SHARE
TWEET

ADN

a guest Jul 21st, 2017 40 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
  2. Ran by Iamrock (21-07-2017 12:35:28)
  3. Running from C:\Users\Iamrock\Desktop
  4. Windows 7 Ultimate Service Pack 1 (X64) (2016-09-05 07:51:26)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-584166781-446285001-2979914001-500 - Administrator - Disabled)
  12. Guest (S-1-5-21-584166781-446285001-2979914001-501 - Limited - Disabled)
  13. Iamrock (S-1-5-21-584166781-446285001-2979914001-1000 - Administrator - Enabled) => C:\Users\Iamrock
  14.  
  15. ==================== Security Center ========================
  16.  
  17. (If an entry is included in the fixlist, it will be removed.)
  18.  
  19. AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
  20. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  21. AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
  22.  
  23. ==================== Installed Programs ======================
  24.  
  25. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  26.  
  27. µTorrent (HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
  28. Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
  29. Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
  30. Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
  31. BlueStacks App Player (HKLM-x32\...\{DCDD7FA2-3933-4722-9089-0B95A132B37D}) (Version: 2.1.0.5905 - BlueStack Systems, Inc.)
  32. Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
  33. Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
  34. DriverPack Notifier (HKLM-x32\...\DriverPack Notifier) (Version: 2.1.4 - DriverPack Solution)
  35. FileZilla Client 3.25.2 (HKLM-x32\...\FileZilla Client) (Version: 3.25.2 - Tim Kosse)
  36. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
  37. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
  38. Hotspot Shield 6.8.12 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B1A76C50}) (Version: 6.8.12.10541 - AnchorFree Inc.) Hidden
  39. Hotspot Shield 6.8.12 (HKLM-x32\...\{c67c171b-b51a-4ff1-a641-6f4a9fb11bc9}) (Version: 6.8.12.10541 - AnchorFree Inc.)
  40. Hotspot Shield 6.8.12 (HKLM-x32\...\HotspotShield) (Version: 6.8.12 - AnchorFree Inc.) Hidden
  41. IconChanger (HKLM-x32\...\{C912EFA0-0076-11d5-B04A-BD6C80DF2479}) (Version:  - )
  42. ICQ (version 10.0.12180) (HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\icq.desktop) (Version: 10.0.12180 - ICQ)
  43. Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
  44. Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
  45. Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
  46. KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
  47. Metasploit (HKLM-x32\...\Metasploit 4.14.0) (Version: 4.14.0 - Rapid7)
  48. Microsoft .NET Framework 4.6.1 Hotfix Rollup (KB3154529) (HKLM\...\{5B71B4F6-A412-3C48-B332-0FA9B9958940}) (Version: 4.6.01081 - Microsoft Corporation)
  49. Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
  50. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
  51. Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  52. Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  53. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  54. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  55. Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
  56. Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
  57. MinerGate (HKLM-x32\...\MinerGate) (Version: 6.6 - Minergate Inc)
  58. Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
  59. Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
  60. Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.2 - Notepad++ Team)
  61. NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
  62. NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
  63. NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
  64. NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
  65. OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
  66. Opera Stable 46.0.2597.57 (HKLM-x32\...\Opera 46.0.2597.57) (Version: 46.0.2597.57 - Opera Software)
  67. Python 3.6.1 (32-bit) (HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)
  68. Python 3.6.1 Add to Path (32-bit) (HKLM-x32\...\{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  69. Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32\...\{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  70. Python 3.6.1 Development Libraries (32-bit) (HKLM-x32\...\{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  71. Python 3.6.1 Documentation (32-bit) (HKLM-x32\...\{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  72. Python 3.6.1 Executables (32-bit) (HKLM-x32\...\{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  73. Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32\...\{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  74. Python 3.6.1 Standard Library (32-bit) (HKLM-x32\...\{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  75. Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  76. Python 3.6.1 Test Suite (32-bit) (HKLM-x32\...\{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  77. Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32\...\{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
  78. Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
  79. Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
  80. Quicksys RegDefrag 2.9 (HKLM-x32\...\{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1) (Version:  - )
  81. Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.29092 - Realtek Semiconduct Corp.)
  82. SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden
  83. SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
  84. SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
  85. Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
  86. Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
  87. TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
  88. TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
  89. Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
  90. VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
  91. Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
  92. Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
  93. Windows Driver Package - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass  (05/24/2012 6.0.0000.00000) (HKLM\...\45F0494FFE4F917A43E7F8EC9B2D43560396A625) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.)
