DVD/CD Drives

phil’,
All drives are working.

Thought as much due to the fact that the HDD is working.

Did you download and install TechUtilities to your computer.

No.

It has gotten on your computer somehow and there is a high chance that it is the cause of your issues, see Facebook feedback here

From your Speccy report;

Scheduler
24/12/2017 17:14;: Adobe Flash Player Updater
24/12/2017 17:29;: GoogleUpdateTaskMachineUA
25/12/2017 09:29;: GoogleUpdateTaskMachineCore
25/12/2017 16:00;: Adobe Acrobat Update Task
28/12/2017 03:00;: TechUtilities
Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
CCleanerSkipUAC

As an asides roger, are you aware that CCleaner was hacked not too long ago, article here

Have deleted instances of TechUtilities using “Everything”.
I am running the latest version of CCleaner (V5.38)
Still no change
What do you advise for the next step?

We need a security expert to take a look at this, being the Christmas period there may be some delay but as the program got on your computer without you knowing and you all of a sudden have this issue the program could be involved, meanwhile can you do the following;

Download/run then post an Autoruns log for us, free to download from here

1: Extract the Autoruns Zip file contents to a folder.

2: Double-click the “Autoruns.exe”.

3: Click on the "Hide Signed Microsoft and Windows Entries” option.

4: Go to File then to Export As or Save in some versions.

5: Save AutoRuns.txt file to known location like your Desktop > when you click on File > Save you will then get the option to Save as type, click the drop down tab, change it to Text and then click the Save button.

6: Attach to your next reply.

Tutorial here

Phil’,

Thanks for that - please see attached report as requested.
Hope this is what you expected - if not please let me know where I’ve gone wrong.

(I once again right clicked on the “D” drive and the drop down list appeared and then went again???)
And then back to the same problem.

Hi Roger,

Aye, exactly what I was after thanks (y)

Quick question or two, you have BitDefender Anti Virus/Malware protecting your computer, do you have a link to the Zemana AntiMalware software showing up in AutoRuns.

Have you checked the Device Manager for any yellow ! or red Xs against your drives.

Lets see how the drives show up in Disk Manager;

1. Click on the Start button and then choose Control Panel.
2. Click on the System and Security link.
   Note: If you’re viewing the Large icons or Small iconsview of Control Panel, you won’t see this link so just click on the Administrative Tools icon and skip to Step 4.
3. In the System and Security window, click on the Administrative Tools heading located near the bottom of the window.
4. In the Administrative Tools window, double-click on the Computer Management icon.
5. When Computer Management opens, click on Disk Management on the left side of the window, located under Storage.
   After a brief loading period, Disk Management should now appear on the right side of the Computer Management window.
   Note: If you don’t see Disk Management listed, you may need to click on the |> icon to the left of the Storage icon.

To capture and post a screenshot;

Click on the ALT key + PRT SCR key..its on the top row..right hand side..now click on start…all programs…accessories…paint…left click in the white area …press CTRL + V…click on file…click on save…save it to your desktop…name it something related to the screen your capturing… BE SURE TO SAVE IT AS A .JPG …otherwise it may be to big to upload… then after typing in any response you have… click on the Upload a File tab.

phil’,
Just for info - Bitdefender and Zemana were installed via a recommendation by Gus (one of your team), after a fairly recent session with him.
. phil’ - not sure what you mean??

No yellow or red Xs. showing in Device Manager.

Please see attached screenshot as requested. CD-ROM 3 not showing in screenshot.

Thanks Roger, the Zemana is not the full real time protection package then, you would be amazed at the amount of people that have been caught out by the free 14 day trial of Malwarebytes which offers full real time protection for 14 days before going back to the basic on demand scanner if not paid for to permanently upgrade.
No problem, covered above but just to confirm was checking to make sure that the Zemana was not the full AV package.

This is definitely not hardware related, I suspect that it is registry related and something potentially caused by the rogue TechUtilities garbage that got on your machine somehow.

Need to wait on some malware expertise for now I`m afraid.

As a precaution, if you happen to use USB thumb drives or external HDDs, please do not connect them to this computer until you have been given the all clear of malware on it.

Hi Phill and Roger, recently whilst cleaning Rogers PC I recommended he use Bitdefender as his realtime security. We also ran a scan with Zemana and I suggested he keep it as a second opinion/run as required scanner. Yes Zemana only runs as realtime for 14 days, and yes whilst it is not desirable to run more than one realtime security app at the same time it was only for the two weeks till Zemana reverted to manual scan only.

With Bitdefender running realtime and Zemana as required should give Roger excellent ongoing protection?

Hello again Roger, can you please run FRST and ADWcleaner again?

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select “Run as administrator” from the menu"



If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.


[ol]
[li]Accept the default whitelist options,[/li][li]If the additions.txt options box is not checked please select it. [/li]
[li]Then select “Scan”[/li][/ol]



Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



Please COPY and PASTE the contents of these two files in your next post.

We will need a log from AdwCleaner for further information.

Please download a copy of AdwCleaner from HERE, it is important to download it to your desktop.

Once downloaded to the desktop AdwCleaner will create an icon [MEDIA=imgur]eEGkHPS[/MEDIA]

Should you receive any security warnings or your User Account Control warning appears whilst you are using this application you can safely allow AdwCleaner to continue.

Before running AdwCleaner please ensure all other programs and browsers are closed, then double left click the icon to open it.

AdwCleaner will open, click the scan button to start searching.

[MEDIA=imgur]hBYSf6z[/MEDIA]

The scan may take some time to complete, and when it has any malware found will be automatically selected for quarantining. Click the “Clean” button.

[MEDIA=imgur]ftC2WaB[/MEDIA]

After a few seconds a message should tell you your computer will now reboot. Allow the reboot.

When the computer restarts a log file will be displayed, but if its closed for any reason before copying the contents, you will find a copy of the file if you navigate to C:\AdwCleaner[C#].txt (The C denotes the Cleaning log)

[MEDIA=imgur]jr9Bx9h[/MEDIA]

Please Copy and Paste the contents of the log file with your next reply.

Hi Gus,
Welcome back !!

Please find attached FRST files as requested.
Please find attached ADWcleaner file as requested.
Hopefully I’ve done everything correctly?

