Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017 Ran by Owner (06-01-2017 21:46:33) Running from C:\Users\Owner\Desktop Windows 7 Professional Service Pack 1 (X64) (2015-02-19 10:08:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3090456578-2289362299-1625809071-500 - Administrator - Disabled) Guest (S-1-5-21-3090456578-2289362299-1625809071-501 - Limited - Disabled) Owner (S-1-5-21-3090456578-2289362299-1625809071-1000 - Administrator - Enabled) => C:\Users\Owner ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . . (Version: 2.1.28.3 - Intel) Hidden . . . (x32 Version: 2.6.2.4 - Intel) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Alienware Command Center (HKLM-x32\...\InstallShield_{5DBA5090-EAB9-4E1C-8F92-C71A1423F14C}) (Version: 3.6.4.0 - Alienware Corp.) Alienware Command Center (Version: 3.6.4.0 - Alienware Corp.) Hidden Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.10C - ) Alienware On-Screen Display (x32 Version: 0.33.0.10C - ) Hidden Ansel (Version: 376.33 - NVIDIA Corporation) Hidden BBC iPlayer Downloads (HKLM-x32\...\{148784F3-3B6E-4DFA-B7A1-3400B277DAF3}) (Version: 1.14.2 - BBC) BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd) BlackBerry Device Software v7.1.0 for the BlackBerry 9900 smartphone (HKLM-x32\...\{5E68751C-4CB6-485F-B2AB-3210FADC019F}) (Version: 7.1.0.1033 (Platform 5.1.0.692) - Research In Motion Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) CDDRV_Installer (Version: 4.60 - Logitech) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell) Dell System Detect - 1 (HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell) Dell System Detect (HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell) EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden ESET Smart Security (HKLM\...\{C20E6525-879A-47C3-BBC4-6B8096D3F53D}) (Version: 9.0.386.0 - ESET, spol. s r.o.) Foxit PhantomPDF Standard (HKLM-x32\...\{EA576878-3D17-11E6-B85F-000C2992F709}) (Version: 8.0.1.628 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HP Button Manager (HKLM-x32\...\{465D6ACC-CAB9-40CD-ADAC-A91B071FA30E}) (Version: 3.5.00 - Hewlett-Packard) HP Deskjet 5520 series Basic Device Software (HKLM\...\{014A59C8-DDA5-4788-906D-1F5CBA8A583D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 5520 series Help (HKLM-x32\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard) HP Deskjet 5520 series Product Improvement Study (HKLM\...\{29E392C4-E0C3-4E96-85B6-03B8E3963310}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HP Webcam Software Suite (HKLM-x32\...\{D10FE2E3-B2DE-4B0E-ACBD-F87A566B9649}) (Version: 1.1.1.13889 - Hewlett-Packard) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 19.0.1629.3590) (HKLM\...\{302600C1-6BDF-4FD1-1603-148929CC1385}) (Version: 19.0.1603.0650 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel) Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden KhalInstallWrapper (Version: 4.72.40 - Logitech) Hidden Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.72 - Logitech) Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Max Registry Cleaner (HKLM\...\{8D815D9B-4DD9-437E-BFE2-E7374D3E7025}_is1) (Version: 6.0.0.065 - MaxSecure Software) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-GB)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla) Nemo PDF To Word (HKLM-x32\...\{6CA8C09B-FA99-49FE-9664-1CE823FAD510}_is1) (Version: - ) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation) NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation) NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.23.1036 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: 1.0.23.1036 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{1A258050-DBDF-48E6-B9B1-E404FF5903F7}) (Version: 1.0.23.1036 - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: 1.0.23.1036 - Qualcomm Atheros) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28134 - Realtek Semiconductor Corp.) Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.4.1902.0 - Seagate) Security Task Manager 2.1h (HKLM-x32\...\Security Task Manager) (Version: 2.1h - Neuber Software) SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0040 - ST Microelectronics) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.8.62 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) VuRoom (HKLM-x32\...\Edison) (Version: - ) Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - ) Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WiTopia (HKLM\...\{9F59FA4D-E431-45FA-889F-EC68D998C7D2}_is1) (Version: 2.3.10.243 - WiTopia) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1912DF20-8B66-416B-8086-76CD8EB5412F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation) Task: {343A192B-B2A1-47E6-9F33-7DBAA273D505} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation) Task: {539E8893-95D6-40AF-A580-4B9D4F5F9110} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {592B51E9-5995-472F-A68F-C9BE997620FC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation) Task: {5C3A7076-5954-43D0-BB8B-C31E6387E322} - System32\Tasks\{62D5BDD0-602B-4C6C-AAB8-469CB87A0460} => pcalua.exe -a C:\Users\Owner\Desktop\msicuu2.exe -d C:\Users\Owner\Desktop Task: {69EDFDEA-3100-400F-A125-A06D8B9D374E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation) Task: {A53B5451-2821-4714-BF3A-493727BD872F} - System32\Tasks\Owner => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2016-04-05] (Seagate Technology LLC) Task: {B9DCE284-A6C9-44D7-A5CF-375A9893A187} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation) Task: {C09A8DD0-C5EA-485B-A027-1B4DFA19A8A3} - System32\Tasks\Owner DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2016-04-05] (Seagate Technology