  94. Windows Driver Package - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass  (05/24/2012 6.0.0000.00000) (HKLM\...\59AFF6524BE5C0983F2711DEB8D25D511D4F4924) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.)
  95. Windscribe version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
  96. WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
  97. WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
  98. XiaoMiFlash (HKLM-x32\...\{9AF75396-D38E-4F07-831C-9F78923DC015}) (Version: 1.0.0 - XiaoMi)
  99.  
  100. ==================== Custom CLSID (Whitelisted): ==========================
  101.  
  102. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  103.  
  104. CustomCLSID: HKU\S-1-5-21-584166781-446285001-2979914001-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
  105. ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
  106. ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
  107. ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
  108. ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-02-12] ()
  109. ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
  110. ContextMenuHandlers01: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} =>  -> No File
  111. ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-16] (Alexander Roshal)
  112. ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  113. ContextMenuHandlers01: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  114. ContextMenuHandlers02: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} =>  -> No File
  115. ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
  116. ContextMenuHandlers03: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} =>  -> No File
  117. ContextMenuHandlers03: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  118. ContextMenuHandlers04: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  119. ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  120. ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-12] (Intel Corporation)
  121. ContextMenuHandlers05: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  122. ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
  123. ContextMenuHandlers06: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} =>  -> No File
  124. ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-16] (Alexander Roshal)
  125. ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  126. ContextMenuHandlers06: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  127.  
  128. ==================== Scheduled Tasks (Whitelisted) =============
  129.  
  130. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  131.  
  132. Task: {0DB41396-74A8-488C-9A8D-C8EADF257B1F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-11] (Adobe Systems Incorporated)
  133. Task: {3C65FC6D-B12B-4319-8332-D46A782D4F68} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-19] (AVAST Software)
  134. Task: {4945711E-F65D-42DD-AF3A-41F1F0147469} - System32\Tasks\Opera scheduled Autoupdate 1473114058 => C:\Program Files (x86)\Opera\launcher.exe [2017-07-17] (Opera Software)
  135. Task: {4F5A4165-6C6A-4D6E-BCCA-43B736AC9B88} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
  136. Task: {55FB53FF-F8D3-436B-A0A8-A29A72AEC587} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [2015-12-18] ()
  137. Task: {59B42350-BF20-4C5A-A8EA-995C5C461673} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-16] (AVAST Software)
  138. Task: {77B57F8E-D71B-4D49-8FF1-BF2389D2A32C} - System32\Tasks\{9832DC89-EC43-47EC-91A2-5F6EF85587D7} => C:\Windows\system32\pcalua.exe -a C:\Users\Iamrock\Desktop\sp66403.exe -d C:\Users\Iamrock\Desktop
  139. Task: {79B1DBEA-DE73-403B-B27A-2A738512B607} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
  140. Task: {84D1D440-A9E0-4D79-A17D-728C095262E0} - System32\Tasks\{329F3914-FB91-4C8E-9C5E-A4BE0C7D024C} => C:\Windows\system32\pcalua.exe -a E:\Apps\sp66924.exe -d E:\Apps
  141. Task: {A1A92370-FD81-4085-B8A6-1798C7031859} - System32\Tasks\SafeZone scheduled Autoupdate 1473150394 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software)
  142. Task: {A32E4107-31DB-4248-915F-A32C237343EF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
  143. Task: {C198E084-B3DD-481D-ABDB-E3C48AA19E4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-05] (Google Inc.)
  144. Task: {C627ED26-8D23-4F1C-A7FE-DCADE29E135E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
  145. Task: {CB812DDF-F85A-44D6-B361-9DBC7CAB4CAF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
  146. Task: {CE3ACE7B-83C4-4CB7-9B92-35C65C28F996} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
  147. Task: {E02F5CC3-988E-4F96-8AB8-1FF87D0FAF6A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
  148. Task: {F227F0C5-5DD5-496F-8DF2-5561389F2807} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-05] (Google Inc.)
  149.  
  150. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  151.  
  152.  
  153. ==================== Shortcuts & WMI ========================
  154.  
  155. (The entries could be listed to be restored or removed.)
  156.  
  157.  
  158. ==================== Loaded Modules (Whitelisted) ==============
  159.  