Roger, please copy and paste any logs, as per instructions. I have pasted the current ones.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017
Ran by Roger (administrator) on ROGER-PC (27-12-2017 08:49:52)
Running from C:\Users\Roger\Desktop
Loaded Profiles: Roger (Available Profiles: Roger)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\downloader.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKU\S-1-5-21-1680508398-4254546052-4236040641-1001\Control Panel\Desktop\SCRNSAVE.EXE → C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{61F1216A-4E5B-47CC-A19A-73CEA2788528}: [DhcpNameServer] 192.168.1.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1680508398-4254546052-4236040641-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
SearchScopes: HKLM → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper → {AA58ED58-01DD-4d91-8333-CF10577473F7} → C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-09] (Google Inc.)
BHO: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-06] (Oracle Corporation)
BHO-x32: Google Toolbar Helper → {AA58ED58-01DD-4d91-8333-CF10577473F7} → C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-09] (Google Inc.)
BHO-x32: Office Document Cache Handler → {B4F3A835-0E21-4959-BA22-42B3008E02FF} → C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-06] (Oracle Corporation)
BHO-x32: EpsonToolBandKicker Class → {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} → C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-09] (Google Inc.)
Toolbar: HKLM-x32 - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2012-04-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-09] (Google Inc.)
Toolbar: HKU\S-1-5-21-1680508398-4254546052-4236040641-1001 → Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-12-09] (Google Inc.)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1481385760985
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\Roger\AppData\Roaming\TomTom\HOME\Profile s\qc5vq6kh.default [2017-04-16]
FF ProfilePath: C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Pro files\kamjy6dk.default-1459599605567 [2017-12-26]
FF Homepage: Mozilla\Firefox\Profiles\kamjy6dk.default-1459599605567 → hxxps://www.google.co.uk/
FF Extension: (Autofill) - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Pro files\kamjy6dk.default-1459599605567\Extensions\firefox-autofill@googlegroups.com.xpi [2016-07-10] [Legacy]
FF Extension: (Form History Control (II)) - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Pro files\kamjy6dk.default-1459599605567\Extensions\formhistory@yahoo.com.xpi [2017-11-26]
FF Extension: (Google Translator for Firefox) - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Pro files\kamjy6dk.default-1459599605567\Extensions\translator@zoli.bod.xpi [2017-11-26]
FF Extension: (Googlebar Lite) - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Pro files\kamjy6dk.default-1459599605567\Extensions{79c50f9a-2ffe-4ee0-8a37-fae4f5dacd4f}.xpi [2016-05-16] [Legacy]
FF Extension: (Default Full Zoom Level) - C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Pro files\kamjy6dk.default-1459599605567\Extensions{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2016-05-16] [Legacy]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-23] [Legacy] [not signed]
FF HKLM-x32...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-03-21] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @canon.com/MycameraPlugin → C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 → C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1 .dll [2017-11-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 → C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM → C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-27] (Adobe Systems Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR Profile: C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default [2017-12-26]
CHR Extension: (No Name) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2015-05-03]
CHR Extension: (Docs) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-05-27]
CHR Extension: (Google Drive) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2017-11-27]
CHR Extension: (YouTube) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-11-27]
CHR Extension: (avast! SafePrice) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihc jkigck [2015-05-03]
CHR Extension: (Google Docs Offline) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-11-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2017-11-27]
CHR Extension: (Gmail) - C:\Users\Roger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2017-11-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-13] (Digital Wave Ltd.)
S4 Everything; C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] ()
S4 ICScsiSV; C:\Program Files (x86)\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [75952 2007-01-26] (Sony Corporation)
S4 IcVzMonLauncher; C:\Program Files (x86)\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe [67760 2007-01-26] (Sony Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 Image Converter video recording monitor for VAIO Entertainment; C:\Program Files (x86)\Sony\IMAGE CONVERTER 3\IcVzMon.exe [43184 2007-01-26] (Sony Corporation)
S4 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
S4 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
S4 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
S4 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S4 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S4 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [100392 2017-11-15] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2017-11-15] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2017-11-15] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2013-04-10] ()
R0 atc; C:\Windows\System32\DRIVERS\atc.sys [1019880 2017-11-15] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [58368 2009-06-25] (Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1763744 2017-11-15] (BitDefender)
R0 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [155488 2017-11-17] (Bitdefender)
R3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [250504 2017-11-15] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\Windows\System32\drivers\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2017-07-26] (The OpenVPN Project)
R2 trufos; C:\Windows\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic) [File not signed]
R0 videX64; C:\Windows\System32\DRIVERS\videX64.sys [15000 2013-03-20] (VIA Technologies, Inc.)
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2010-11-20] (Microsoft Corporation) [File not signed]
R0 xfiltx64; C:\Windows\System32\DRIVERS\xfiltx64.sys [26776 2013-03-20] (VIA Technologies, Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-11-26] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-11-26] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-27 08:49 - 2017-12-27 08:50 - 000015995 _____ C:\Users\Roger\Desktop\FRST.txt
2017-12-27 08:49 - 2017-12-27 08:49 - 000000000 ____D C:\FRST
2017-12-27 08:47 - 2017-12-27 08:47 - 002391552 _____ (Farbar) C:\Users\Roger\Desktop\FRST64.exe
2017-12-25 18:46 - 2017-12-25 18:46 - 000094566 _____ C:\Users\Roger\Desktop\ROGER-PC.txt
2017-12-25 18:40 - 2017-12-25 18:40 - 000000000 ____D C:\Users\Roger\Desktop\Autoruns
2017-12-25 18:39 - 2017-12-25 18:39 - 001336829 _____ C:\Users\Roger\Desktop\Autoruns.zip
2017-12-24 19:59 - 2017-12-24 19:42 - 000019588 _____ C:\Users\Roger\Desktop\chkdsk_full_log.txt
2017-12-24 19:59 - 2017-12-24 19:42 - 000004524 _____ C:\Users\Roger\Desktop\chkdsk_log.txt
2017-12-24 19:31 - 2017-12-24 19:31 - 000003654 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2017-12-24 19:31 - 2017-12-24 19:31 - 000002123 _____ C:\Users\Roger\Desktop\Tweaking.com - Windows Repair.lnk
2017-12-24 19:31 - 2017-12-24 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2017-12-24 19:31 - 2017-12-24 19:31 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2017-12-24 19:29 - 2017-12-24 19:29 - 037693392 _____ (Tweaking.com) C:\Users\Roger\Desktop\tweaking.com_windows_repair _aio_setup.exe
2017-12-24 17:39 - 2017-12-27 08:50 - 000040769 _____ C:\Windows\ZAM.krnl.trace
2017-12-24 17:39 - 2017-12-27 08:50 - 000013263 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-12-24 16:49 - 2017-12-24 16:49 - 000000756 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-12-24 16:49 - 2017-12-24 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-12-24 16:49 - 2017-12-24 16:49 - 000000000 ____D C:\Program Files\Speccy
2017-12-24 16:48 - 2017-12-24 16:48 - 006299336 _____ (Piriform Ltd) C:\Users\Roger\Desktop\spsetup131.exe
2017-12-16 08:56 - 2017-12-16 08:56 - 000045704 _____ () C:\Windows\system32\Drivers\staport.sys
2017-12-16 08:53 - 2017-12-16 13:06 - 000000000 ____D C:\ProgramData\AVAST Software
2017-12-16 08:09 - 2017-11-14 03:57 - 025731072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-16 08:09 - 2017-11-14 02:48 - 015267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-16 08:09 - 2017-11-14 01:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-12-16 08:08 - 2017-11-15 01:27 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-16 08:08 - 2017-11-15 00:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-12-16 08:08 - 2017-11-14 03:43 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-16 08:08 - 2017-11-14 03:43 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-16 08:08 - 2017-11-14 03:32 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-16 08:08 - 2017-11-14 03:31 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-16 08:08 - 2017-11-14 03:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-16 08:08 - 2017-11-14 03:30 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-16 08:08 - 2017-11-14 03:30 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-16 08:08 - 2017-11-14 03:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-16 08:08 - 2017-11-14 03:25 - 005925888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-16 08:08 - 2017-11-14 03:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-16 08:08 - 2017-11-14 03:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-16 08:08 - 2017-11-14 03:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-16 08:08 - 2017-11-14 03:20 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-16 08:08 - 2017-11-14 03:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-16 08:08 - 2017-11-14 03:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-16 08:08 - 2017-11-14 03:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-16 