LLC) Task: {C620F59E-C26B-47E0-AA2E-0F0B99218B5D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation) Task: {CA3AD195-DF4D-4625-BAFA-D31E0899C45C} - System32\Tasks\{A2C39715-CC36-4DBA-B963-4961EFD84C41} => pcalua.exe -a C:\Users\Owner\Desktop\HijackThis.exe -d C:\Users\Owner\Desktop Task: {E61E20A2-2390-44C7-B7EE-1539CA909C24} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-04-07 23:38 - 2012-12-06 19:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll 2016-10-07 19:25 - 2016-12-13 06:30 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-07 19:25 - 2016-12-13 06:30 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-11-17 22:05 - 2016-11-17 22:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe 2017-01-03 11:25 - 2017-01-06 19:14 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-03 11:25 - 2017-01-06 19:14 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-01-03 11:25 - 2017-01-06 19:14 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2013-08-21 00:02 - 2013-08-21 00:02 - 04434224 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe 2017-01-05 13:38 - 2016-11-17 22:14 - 00730880 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe 2017-01-05 13:38 - 2016-11-17 22:18 - 01981184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll 2017-01-05 13:38 - 2016-11-17 22:12 - 00237824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll 2017-01-05 13:38 - 2016-11-17 22:08 - 00217344 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll 2017-01-05 13:38 - 2016-11-17 22:16 - 00805632 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe 2017-01-05 13:38 - 2016-11-17 22:11 - 00247552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll 2017-01-05 13:38 - 2016-11-17 22:10 - 00212736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll 2017-01-05 13:38 - 2016-11-17 22:11 - 00174848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll 2017-01-05 13:38 - 2016-11-17 22:10 - 00203520 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll 2017-01-05 13:38 - 2016-11-17 22:09 - 00206592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_disktrace_input.dll 2017-01-05 13:38 - 2016-11-17 22:09 - 00336640 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll 2017-01-05 13:38 - 2016-11-17 22:06 - 00147712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll 2017-01-05 13:38 - 2016-11-17 22:11 - 00213248 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll 2017-01-05 13:38 - 2016-11-17 22:07 - 00229120 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll 2017-01-05 13:38 - 2016-11-17 22:08 - 00224000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll 2017-01-05 13:38 - 2016-11-17 22:06 - 00211712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll 2017-01-05 13:38 - 2016-11-17 22:08 - 00219904 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll 2015-12-10 10:22 - 2015-12-10 10:22 - 00147840 _____ () C:\Users\Owner\AppData\Local\BBC\BBC iPlayer Downloads\BBC iPlayer Downloads.exe 2016-10-07 19:25 - 2016-12-13 06:30 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-10-07 19:25 - 2016-12-13 06:30 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-07 19:25 - 2016-12-13 06:30 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2009-12-18 18:07 - 2009-12-18 18:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll 2016-10-07 19:25 - 2016-12-12 21:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-10-07 19:25 - 2016-12-12 21:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-10-07 19:25 - 2016-12-12 21:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-10-07 19:25 - 2016-12-12 21:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-10-07 19:25 - 2016-12-12 21:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-10-07 19:25 - 2016-12-12 21:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-10-07 19:25 - 2016-12-12 21:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-12-17 17:47 - 2016-12-12 21:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127] AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [109] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7871 more sites. IE trusted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\dell.com -> dell.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\...\123simsen.com -> www.123simsen.com There are 7871 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 09:34 - 2016-08-21 10:25 - 00450954 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15470 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3090456578-2289362299-1625809071-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk => C:\Windows\pss\HP Button Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 5520 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 5520 series.lnk.Startup MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart MSCONFIG\startupreg: EvtMgr6 => MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: RCAutoLiveUpdate => C:\Program Files\Max Registry Cleaner\MaxLURC.exe -AUTO MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{A6E61A36-FA86-4890-B2AA-CAE382FE656A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CD0C55D2-8338-4583-8B63-4EDFBF732150}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9B1B944D-9DB1-420E-BA11-5A07E7B05EB7}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{45BEBF8C-1A39-4C69-AF57-E0E20108F4C6}] => LPort=2869 FirewallRules: [{E8EC789D-D8C4-480E-940F-B18A100EAE20}] => LPort=1900 FirewallRules: [{6A81004E-DE23-4FF4-A004-1D481661BFD6}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{073D0EE9-FC55-456C-9AD1-D2B6C2C8542A}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [TCP Query