  160. 2017-07-12 10:22 - 2017-06-27 14:00 - 00337887 _____ () C:\metasploit\postgresql\bin\LIBPQ.dll
  161. 2017-07-12 10:22 - 2017-06-27 14:00 - 00116588 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\encdb.so
  162. 2017-07-12 10:22 - 2017-06-27 14:00 - 00117650 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\trans\transdb.so
  163. 2017-07-12 10:22 - 2017-06-27 14:00 - 00115630 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\windows_1252.so
  164. 2017-07-12 10:21 - 2017-06-27 14:00 - 00400904 _____ () C:\metasploit\ruby\lib\ruby\gems\2.3.0\extensions\x64-mingw32\2.3.0\ffi-1.9.18\ffi_c.so
  165. 2017-07-12 10:22 - 2017-06-27 14:00 - 00150483 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\pathname.so
  166. 2017-07-12 10:22 - 2017-06-27 14:00 - 00122103 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\etc.so
  167. 2017-07-12 10:22 - 2017-06-27 14:00 - 00264450 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\socket.so
  168. 2017-07-12 10:22 - 2017-06-27 14:00 - 00115600 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\io\wait.so
  169. 2017-07-12 10:22 - 2017-06-27 14:00 - 00189761 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\zlib.so
  170. 2017-07-12 10:21 - 2017-06-27 14:00 - 00095232 _____ () C:\metasploit\ruby\bin\zlib1.dll
  171. 2017-07-12 10:22 - 2017-06-27 14:00 - 00149942 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\stringio.so
  172. 2017-07-12 10:22 - 2017-06-27 14:00 - 00120557 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\windows_31j.so
  173. 2017-07-12 10:22 - 2017-06-27 14:00 - 00364458 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\date_core.so
  174. 2017-07-12 10:22 - 2017-06-27 14:00 - 00140093 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\io\console.so
  175. 2017-07-12 10:22 - 2017-06-27 14:00 - 00114849 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\cgi\escape.so
  176. 2017-07-12 10:22 - 2017-06-27 14:00 - 00624382 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\openssl.so
  177. 2017-07-12 10:22 - 2017-06-27 14:00 - 00130428 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest.so
  178. 2017-07-12 10:22 - 2017-06-27 14:00 - 00114504 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\io\nonblock.so
  179. 2017-07-12 10:22 - 2017-06-27 14:00 - 00175139 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\fiddle.so
  180. 2017-07-12 10:22 - 2017-06-27 14:00 - 00114670 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\utf_16le.so
  181. 2017-07-12 10:22 - 2017-06-27 14:00 - 00120219 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\trans\utf_16_32.so
  182. 2017-07-12 10:22 - 2017-06-27 14:00 - 00138885 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\strscan.so
  183. 2017-07-12 10:22 - 2017-06-27 14:00 - 00112331 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest\sha1.so
  184. 2017-07-12 10:22 - 2017-06-27 14:00 - 00112305 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest\md5.so
  185. 2017-07-12 10:22 - 2017-06-27 14:00 - 00147435 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\psych.so
  186. 2017-07-12 10:21 - 2017-06-27 14:00 - 00586854 _____ () C:\metasploit\ruby\bin\libyaml-0-2.dll
  187. 2017-07-12 10:29 - 2017-06-27 13:55 - 00274413 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\nokogiri-1.8.0\lib\nokogiri\nokogiri.so
  188. 2017-07-12 10:21 - 2017-06-27 14:00 - 00630918 _____ () C:\metasploit\ruby\bin\libexslt-0.dll
  189. 2017-07-12 10:21 - 2017-06-27 14:00 - 01339762 _____ () C:\metasploit\ruby\bin\libxslt-1.dll
  190. 2017-07-12 10:21 - 2017-06-27 14:00 - 06287436 _____ () C:\metasploit\ruby\bin\libxml2-2.dll
  191. 2017-07-12 10:22 - 2017-06-27 14:00 - 00129335 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\racc\cparse.so
  192. 2017-07-12 10:22 - 2017-06-27 14:00 - 00214381 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\bigdecimal.so
  193. 2017-07-12 10:29 - 2017-06-27 13:48 - 00137564 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\json-2.1.0\lib\json\ext\parser.so