08:08 - 2017-11-14 03:15 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-16 08:08 - 2017-11-14 03:12 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-16 08:08 - 2017-11-14 03:06 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-16 08:08 - 2017-11-14 03:06 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-16 08:08 - 2017-11-14 03:05 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-16 08:08 - 2017-11-14 03:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-16 08:08 - 2017-11-14 03:02 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-16 08:08 - 2017-11-14 03:00 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-16 08:08 - 2017-11-14 02:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-16 08:08 - 2017-11-14 02:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-16 08:08 - 2017-11-14 02:48 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-16 08:08 - 2017-11-14 02:48 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-16 08:08 - 2017-11-14 02:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-16 08:08 - 2017-11-14 02:46 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-16 08:08 - 2017-11-14 02:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-16 08:08 - 2017-11-14 02:27 - 001544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-16 08:08 - 2017-11-14 02:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-16 08:08 - 2017-11-14 01:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-12-16 08:08 - 2017-11-14 01:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-12-16 08:08 - 2017-11-14 01:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-12-16 08:08 - 2017-11-14 01:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-12-16 08:08 - 2017-11-14 00:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-12-16 08:08 - 2017-11-14 00:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-12-16 08:08 - 2017-11-07 20:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-12-16 08:08 - 2017-11-07 20:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-12-16 08:08 - 2017-11-07 20:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-12-16 08:08 - 2017-11-07 20:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-12-16 08:08 - 2017-11-07 20:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-12-16 08:08 - 2017-11-07 20:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-12-16 08:08 - 2017-11-07 20:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-12-16 08:08 - 2017-11-07 20:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-12-16 08:08 - 2017-11-07 20:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-12-16 08:08 - 2017-11-07 20:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-12-16 08:08 - 2017-11-07 20:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-12-16 08:08 - 2017-11-07 20:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-12-16 08:08 - 2017-11-07 20:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-12-16 08:08 - 2017-11-07 20:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-12-16 08:08 - 2017-11-07 20:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-12-16 08:08 - 2017-11-07 20:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-12-16 08:08 - 2017-11-07 20:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-12-16 08:08 - 2017-11-07 20:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-12-16 08:08 - 2017-11-07 20:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-12-16 08:08 - 2017-11-07 20:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-12-16 08:08 - 2017-11-07 20:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-12-16 08:08 - 2017-11-07 20:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-12-16 08:08 - 2017-11-07 20:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-12-16 08:08 - 2017-11-07 19:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-12-16 08:08 - 2017-11-07 16:31 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-16 08:08 - 2017-11-07 16:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-12-16 08:08 - 2017-11-04 15:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-16 08:08 - 2017-11-04 15:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-16 08:08 - 2017-11-04 15:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2017-12-16 08:08 - 2017-11-04 15:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2017-12-16 08:08 - 2017-11-02 16:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-16 08:08 - 2017-11-02 16:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-16 08:08 - 2017-11-02 16:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-16 08:08 - 2017-11-02 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-16 08:08 - 2017-11-02 15:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2017-12-16 08:08 - 2017-11-02 15:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2017-12-16 08:08 - 2017-11-02 15:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2017-12-16 08:08 - 2017-11-02 14:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2017-12-16 08:08 - 2017-10-16 23:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-16 08:08 - 2017-10-16 22:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-12-16 08:08 - 2017-10-12 00:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-16 07:55 - 2017-12-16 07:56 - 218332489 _____ C:\Users\Roger\My Documents\Thunderbird 52.5.0 (en-US) - 2017-12-16.pcv
2017-12-09 19:39 - 2017-12-22 11:57 - 000000000 ____D C:\Users\Roger\My Documents'TONES STUFF
2017-12-09 15:14 - 2017-12-09 15:15 - 000000000 ____D C:\Users\Roger\My Documents\FORUMS
2017-12-08 15:12 - 2017-12-08 15:11 - 011723350 _____ C:\Users\Roger\My Documents\Canon PowerShot620 Manual.pdf
2017-12-07 12:05 - 2017-12-07 12:05 - 000000000 ____D C:\Users\Roger\AppData\Roaming\ZoomBrowser EX
2017-12-07 12:00 - 2017-12-07 12:00 - 000000000 ____D C:\ProgramData\ZoomBrowser
2017-12-07 11:43 - 2017-12-13 16:37 - 000000000 ____D C:\Users\Roger\AppData\Roaming\CANON INC
2017-12-07 11:42 - 2017-12-07 11:42 - 000000000 ____D C:\Users\Roger\AppData\Roaming\Canon_Inc_IC
2017-12-07 11:41 - 2017-12-07 11:41 - 000000000 ____D C:\Users\Roger\AppData\Roaming\canon
2017-12-07 11:41 - 2017-12-07 11:41 - 000000000 ____D C:\ProgramData\Canon_Inc_IC
2017-12-06 16:47 - 2017-12-24 19:23 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-27 13:10 - 2017-11-27 13:10 - 000000000 ____D C:\ProgramData\dbg
2017-11-27 11:07 - 2017-11-27 11:07 - 000001377 _____ C:\Users\Roger\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Internet Explorer.lnk
2017-11-27 11:06 - 2017-12-24 19:23 - 000003874 _____ C:\Windows\System32\Tasks\CCleaner Update
2017-11-27 11:06 - 2017-12-24 19:23 - 000002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-11-27 10:58 - 2017-12-25 00:30 - 000000000 ____D C:\Users\Roger\AppData\Local\Everything
2017-11-27 10:45 - 2017-10-18 02:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-27 10:45 - 2017-10-18 02:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-27 10:45 - 2017-10-18 02:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-27 10:45 - 2017-10-18 02:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-27 10:45 - 2017-10-18 02:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-27 10:45 - 2017-10-18 02:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-27 10:45 - 2017-10-18 02:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-27 10:45 - 2017-10-16 23:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-27 10:45 - 2017-10-16 21:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-27 10:45 - 2017-10-12 00:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-27 10:45 - 2017-10-12 00:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-27 10:45 - 2017-10-12 00:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-27 10:45 - 2017-10-12 00:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-27 10:45 - 2017-10-12 00:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-27 10:45 - 2017-10-12 00:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-27 10:45 - 2017-10-12 00:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-27 10:45 - 2017-10-12 00:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-27 10:45 - 2017-10-12 00:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-27 10:45 - 2017-10-12 00:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-27 10:45 - 2017-10-12 00:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-27 10:45 - 2017-10-12 00:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-27 10:45 - 2017-10-12 00:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-27 10:45 - 2017-10-12 00:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-27 10:45 - 2017-10-12 00:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-27 10:45 - 2017-10-12 00:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-27 10:45 - 2017-10-12 00:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-27 10:45 - 2017-10-12 00:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-27 10:45 - 2017-10-12 00:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-27 10:45 - 2017-10-12 00:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-27 10:45 - 2017-09-07 13:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-27 10:40 - 2017-11-17 04:23 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-27 10:40 - 2017-10-18 02:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-27 10:40 - 2017-10-18 02:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-27 10:40 - 2017-10-15 22:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-27 10:40 - 2017-10-04 13:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-27 10:40 - 2017-10-04 13:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-27 10:40 - 2017-10-04 13:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-27 10:40 - 2017-10-04 13:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-27 10:40 - 2017-10-04 13:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-27 10:40 - 2017-10-04 13:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-27 10:40 - 2017-10-04 13:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-27 10:15 - 2017-11-27 10:11 - 000000953 _____ C:\Users\Roger\My Documents\Search Everything.lnk
2017-11-27 10:15 - 2017-11-27 10:10 - 001443120 _____ () C:\Users\Roger\My Documents\Everything-1.4.1.877.x64-Setup.exe
2017-11-27 10:11 - 2017-12-25 00:30 - 000000000 ____D C:\Users\Roger\AppData\Roaming\Everything
2017-11-27 10:11 - 2017-12-25 00:22 - 000000000 ____D C:\Program Files\Everything
2017-11-27 10:11 - 2017-11-27 10:11 - 000000000 ____D C:\Users\Roger\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Everything