User{1950CD7B-5DE8-436A-9AA3-BB537FB4DCBA}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{AB1A9DF9-53AF-406C-953F-09DEC1829156}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{429AF49D-E621-4768-B7A4-0201CFD6924A}] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe FirewallRules: [{337964D4-EAE7-489C-8342-BB4E8A90184F}] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{905EEBC8-5226-4AA3-A1A3-3D1F12719587}] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{259BF059-7259-47B7-95EB-25BC16E59DB8}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{0191D10C-CAA8-4192-872E-D2CC7063B7B7}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{A766E8A5-0A07-42BE-BCF6-EFBDF7265106}] => LPort=4481 FirewallRules: [{90855935-7ED8-47F1-A404-AF71BE684132}] => LPort=4481 FirewallRules: [{49F4EE23-2727-408F-A8D3-467C70A4A29B}] => LPort=4482 FirewallRules: [{06C0F06E-B972-4E9D-A2F9-7ED75FBCEDD8}] => LPort=4482 FirewallRules: [{EC44A7DD-22CB-4904-A371-9391E6B87C24}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{019731B2-4FB2-4E43-B087-56E4CE8DB225}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4829ECFA-9670-4549-BFF3-CDA801EE625A}] => LPort=8888 FirewallRules: [{169834CD-AEBC-4179-8395-E6AB8CB6B95A}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{01FC2988-6DC4-48E5-854D-0F55AE0A3687}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{687BF526-21D4-4A0B-B4C2-DB64783C94F9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{14BBC720-D73D-45A6-8694-AECF6022151B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7EC8112C-70A2-462F-91E7-8F6E9EBF9B85}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{F3E78FF9-113C-4F4E-BA07-48BA01F990DE}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{3FF07573-5F93-4871-BE22-03BD44DDDCBC}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{393B5C48-60F4-4B41-9761-E3D1EF79F67B}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ==================== Restore Points ========================= 05-01-2017 13:27:37 Intel® PROSet/Wireless Software 05-01-2017 13:38:39 Intel® Driver Update Utility 05-01-2017 13:43:15 Intel® PROSet/Wireless Software 05-01-2017 13:45:13 Intel® PROSet/Wireless Software 05-01-2017 13:49:15 Intel® PROSet/Wireless Software 05-01-2017 13:51:37 Intel® PROSet/Wireless Software 05-01-2017 13:54:08 Intel® PROSet/Wireless Software 05-01-2017 17:27:41 JRT Pre-Junkware Removal 06-01-2017 11:25:45 AVS Registry Cleaner First Launch 06-01-2017 21:00:21 Removed Java 8 Update 77 06-01-2017 21:00:51 Removed Java 8 Update 91 06-01-2017 21:01:18 Removed Java 8 Update 101 ==================== Faulty Device Manager Devices ============= Name: Viscosity Virtual Adapter V9.1 Description: Viscosity Virtual Adapter V9.1 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: SparkLabs Pty Ltd Service: visctap0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (01/06/2017 06:12:42 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY) Description: A fatal hardware error has occurred. Reported by component: Processor Core Error Source: 3 Error Type: 9 Processor ID: 0 The details view of this entry contains further information. Error: (01/06/2017 06:12:42 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY) Description: A fatal hardware error has occurred. Reported by component: Processor Core Error Source: 3 Error Type: 9 Processor ID: 0 The details view of this entry contains further information. Error: (01/06/2017 06:11:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (01/06/2017 06:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/06/2017 06:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (01/06/2017 06:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Energy Server Service queencreek service terminated unexpectedly. It has done this 1 time(s). Error: (01/06/2017 06:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Alienware Fusion Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/06/2017 06:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Bluetooth Media Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/06/2017 06:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/06/2017 06:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Bluetooth Device Monitor service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-01-05 13:56:14.558 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 13:56:14.543 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 13:46:23.465 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 13:46:23.449 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 13:29:38.668 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 13:29:38.652 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 11:32:50.086 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 11:32:50.066 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 11:11:55.994 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-05 11:11:55.978 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btmaux.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4910MQ CPU @ 2.90GHz Percentage of memory in use: 17% Total physical RAM: 32695.06 MB Available physical RAM: 27104.74 MB Total Virtual: 65388.31 MB Available Virtual: 59361.74 MB ==================== Drives ================================ Drive c: (C) (Fixed) (Total:232.79 GB) (Free:59.77 GB) NTFS Drive e: (DATA1) (Fixed) (Total:931.51 GB) (Free:751 GB) NTFS Drive f: (DATA2) (Fixed) (Total:74.4 GB) (Free:38.06 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: BACA22BC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A5B70F2B) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 74.5 GB) (Disk ID: 66F95844) Partition: GPT. ==================== End of Addition.txt ============================