:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19585410

Error: (06/14/2020 03:00:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/13/2020 09:33:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1092

Error: (06/13/2020 09:33:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1092


System errors:
=============
Error: (06/13/2020 07:51:55 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (06/12/2020 03:19:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (06/11/2020 01:01:34 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR8.

Error: (06/10/2020 01:00:46 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR6.

Error: (06/10/2020 06:29:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (06/08/2020 02:36:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the AVP20.0 service.

Error: (06/08/2020 01:22:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (06/08/2020 10:13:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.


Windows Defender:
===================================
Date: 2019-10-23 11:05:40.419
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{CAA84D5B-2F6D-4D8D-89FD-5A0713BFF041}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2018-10-05 11:38:46.798
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2018-07-04 10:09:55.969
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2018-07-04 10:09:55.959
Description: 
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

CodeIntegrity:
===================================

Date: 2020-04-15 17:14:23.691
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-15 17:05:11.079
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-15 16:40:48.517
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-15 15:17:02.785
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-15 13:04:02.832
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-15 12:21:23.681
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-15 10:55:13.840
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-04-15 10:22:26.884
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Kaspersky Lab\klhk\klhk_x64\klhkum.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

BIOS: Dell Inc. A21 05/16/2019
Motherboard: Dell Inc. 0Y15C1
Processor: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
Percentage of memory in use: 27%
Total physical RAM: 16254.65 MB
Available physical RAM: 11799.22 MB
Total Virtual: 32507.44 MB
Available Virtual: 27327.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.44 GB) (Free:53.24 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (W-media all) (Fixed) (Total:1397.23 GB) (Free:337.94 GB) NTFS
Drive j: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 63A3B85E)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1397.2 GB) (Disk ID: 4C783333)
Partition 1: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================