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-27 08:49 - 2017-11-15 10:04 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2017-12-27 08:45 - 2016-12-09 14:25 - 000000000 ____D C:\Users\Roger\AppData\LocalLow\Mozilla
2017-12-27 08:44 - 2009-07-14 05:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-26 18:38 - 2013-03-21 19:20 - 000000000 ____D C:\Users\Roger\AppData\Roaming\PhotoScape
2017-12-26 18:38 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\inf
2017-12-26 18:28 - 2013-03-20 15:21 - 000000000 ____D C:\Users\Roger
2017-12-26 09:10 - 2009-07-14 04:45 - 000031120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-26 09:10 - 2009-07-14 04:45 - 000031120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-25 09:20 - 2014-10-22 18:53 - 000000000 ____D C:\Program Files\Recuva
2017-12-24 19:23 - 2017-11-21 15:05 - 000004326 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-24 19:23 - 2017-11-15 09:47 - 000003650 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-12-24 19:23 - 2013-03-21 16:16 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A
2017-12-24 19:23 - 2013-03-21 16:16 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore
2017-12-24 17:18 - 2013-03-21 21:18 - 000000000 ____D C:\ProgramData\TEMP
2017-12-24 16:02 - 2013-03-21 21:50 - 000000000 ____D C:\Users\Roger\AppData\Local\ElevatedDiagnostics
2017-12-23 15:07 - 2013-03-21 19:28 - 000000000 ____D C:\Users\Roger\AppData\Roaming\vlc
2017-12-21 09:52 - 2013-03-21 18:15 - 000000000 ____D C:\Program Files (x86)\EPSON Print CD
2017-12-21 09:51 - 2009-07-14 05:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-12-16 13:03 - 2015-06-14 09:50 - 000000000 ____D C:\Users\Roger\My Documents\PC info
2017-12-16 12:17 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\rescache
2017-12-16 08:30 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2017-12-16 08:30 - 2009-07-14 03:20 - 000000000 ____D C:\Windows\system32\Setup
2017-12-16 08:17 - 2014-01-19 09:55 - 000766376 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-12-16 08:17 - 2009-07-14 05:13 - 000766376 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-16 08:14 - 2013-07-31 10:43 - 000000000 ____D C:\Windows\system32\MRT
2017-12-16 08:10 - 2017-11-04 10:59 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-16 08:10 - 2013-03-22 00:04 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-12-12 18:14 - 2013-03-21 20:12 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-12 18:14 - 2013-03-21 20:12 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-12 18:14 - 2013-03-21 20:12 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-12 18:14 - 2013-03-21 20:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-09 18:55 - 2009-07-14 05:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-12-09 09:57 - 2013-03-22 14:29 - 000000000 ____D C:\Windows\pss
2017-12-07 12:01 - 2013-03-21 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-12-07 12:01 - 2013-03-21 20:33 - 000000000 ____D C:\Program Files (x86)\Canon
2017-12-07 09:02 - 2015-04-21 08:46 - 000000000 ____D C:\Users\Roger\AppData\Local\Windows Live
2017-12-06 16:47 - 2016-02-16 19:28 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-29 13:27 - 2015-03-04 20:33 - 000000000 ____D C:\Users\Roger\My Documents\DVD Photo Slideshow
2017-11-29 08:58 - 2013-03-21 19:17 - 000000000 ____D C:\Users\Roger\AppData\Roaming\Audacity
2017-11-28 14:48 - 2016-11-27 16:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-11-28 14:48 - 2013-03-21 17:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-27 11:09 - 2014-12-06 15:48 - 000000000 ____D C:\Users\Roger\AppData\Local\CrashDumps
2017-11-27 11:07 - 2013-03-21 16:16 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-27 11:02 - 2009-07-14 04:45 - 000348272 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-27 10:59 - 2014-12-16 14:43 - 000000000 ____D C:\Windows\system32\appraiser