  194. 2017-07-12 10:29 - 2017-06-27 13:48 - 00157308 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\json-2.1.0\lib\json\ext\generator.so
  195. 2017-07-12 10:30 - 2017-06-27 13:53 - 00123529 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\network_interface-0.0.1\lib\network_interface_ext.so
  196. 2017-07-12 10:30 - 2017-06-27 13:53 - 00145043 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\pcaprub-0.12.4\lib\pcaprub_c.so
  197. 2017-07-12 10:30 - 2017-06-27 13:51 - 00441711 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\pg-0.20.0\lib\pg_ext.so
  198. 2017-07-12 10:21 - 2017-06-27 14:00 - 00337887 _____ () C:\metasploit\ruby\bin\LIBPQ.dll
  199. 2017-07-12 10:22 - 2017-06-27 14:00 - 00121530 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\euc_jp.so
  200. 2017-07-12 10:29 - 2017-06-27 13:47 - 00135597 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\bcrypt-3.1.11\lib\bcrypt_ext.so
  201. 2017-07-12 10:29 - 2017-06-27 13:52 - 00659832 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\msgpack-1.1.0\lib\msgpack\msgpack.so
  202. 2017-07-12 10:22 - 2017-06-27 14:00 - 00111146 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\fcntl.so
  203. 2017-07-12 10:22 - 2017-06-27 14:00 - 00114949 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest\sha2.so
  204. 2017-07-12 10:22 - 2017-06-27 14:00 - 00359508 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\win32ole.so
  205. 2017-07-12 10:30 - 2017-06-27 13:54 - 00349041 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\redcarpet-3.4.0\lib\redcarpet.so
  206. 2017-07-12 10:28 - 2017-06-27 13:50 - 07760437 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\eventmachine-1.2.3\lib\rubyeventmachine.so
  207. 2017-07-12 10:31 - 2017-06-27 13:56 - 00143191 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\thin-1.7.1\lib\thin_parser.so
  208. 2017-07-12 10:22 - 2017-06-27 14:00 - 00114670 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\utf_16be.so
  209. 2017-07-12 10:30 - 2017-06-27 13:52 - 00112532 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\pg_array_parser-0.0.9\lib\pg_array_parser\pg_array_parser.so
  210. 2017-07-12 10:22 - 2017-06-27 14:00 - 00110970 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\fiber.so
  211. 2017-07-12 10:30 - 2017-06-27 13:56 - 00130447 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\scrypt-2.1.1\ext\scrypt\x86_64-windows\scrypt_ext.dll
  212. 2017-07-12 10:30 - 2017-06-27 13:54 - 00166194 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\sqlite3-1.3.13\lib\sqlite3\sqlite3_native.so
  213. 2017-07-12 10:21 - 2017-06-27 14:00 - 04179451 _____ () C:\metasploit\ruby\bin\libsqlite3-0.dll
  214. 2017-07-12 10:22 - 2017-06-27 14:00 - 06287436 _____ () C:\metasploit\postgresql\bin\libxml2-2.dll
  215. 2017-07-12 10:22 - 2017-06-27 14:00 - 00095232 _____ () C:\metasploit\postgresql\bin\zlib1.dll
  216. 2017-02-08 11:05 - 2017-01-20 11:36 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
  217. 2017-02-08 11:05 - 2017-01-20 11:36 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
  218. 2017-07-19 13:16 - 2017-07-19 13:16 - 00162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
  219. 2017-07-19 13:17 - 2017-07-19 13:17 - 00831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
  220. 2017-07-19 13:17 - 2017-07-19 13:17 - 00276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
  221. 2017-04-30 04:19 - 2017-04-30 04:19 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
  222. 2017-02-12 15:31 - 2017-02-12 15:31 - 00230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
  223. 2017-07-12 10:21 - 2017-06-27 14:00 - 02477568 _____ () C:\metasploit\nginx\sbin\nginxr7.exe
  224. 2017-06-28 11:57 - 2017-06-22 20:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
  225. 2017-06-28 11:57 - 2017-06-22 20:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
  226. 2017-07-19 13:17 - 2017-07-19 13:17 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
  227. 2017-07-19 13:17 - 2017-07-19 13:17 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
  228. 2017-07-19 13:17 - 2017-07-19 13:17 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