==================== Files in the root of some directories =======

2015-06-06 10:28 - 2007-02-05 09:10 - 000038456 _____ (Sony Corporation) C:\Program Files (x86)\AppReg.exe
2015-06-05 17:05 - 2005-03-21 19:30 - 000106496 _____ (Microsoft Corporation) C:\Program Files (x86)\atl71.dll
2015-06-06 10:29 - 2007-02-02 18:39 - 000081920 _____ (Sony Corporation) C:\Program Files (x86)\Cddb2Access.dll
2015-06-06 10:28 - 2007-02-02 18:46 - 000094208 _____ (Sony Corporation) C:\Program Files (x86)\DMPInternet.dll
2015-06-06 10:28 - 2006-12-26 16:57 - 000143360 _____ (Inner Media, Inc.) C:\Program Files (x86)\dunzip32.dll
2015-06-06 10:28 - 2007-02-02 18:46 - 000045056 _____ (Sony Corporation) C:\Program Files (x86)\GenMediaKey.dll
2015-06-06 10:28 - 2007-02-02 18:42 - 000032768 _____ (Sony Corporation) C:\Program Files (x86)\HelpHelper.dll
2015-06-06 10:28 - 2005-03-21 19:34 - 000352256 _____ (Intel Corporation) C:\Program Files (x86)\ijl15.dll
2015-06-06 10:28 - 2005-03-21 19:30 - 000000007 _____ () C:\Program Files (x86)\initials.ini
2015-06-06 10:28 - 2007-02-02 18:41 - 000434176 _____ (Sony Corporation) C:\Program Files (x86)\Items.dll
2015-06-06 10:28 - 2005-03-21 19:30 - 000065536 _____ (Microsoft Corporation) C:\Program Files (x86)\JETCOMP.exe
2015-06-06 10:28 - 2007-02-02 18:07 - 000012800 _____ (Sony Corporation) C:\Program Files (x86)\Lam.dll
2015-06-05 17:05 - 2005-03-21 19:30 - 001060864 _____ (Microsoft Corporation) C:\Program Files (x86)\mfc71.dll
2015-06-05 17:05 - 2005-03-21 19:30 - 000499712 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp71.dll
2015-06-05 17:05 - 2005-03-21 19:30 - 000348160 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr71.dll
2015-06-06 10:28 - 2007-02-05 09:10 - 000603704 _____ (Sony Corporation) C:\Program Files (x86)\Ojbsir.exe
2015-06-06 10:28 - 2007-02-02 19:03 - 000528384 _____ (Sony Corporation) C:\Program Files (x86)\OjbSirRes.dll
2015-06-06 10:28 - 2007-02-05 09:10 - 000603704 _____ (Sony Corporation) C:\Program Files (x86)\Omg1to2.exe
2015-06-06 10:28 - 2007-02-02 18:05 - 000003584 _____ (Sony Corporation) C:\Program Files (x86)\Omg1to2Res.dll
2015-06-06 10:28 - 2007-02-05 09:10 - 000816696 _____ (Sony Corporation) C:\Program Files (x86)\OMG2OMA.exe
2015-06-06 19:49 - 2015-06-06 19:49 - 000000642 _____ () C:\Program Files (x86)\OMG2OMA.LOG
2015-06-06 10:28 - 2007-02-02 18:08 - 000536576 _____ (Sony Corporation) C:\Program Files (x86)\OMG2OMARes.dll
2015-06-06 10:28 - 2007-02-05 09:11 - 001201720 _____ (Sony Corporation) C:\Program Files (x86)\Omgbkup.exe
2015-06-06 10:28 - 2007-02-02 19:07 - 000143360 _____ (Sony Corporation) C:\Program Files (x86)\OmgbkupRes.dll
2015-06-06 10:28 - 2007-02-05 09:11 - 005961272 _____ (Sony Corporation) C:\Program Files (x86)\Omgjbox.exe
2015-06-06 10:28 - 2007-02-02 18:35 - 001323008 _____ (Sony Corporation) C:\Program Files (x86)\OmgjboxRes.dll
2015-06-06 10:28 - 2007-02-02 18:36 - 000106496 _____ (Sony Corporation) C:\Program Files (x86)\RBasis.dll
2015-06-06 10:29 - 2007-01-16 17:13 - 000007453 _____ () C:\Program Files (x86)\Readme.txt
2015-06-06 10:28 - 2007-02-02 18:39 - 000196608 _____ (Sony Corporation) C:\Program Files (x86)\RGraph.dll
2015-06-06 10:28 - 2007-02-02 18:42 - 000798720 _____ (Sony Corporation) C:\Program Files (x86)\Si.dll
2015-06-06 10:28 - 2005-08-25 08:10 - 000081920 _____ (Sony Corporation) C:\Program Files (x86)\SonyFsConvFilter.ax
2015-06-06 10:28 - 2007-02-02 19:08 - 000053248 _____ (Sony Corporation) C:\Program Files (x86)\SonyWavParser2.ax
2015-06-05 17:05 - 2007-02-05 09:11 - 000476728 _____ () C:\Program Files (x86)\SSAAD.exe
2015-06-06 10:28 - 2007-02-02 18:39 - 000397312 _____ (Sony Corporation) C:\Program Files (x86)\SsEncMp3.dll
2015-06-06 10:28 - 2007-02-02 18:39 - 000065536 _____ (Sony Corporation) C:\Program Files (x86)\SsEncWma.dll
2015-06-05 17:05 - 2007-02-02 18:39 - 000217088 _____ (Sony Corporation) C:\Program Files (x86)\SsMidAccess.dll
2015-06-06 10:28 - 2007-02-02 18:40 - 000131072 _____ (Sony Corporation) C:\Program Files (x86)\SsMtp.dll
2015-06-06 10:28 - 2007-02-02 18:39 - 000049152 _____ (Sony Corporation) C:\Program Files (x86)\SsProxy.dll
2015-06-06 10:28 - 2007-02-02 18:42 - 000057344 _____ (Sony Corporation) C:\Program Files (x86)\SsTpl.dll
2015-06-06 10:28 - 2007-02-02 19:09 - 000025600 _____ (Sony Corporation) C:\Program Files (x86)\SsVerChk.ocx
2015-06-06 10:28 - 2007-02-02 19:08 - 000065536 _____ (Sony Corporation) C:\Program Files (x86)\StdoutSs2.ax
2015-06-06 10:29 - 2007-02-05 18:29 - 000000014 _____ () C:\Program Files (x86)\Version.txt
2015-06-06 10:28 - 2007-02-02 18:46 - 000013312 _____ (Sony Corporation) C:\Program Files (x86)\WtsNotify.dll
2015-06-06 10:28 - 2006-12-19 14:03 - 000192512 _____ (Sony Corporation) C:\Program Files (x86)\XCoreAudio.dll
2015-06-06 10:28 - 2007-02-02 18:47 - 000069632 _____ (Sony Corporation) C:\Program Files (x86)\XPanel.dll
2015-06-06 10:28 - 2007-02-02 18:08 - 000017920 _____ (Sony Corporation) C:\Program Files (x86)\XThumbnail.dll
2016-07-02 21:13 - 2016-07-02 21:14 - 000000115 _____ () C:\Users\Roger\AppData\Roaming\LogFile.txt
2015-05-02 20:24 - 2015-05-02 20:27 - 000000149 _____ () C:\Users\Roger\AppData\Roaming\settings.xml
2014-10-27 21:01 - 2016-01-04 16:40 - 000027136 ___SH () C:\Users\Roger\AppData\Roaming\Thumbs.db
2014-10-14 09:48 - 2014-10-14 09:48 - 000017194 _____ () C:\Users\Roger\AppData\Roaming\UserTile.png
2013-11-17 10:36 - 2014-04-05 08:58 - 000000124 _____ () C:\Users\Roger\AppData\Roaming\WB.CFG
2013-11-17 10:36 - 2013-11-21 11:36 - 000000006 _____ () C:\Users\Roger\AppData\Roaming\WBPU-TTL.DAT
2014-11-18 15:43 - 2015-05-07 10:32 - 000006656 _____ () C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-28 10:34 - 2015-06-28 10:34 - 000006271 _____ () C:\Users\Roger\AppData\Local\recently-used.xbel
2013-11-16 14:47 - 2013-11-16 14:47 - 000000017 _____ () C:\Users\Roger\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-20 10:59

==================== End of FRST.txt ============================
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2017
Ran by Roger (27-12-2017 08:52:04)
Running from C:\Users\Roger\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-03-20 15:21:36)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-1680508398-4254546052-4236040641-500 - Administrator - Disabled)
Guest (S-1-5-21-1680508398-4254546052-4236040641-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1680508398-4254546052-4236040641-1002 - Limited - Enabled)
Roger (S-1-5-21-1680508398-4254546052-4236040641-1001 - Administrator - Enabled) => C:\Users\Roger

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM...{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32...{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM...{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32...{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ArcSoft Camera Suite 1.3 (HKLM-x32...{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}) (Version: - )
Ashampoo Burning Studio 2017 (HKLM-x32...{91B33C97-C878-6579-69BA-23E5405C7AAB}is1) (Version: 18.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Uninstaller 2017 (HKLM-x32...{4209F371-E035-1302-F540-12532A0A4FC7}is1) (Version: 6.00.14 - Ashampoo GmbH & Co. KG)
Autoplay Repair 2.2.2 (HKLM-x32...\Autoplay Repair) (Version: 2.2.2 - OrangeBlue)
BenVista PhotoZoom Classic 6.1 (HKU\S-1-5-21-1680508398-4254546052-4236040641-1001...\PhotoZoom Classic 6) (Version: 6.1 - BenVista Ltd.)
Bitdefender Agent (HKLM...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Antivirus Free (HKLM...{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.8.33 - Bitdefender)
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon MOV Decoder (HKLM-x32...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM-x32...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Map Utility (HKLM-x32...\Map Utility Parent) (Version: 1.8.1.2 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32...\MovieUploaderForYouTube) (Version: 1.1.0.4 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
CCleaner (HKLM...\CCleaner) (Version: 5.38 - Piriform)
ColorPic (HKLM-x32...\ColorPic) (Version: 4.1 - Iconico)
Cool & Quiet (HKLM-x32...{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version: - )
D3DX10 (HKLM-x32...{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM...\Defraggler) (Version: 2.21 - Piriform)
DVD Decrypter (Remove Only) (HKLM-x32...\DVD Decrypter) (Version: - )
DVD Menu Template Package 1.2 (HKLM-x32...\DVD Menu Template Package) (Version: 1.2 - AnvSoft Inc.)
EPSON Attach To Email (HKLM-x32...{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Attach To Email (HKLM-x32...\InstallShield{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Easy Photo Print (HKLM-x32...{1DF4AC80-F76B-42AE-A263-15D2313D4472}) (Version: 1.2.0.0 - )
Epson E-Web Print (HKLM-x32...{876D7EAD-D1FB-4AB2-B922-796EBDE58924}) (Version: 1.10.0000 - SEIKO EPSON CORPORATION)
EPSON File Manager (HKLM-x32...{E86BC406-944E-41F6-ADE6-2C136734C96B}) (Version: 1.1.0.0 - )
Epson Print CD (HKLM-x32...{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.44.00 - Seiko Epson Corporation)
EPSON Print CD (HKLM-x32...{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version: 1.40.000 - )
EPSON Printer Software (HKLM...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Scan Assistant (HKLM-x32...{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EPSON Web-To-Page (HKLM-x32...{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}) (Version: - )
ESPR220 User’s Guide (HKLM-x32...\ESPR220 User’s Guide) (Version: - )
Everything 1.4.1.877 (x64) (HKLM...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
FastStone Photo Resizer 3.8 (HKLM-x32...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
Free Video To MP3 Converter (HKLM-x32...\Free Video To MP3 Converter_is1) (Version: 5.1.5.913 - Digital Wave Ltd)
Google Toolbar for Internet Explorer (HKLM-x32...{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32...{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Image Converter 3 (HKLM-x32...{FE013D72-CF3D-41A8-BC09-C38070FDE2CB}) (Version: 3.0 - Sony Corporation)
iTunes (HKLM...{22CF21C4-4E46-458B-B363-E4890B53A650}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 151 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Menu Template Package 1 Ver 1.10 (HKLM-x32...\Anvsoft DVD Menu Template Package 1) (Version: 1.10 - Anvsoft, Inc.)
Microsoft .NET Framework 4.7 (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32...{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32...{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32...{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32...{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32...{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 en-GB) (HKLM...\Mozilla Firefox 57.0 (x64 en-GB)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
Mozilla Thunderbird 52.5.0 (x86 en-US) (HKLM-x32...\Mozilla Thunderbird 52.5.0 (x86 en-US)) (Version: 52.5.0 - Mozilla)
Nero 11 (HKLM-x32...{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}) (Version: 11.0.10100 - Nero AG)
Nero Backup Drivers (HKLM...{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32...{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1006 - Nero AG)
Nero MediaHome Free (HKLM-x32...{AD35CA78-52F0-4A86-B672-0EF769752CEB}) (Version: 15.0.04700 - Nero AG)
Nero Prerequisite Installer 1.0 (HKLM-x32...{E4B86819-E9B8-4089-963B-DF5E70E7A05E}) (Version: 11.0.13100 - Nero AG)
Nero Prerequisite Installer 3.0 (HKLM-x32...{929FAC65-06DD-4577-882C-E8A558C47B75}) (Version: 15.0.00900 - Nero AG)
Nero Prerequisite Installer 6.0 (HKLM-x32...{E5BAA2DF-F586-4319-BF9B-30AA50AD6B5D}) (Version: 18.0.00100 - Nero AG)
OpenMG Limited Patch 4.7-07-14-05-01 (HKLM-x32...\OpenMG HotFix4.7-07-13-22-01) (Version: - )
OpenMG Secure Module 4.7.00 (HKLM-x32...{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation) Hidden
OpenMG Secure Module 4.7.00 (HKLM-x32...\InstallShield{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
PDF Manual NW-A800 Series (HKLM-x32...{99B9FAF2-33FD-4DC7-9087-5BC2EE4CBB9E}) (Version: 1.0 - Sony Corporation)
PhotoScape (HKLM-x32...\PhotoScape) (Version: - )
PIF DESIGNER (HKLM-x32...{B90450DF-E781-46FD-B1F1-0C86DA40E443}) (Version: - )
Platform (HKLM-x32...{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
Prerequisite installer (HKLM-x32...{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0010 - Nero AG) Hidden
Prerequisite installer (HKLM-x32...{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recuva (HKLM...\Recuva) (Version: 1.51 - Piriform)