  229. 2017-07-20 05:42 - 2017-07-20 05:42 - 05784064 _____ () C:\Program Files\AVAST Software\Avast\defs\17072000\algo.dll
  230. 2017-07-19 13:17 - 2017-07-19 13:17 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
  231. 2017-07-19 13:17 - 2017-07-19 13:17 - 00231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
  232. 2017-07-21 10:08 - 2017-07-21 10:08 - 05886720 _____ () C:\Program Files\AVAST Software\Avast\defs\17072102\algo.dll
  233. 2017-06-15 10:36 - 2017-06-15 10:36 - 00166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
  234. 2017-02-08 11:05 - 2017-01-20 11:36 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
  235. 2017-02-08 11:05 - 2017-01-20 11:36 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
  236. 2017-02-08 11:05 - 2017-01-20 11:36 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
  237. 2017-07-19 13:17 - 2017-07-19 13:17 - 01065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
  238. 2017-07-12 04:25 - 2017-07-12 04:25 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
  239. 2017-07-19 13:16 - 2017-07-19 13:16 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
  240. 2017-06-20 09:28 - 2017-06-20 09:28 - 01997792 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
  241. 2017-02-08 11:06 - 2017-01-20 06:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
  242. 2017-02-08 11:06 - 2017-01-20 06:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
  243. 2017-02-08 11:06 - 2017-01-20 06:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
  244. 2017-02-08 11:06 - 2017-01-20 06:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
  245. 2017-02-08 11:06 - 2017-01-20 06:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
  246. 2017-02-08 11:06 - 2017-01-20 06:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
  247. 2017-02-08 11:06 - 2017-01-20 06:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
  248. 2017-02-08 11:06 - 2017-01-20 06:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
  249.  
  250. ==================== Alternate Data Streams (Whitelisted) =========
  251.  
  252. (If an entry is included in the fixlist, only the ADS will be removed.)
  253.  
  254.  
  255. ==================== Safe Mode (Whitelisted) ===================
  256.  
  257. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  258.  
  259.  
  260. ==================== Association (Whitelisted) ===============
  261.  
  262. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  263.  
  264.  
  265. ==================== Internet Explorer trusted/restricted ===============
  266.  
  267. (If an entry is included in the fixlist, it will be removed from the registry.)
  268.  
  269. IE trusted site: HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\localhost -> hxxps://localhost
  270.  
  271. ==================== Hosts content: ===============================
  272.  
  273. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  274.  
  275. 2009-07-13 19:34 - 2017-05-25 06:45 - 00000828 _____ C:\Windows\system32\Drivers\etc\hosts
  276.  
  277.  
  278. ==================== Other Areas ============================
  279.  
  280. (Currently there is no automatic fix for this section.)
  281.  
  282. HKU\S-1-5-21-584166781-446285001-2979914001-1000\Control Panel\Desktop\\Wallpaper ->
  283. DNS Servers: 46.166.170.10
  284. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  285. Windows Firewall is enabled.
  286.  
  287. ==================== MSCONFIG/TASK MANAGER disabled items ==
  288.  
  289. MSCONFIG\startupreg: DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe --run startup
  290. MSCONFIG\startupreg: MinerGateGui => C:\Program Files\MinerGate\minergate.exe --auto
  291. MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
  292. MSCONFIG\startupreg: Update => C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSDCSC\dCLJuuhXQNtN\msdcsc.exe
  293.  
  294. ==================== FirewallRules (Whitelisted) ===============
  295.  
  296. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  297.  