Reshade 3.0 (HKLM-x32...\Reshade 3.0) (Version: 3.0 - Reshade)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32...{90140000-003D-0000-0000-0000000FF1CE}Office14.SingleImage{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SimEditor (UB01) v.2.6.8 (remove only) (HKLM-x32...\SimEditor (UB01)) (Version: - )
SonicStage 4.3 (HKLM-x32...{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)
Sony Video Shared Library (HKLM-x32...{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.01 - Sony Corporation)
Sound Blaster X-Fi (HKLM-x32...{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
Speccy (HKLM...\Speccy) (Version: 1.31 - Piriform)
SSC Service Utility v4.30 (HKLM-x32...\SSC Service Utility_is1) (Version: - SSC Localization Group)
TomTom HOME (HKLM-x32...{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}) (Version: 2.10.1 - TomTom)
TomTom MyDrive Connect 4.1.6.3253 (HKLM-x32...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Tweaking.com - Windows Repair (HKLM-x32...\Tweaking.com - Windows Repair) (Version: 4.0.11 - Tweaking.com)
Unlocker 1.9.1-x64 (HKLM...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
USB2.0 Card Reader Software (HKLM-x32...{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 1.00.0000 - Realtek Semiconductor Corp.)
VIA Platform Device Manager (HKLM-x32...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Video Downloader (HKLM-x32...{F1D891A7-2BAF-4033-9A20-DBB78F86BF0C}) (Version: 1.0.00.03050 - Sony Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32...{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - )
VLC media player (HKLM-x32...\VLC media player) (Version: 2.2.6 - VideoLAN)
WALKMAN Launcher (HKLM-x32...{C20B3C31-28CD-4732-AE45-A30F401AF91F}) (Version: 1.0.00.02190 - Sony Corporation)
Welcome App (Start-up experience) (HKLM-x32...{51865D9D-8F63-46F2-87AB-9E72F93B618C}) (Version: 11.0.23500.0.0 - Nero AG) Hidden
WinAVI Video Converter (HKLM-x32...\WinAVI Video Converter) (Version: 11.5.1.4360 - ZJMedia Digital Technology Ltd.)
Windows Live Essentials (HKLM-x32...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player 64-bit Plug-in Fix (HKLM...{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb) (Version: - )
WizTree v3.16 (HKLM...\WizTree_is1) (Version: - Antibody Software)
Womble EasyDVD 1.0.1.28 (12/2013) (HKLM-x32...\Womble EasyDVD) (Version: 1.0.1.28 (12/2013) - Womble Multimedia, Inc.)
Zemana AntiMalware (HKLM-x32...{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => → No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] → {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-26] ()
ContextMenuHandlers1: [DefragglerShellExtension] → {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers2: [CardLocatingExt] → {4C2815A8-D0F1-466E-BBC7-8CCBC0D19112} => C:\Program Files (x86)\Realtek\USB2.0 Card Reader Software\CardLocating.dll [2009-01-09] ()
ContextMenuHandlers3: [UnlockerShellExtension] → {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [RecuvaShellExt] → {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers5: [ACE] → {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2014-11-20] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] → {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-26] ()
ContextMenuHandlers6: [DefragglerShellExtension] → {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [RecuvaShellExt] → {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd)
ContextMenuHandlers6: [UnlockerShellExtension] → {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04D43E1E-1513-45FD-A0D4-59B9A6845A25} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {0B03AE65-CE05-46C8-8356-64B6980EA2AE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {239C021D-A82E-4198-8466-C07A768877BB} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {2E426580-5E77-4259-BCC2-AD2A7CBEEEDC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {3C37137B-72FE-4B7C-87AD-390719FF8D66} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {AA1D64D3-9F9E-4748-8CA8-F73D26C91807} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DCF1A779-2E76-44DE-B1EA-0EE5EFC1CE8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E4693233-7541-47CF-A605-C92EBFD47BEF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {F29D109D-DBD8-425A-83B4-7DB78FBDEBB5} - \TechUtilities → No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Roger\My Documents\Create IPhone - Ringtones.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxps://www.udemy.com/blog/how-to-add-ringtones-to-iphone/
ShortcutWithArgument: C:\Users\Roger\My Documents\Draw Polygon - Freeform shape.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.dummies.com/how-to/content/how-to-draw-polygon-or-freeform-shapes-on-your-pow.html
ShortcutWithArgument: C:\Users\Roger\My Documents\Google Preference Page.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.google.co.uk/preferences
ShortcutWithArgument: C:\Users\Roger\My Documents\Youtube Clips.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://en.savefrom.net/102-how-to-download-youtube-video-mp3.html?lang=en
ShortcutWithArgument: C:\Users\Roger\My Documents\FORUMS\Thunderbird Forum.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://forums.mozillazine.org/viewforum.php?f=39
ShortcutWithArgument: C:\Users\Roger\My Documents'TONES STUFF'Tones Facebook.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxps://www.facebook.com/OfficialTheUndertones/
ShortcutWithArgument: C:\Users\Roger\My Documents'TONES STUFF'Tones Italian.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxps://www.facebook.com/pages/The-Undertones-Italia/289890997869209?ref_type=bookmark
ShortcutWithArgument: C:\Users\Roger\My Documents'TONES STUFF\Rocking Humdingers Club.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxps://www.facebook.com/UndertonesHumdingers/
ShortcutWithArgument: C:\Users\Roger\Desktop\Radio Foyle.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.bbc.co.uk/programmes/b038c0vg
ShortcutWithArgument: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\P rinter Shortcuts\Documents\My Documents'Tones Italian.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxps://www.facebook.com/pages/The-Undertones-Italia/289890997869209?ref_type=bookmark
ShortcutWithArgument: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\P rinter Shortcuts\Documents\My Documents\Draw Polygon - Freeform shape.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.dummies.com/how-to/content/how-to-draw-polygon-or-freeform-shapes-on-your-pow.html
ShortcutWithArgument: C:\Users\Roger\AppData\Roaming\Microsoft\Windows\P rinter Shortcuts\Documents\My Documents\Google Preference Page.lnk → C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.google.co.uk/preferences