  298. FirewallRules: [TCP Query User{51C43D01-FBEB-4BF9-8162-3874A2D73A34}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
  299. FirewallRules: [UDP Query User{8AD77406-2F10-47F3-BEF0-D454E0F0D0B4}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
  300. FirewallRules: [{F10D5182-0A4F-46F0-83A7-582949699CC2}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
  301. FirewallRules: [{3D0F0980-6B27-4CF2-9F7A-18386D06167A}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
  302. FirewallRules: [{6F41C615-E018-4C4D-8704-05B5D2547677}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
  303. FirewallRules: [{A9FCF883-AF13-43AC-AABE-51F528204C83}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  304. FirewallRules: [{398EF406-86BD-4AE1-A166-DD7B0197343B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  305. FirewallRules: [{5E4973DF-0A5F-47B4-A178-8B3CC6F88F92}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  306. FirewallRules: [{4C2E4599-97BB-42FC-938E-63CAC2D788FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  307. FirewallRules: [TCP Query User{75C1633F-3D33-4F7B-8AC9-FFAE5F445809}C:\users\iamrock\desktop\15 pics\hideallip.exe] => (Allow) C:\users\iamrock\desktop\15 pics\hideallip.exe
  308. FirewallRules: [UDP Query User{118015E6-FC0B-4EF4-8F99-93894C195DED}C:\users\iamrock\desktop\15 pics\hideallip.exe] => (Allow) C:\users\iamrock\desktop\15 pics\hideallip.exe
  309. FirewallRules: [TCP Query User{D50F708D-5904-4786-862C-58F6CA76DB96}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
  310. FirewallRules: [UDP Query User{847F78DC-BED5-4ABD-824B-BC527683923A}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
  311. FirewallRules: [{5B809314-D753-46C4-AACB-559EAFD3F0C7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  312. FirewallRules: [{E9F477CA-5AE1-4075-A0A2-CDD8EB01C598}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  313. FirewallRules: [{0663D79C-C612-452F-9E62-6E56FD4E4D97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  314. FirewallRules: [{BC6B158B-D9F9-4A3A-B79C-995BD9274B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  315. FirewallRules: [{81E69295-DD18-4A30-95DF-D50E1CAD5FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
  316. FirewallRules: [{D0E0B7A4-802A-419D-BC7D-BAE26FACDEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
  317. FirewallRules: [{CDC837E8-E24E-41EE-B3C9-CDBD37E7DBB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  318. FirewallRules: [{890A7D00-BB94-46AF-A80B-CC7291991948}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  319. FirewallRules: [{52F9A443-8DC2-4CF5-A88D-B95EDB25D586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  320. FirewallRules: [{381309A5-19D0-46AD-A345-9D2B82B09B8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  321. FirewallRules: [{D6CEEAE2-6FDB-4FC1-9EC7-D76A8405D432}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  322. FirewallRules: [{9358FFCD-CAB1-4736-A832-EE3E35CF2097}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  323. FirewallRules: [{CB2275EF-E346-4C20-9A2A-EDA6F35D0056}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
  324. FirewallRules: [{7677BC0F-81C1-4EAC-A075-77133E6ED152}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
  325. FirewallRules: [{EA3C825F-1FC0-43E0-8C28-7D74155006B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
  326. FirewallRules: [{56C23AE6-A514-45BC-AD15-B5E1232F1C5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  327. FirewallRules: [{78550E21-A4DD-4789-85DF-D7BDE4A70010}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
  328. FirewallRules: [{295105C1-1EF7-401A-97D1-4D621D25B882}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  329. FirewallRules: [{39B1B5CB-EB4A-449E-8F50-A739B14378CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  330. FirewallRules: [{2A0DFE83-C6B9-44AB-AB7A-3B9991EFC5F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  331. FirewallRules: [{D350051D-1F15-484E-8CDD-B0A099847022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  332. FirewallRules: [{92A7D19D-6316-467F-BCFC-6D44A55E8374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
  333. FirewallRules: [{62599343-F108-4607-8AFF-EB7A02C3D7DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
  334. FirewallRules: [{4CA02F4D-4F58-440F-A313-46AAE8B3284D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  335. FirewallRules: [{FF75B8AC-AFF2-4A39-8D7D-914791464391}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  336. FirewallRules: [{8014BC09-1B31-4E01-975A-F3F867BC8CC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  337. FirewallRules: [{892D2FF1-081D-4DA8-8800-8E706EC91105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  338. FirewallRules: [{E06AD99A-BBB1-4240-B398-41A479DD7F84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  339. FirewallRules: [{1832A51B-5430-4B5C-A180-20D4A9FE6165}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  340. FirewallRules: [{53FCF403-FB40-4E09-B62E-FB98C284DBC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  341. FirewallRules: [{4C333DC7-B1FD-4765-B96A-321DBD92921E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  342. FirewallRules: [{44659F00-9897-4113-9C8D-718A688FC529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  343. FirewallRules: [{353CA884-F51E-4532-855C-71DB9E1EBA85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  344. FirewallRules: [{88BCEB31-0CB0-4EA2-9E5B-B56AAE2EE506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  345. FirewallRules: [{161AB0C9-B9E1-4B28-9C4E-FD9475E2CE57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  346. FirewallRules: [{A91B73E5-95B0-46FB-BFBF-88D4F8D0E166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  347. FirewallRules: [{AE3A23C9-8E02-4DCB-B0F6-69287E3C076E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  348. FirewallRules: [{2865EB28-FBD4-4658-AD81-6B469D366264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  349. FirewallRules: [{17E956B8-2A99-4827-BB93-217E9F1B5BF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  350. FirewallRules: [{1A1FE5B8-3F39-4B59-B371-8364D31C73F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  351. FirewallRules: [{9420CC58-C76A-4E2C-A813-81A090F1F635}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  352. FirewallRules: [{83BF8516-29AD-48CB-BB24-CE6F80D5047D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  353. FirewallRules: [{F77D375C-E702-4305-AB04-EA89623C2A0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  354. FirewallRules: [{776E375A-80C0-4FAC-9C96-5602838A6805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  355. FirewallRules: [{D1F8FCDA-0ACE-4BDB-9E5D-74F510894520}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  356. FirewallRules: [{7E5BAB99-EA8E-4AE9-8211-BCC307AE409B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  357. FirewallRules: [{E798FDD0-5F14-4178-953D-696D17EEEC7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  358. FirewallRules: [{6F3912B1-939C-454D-980B-22281959E60D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  359. FirewallRules: [{F6909EF5-3D6C-4174-BE44-966029318907}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  360. FirewallRules: [{E961C3AE-C4FF-44EC-B86A-34FB82F5FDDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  361. FirewallRules: [{135EF350-7B6A-443F-B4AB-56A17074E999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  362. FirewallRules: [{AFC60A53-A3E9-4312-B018-85B9CD8FAC0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  363. FirewallRules: [{6CF72B30-CF7C-401F-9183-579949E7C494}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  364. FirewallRules: [{081DF08B-41AB-4BF1-BEB0-1856E928A7DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  365. FirewallRules: [{77BA692F-F05B-45DE-A81B-93506381F82B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  366. FirewallRules: [{DA213E77-495D-49DE-AFD8-0C5A3ECC701D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  367. FirewallRules: [{5F2973F0-9AD8-4D63-8EFB-0B6E07B629D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
  368. FirewallRules: [{EF612B9F-E64E-4C8E-BC51-74848C649542}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  369. FirewallRules: [{92428DCF-C861-4F42-A538-9A03345C01DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  370. FirewallRules: [{E85C5F94-97EE-4C99-ADF8-91297478B76C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  371. FirewallRules: [{6C6930E1-C18B-4F4E-AB09-9FF8CEB81453}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  372. FirewallRules: [TCP Query User{23B8A9BC-FFEB-4341-94F4-D179F4375C5C}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
  373. FirewallRules: [UDP Query User{A3F9758F-48F1-40FC-A1C6-93BF5CB69BB6}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
  374. FirewallRules: [{DC63F122-AF83-4584-9A65-81F2C309FB82}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  375. FirewallRules: [{3EA97C50-59AA-4CA1-96B6-44AA9F8ED294}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  376. FirewallRules: [{9373651B-E3DC-499D-8966-C5ADA813C010}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  377. FirewallRules: [TCP Query User{69858534-D3EB-4F73-A1D2-AE9D87E1C131}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
  378. FirewallRules: [UDP Query User{96346016-B063-4ECC-BEE2-8CFA4632FF83}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
  379. FirewallRules: [{2ADE89D0-8C4A-4EFE-9658-119B5B44873A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
  380. FirewallRules: [{3764D2A1-B937-4D81-8055-3E30F8F497A1}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.46\opera.exe
  381. FirewallRules: [{C26090D3-20F4-43A9-AED3-9D447DE47966}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
  382. FirewallRules: [{BC57FF24-310B-4C1B-871E-2A0EAE90D8B0}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.57\opera.exe
  383.  
  384. ==================== Restore Points =========================
  385.  
  386.  
  387. ==================== Faulty Device Manager Devices =============
  388.  
  389. Name:
  390. Description:
  391. Class Guid:
  392. Manufacturer:
  393. Service:
  394. Problem: : The drivers for this device are not installed. (Code 28)
  395. Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
  396.  
  397.  
  398. ==================== Event log errors: =========================
  399.  
  400. Application errors:
  401. ==================
  402. Error: (07/21/2017 10:59:25 AM) (Source: Application Error) (EventID: 1000) (User: )
  403. Description: Faulting application name: plugin-container.exe, version: 43.0.1.5828, time stamp: 0x56723a12
  404. Faulting module name: mozglue.dll, version: 43.0.1.5828, time stamp: 0x56722c0b
  405. Exception code: 0x80000003
  406. Fault offset: 0x0000ed63
  407. Faulting process id: 0x4c8
  408. Faulting application start time: 0x01d3024ad8d68e7b
  409. Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
  410. Faulting module path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
  411. Report Id: 54c96302-6e3e-11e7-bd89-fc15b406fe9e
  412.  