==================== Loaded Modules (Whitelisted) ==============

2017-11-15 10:05 - 2017-11-23 18:49 - 000280576 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2017-11-15 10:05 - 2017-02-07 12:29 - 001008448 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttp br.mdl
2017-11-15 10:05 - 2017-02-07 12:29 - 000541952 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttp dsp.mdl
2017-11-15 10:05 - 2017-02-07 12:29 - 003243920 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttp ph.mdl
2017-11-15 10:05 - 2017-02-07 12:29 - 001544568 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_000_000\ashttp rbl.mdl
2010-07-15 04:44 - 2010-07-15 04:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-11-26 09:27 - 2017-11-26 09:27 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21 [163]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2017-11-26 11:09 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1680508398-4254546052-4236040641-1001\Control Panel\Desktop\Wallpaper → C:\Users\Roger\AppData\Roaming\Microsoft\Windows\T hemes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: EPSON_PM_RPCV4_01 => 2
MSCONFIG\Services: Everything => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: ICScsiSV => 3
MSCONFIG\Services: IcVzMonLauncher => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Image Converter video recording monitor for VAIO Entertainment => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSCSPTISRV => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: PACSPTISVR => 3
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: SonicStage Back-End Service => 3
MSCONFIG\Services: SPTISRV => 3
MSCONFIG\Services: SSScsiSV => 3
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: ZAMSvc => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{0C988403-6F21-4350-B509-1726E45FDF24}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F067DDE8-8E5E-450C-B4A0-9386A653F2D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

16-12-2017 12:49:42 OK
23-12-2017 15:54:23 Scheduled Checkpoint
24-12-2017 19:14:27 OK

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
Description: Realtek RTL8169/8110 Family PCI Gigabit Ethernet NIC (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (12/27/2017 08:44:48 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/27/2017 08:44:48 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/27/2017 08:44:48 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/27/2017 08:44:48 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (12/27/2017 08:44:44 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/27/2017 08:44:44 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/27/2017 08:44:44 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/27/2017 08:44:44 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/27/2017 08:44:44 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (12/27/2017 08:44:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (2548) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\ Windows\MSS0040A.log.
[HEADING=1]System errors:[/HEADING]
Error: (12/27/2017 08:45:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (12/27/2017 08:45:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (12/27/2017 08:45:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (12/27/2017 08:45:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (12/27/2017 08:45:32 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (12/27/2017 08:45:32 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (12/27/2017 08:45:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (12/27/2017 08:45:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (12/27/2017 08:45:22 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.

Error: (12/27/2017 08:45:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2016-10-30 20:30:12.143
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\P EAuth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-30 20:30:12.096
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\P EAuth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-30 20:30:05.747
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.e xe because the set of per-page image hashes could not be found on the system.

Date: 2016-10-30 20:18:16.704
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.e xe because the set of per-page image hashes could not be found on the system.

Date: 2016-10-30 16:39:11.283
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\P EAuth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-30 16:39:11.205
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\P EAuth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-30 16:38:47.742
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.e xe because the set of per-page image hashes could not be found on the system.

Date: 2016-10-26 14:14:35.774
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.e xe because the set of per-page image hashes could not be found on the system.

Date: 2016-10-26 13:47:35.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.e xe because the set of per-page image hashes could not be found on the system.

Date: 2016-10-26 13:25:50.931
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\audiodg.e xe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon™ 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 45%
Total physical RAM: 4095.3 MB
Available physical RAM: 2213.28 MB
Total Virtual: 8188.78 MB
Available Virtual: 6141.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:372.19 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: () (Fixed) (Total:232.88 GB) (Free:173.72 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DF13BED6)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

================================================== ======
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 9C539C53)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hello Roger, please give me a little extra time, because of Christmas, to check your logs. In the meantime can you do a full system scan with Zemana?

Please COPY AND PASTE the log Zemana produces in your next post

Also do you have another mouse you can try?