  413. Error: (07/20/2017 11:52:10 PM) (Source: nginx) (EventID: 3299) (User: )
  414. Description: C:\metasploit\apps\pro\..\..\nginx\sbin\nginxr7.exe:
  415. could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
  416.         .
  417.  
  418. Error: (07/20/2017 11:47:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
  419. Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
  420.  
  421. Error: (07/20/2017 11:46:22 PM) (Source: DbxSvc) (EventID: 320) (User: )
  422. Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
  423.  
  424. Error: (07/20/2017 05:43:55 AM) (Source: nginx) (EventID: 3299) (User: )
  425. Description: C:\metasploit\apps\pro\..\..\nginx\sbin\nginxr7.exe:
  426. could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
  427.         .
  428.  
  429. Error: (07/20/2017 05:43:44 AM) (Source: Application Error) (EventID: 1000) (User: )
  430. Description: Faulting application name: plugin-container.exe, version: 43.0.1.5828, time stamp: 0x56723a12
  431. Faulting module name: mozglue.dll, version: 43.0.1.5828, time stamp: 0x56722c0b
  432. Exception code: 0x80000003
  433. Fault offset: 0x0000ed63
  434. Faulting process id: 0x1a34
  435. Faulting application start time: 0x01d30155af4e0a26
  436. Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
  437. Faulting module path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
  438. Report Id: 10ab4a7b-6d49-11e7-a5d5-fc15b406fe9e
  439.  
  440. Error: (07/20/2017 05:37:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
  441. Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
  442.  
  443. Error: (07/20/2017 05:36:15 AM) (Source: DbxSvc) (EventID: 320) (User: )
  444. Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
  445.  
  446. Error: (07/20/2017 01:01:05 AM) (Source: SideBySide) (EventID: 33) (User: )
  447. Description: Activation context generation failed for "c:\program files (x86)\oneplus usb drivers\tool_ia64.exe".
  448. Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
  449. Please use sxstrace.exe for detailed diagnosis.
  450.  
  451. Error: (07/20/2017 12:17:24 AM) (Source: nginx) (EventID: 3299) (User: )
  452. Description: C:\metasploit\apps\pro\..\..\nginx\sbin\nginxr7.exe:
  453. could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
  454.         .
  455.  
  456.  
  457. System errors:
  458. =============
  459. Error: (07/20/2017 11:49:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  460. Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
  461. The service did not respond to the start or control request in a timely fashion.
  462.  
  463. Error: (07/20/2017 11:49:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  464. Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
  465.  
  466. Error: (07/20/2017 05:37:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
  467. Description: The TeamViewer 12 service failed to start due to the following error:
  468. The service did not respond to the start or control request in a timely fashion.
  469.  
  470. Error: (07/20/2017 05:37:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
  471. Description: A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 12 service to connect.
  472.  
  473. Error: (07/20/2017 01:47:05 AM) (Source: DCOM) (EventID: 10010) (User: )
  474. Description: The server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} did not register with DCOM within the required timeout.
  475.  
  476. Error: (07/20/2017 12:14:27 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
  477. Description: The Windows Update service hung on starting.
  478.  
  479. Error: (07/19/2017 04:00:52 PM) (Source: DCOM) (EventID: 10010) (User: )
  480. Description: The server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} did not register with DCOM within the required timeout.
  481.  
  482. Error: (07/19/2017 10:31:14 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
  483. Description: The following fatal alert was generated: 10. The internal error state is 10.
  484.  
  485. Error: (07/19/2017 04:33:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
  486. Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
  487. The service did not respond to the start or control request in a timely fashion.
  488.  
  489. Error: (07/19/2017 04:33:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
  490. Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
  491.  
  492.  
  493. CodeIntegrity:
  494. ===================================
  495.   Date: 2017-07-20 23:46:13.496
  496.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  497.  
  498.   Date: 2017-07-20 23:46:13.480
  499.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  500.  
  501.   Date: 2017-07-20 05:36:06.636
  502.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  503.  
  504.   Date: 2017-07-20 05:36:06.621
  505.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  506.  
  507.   Date: 2017-07-20 00:09:54.202
  508.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  509.  
  510.   Date: 2017-07-20 00:09:53.781
  511.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  512.  
  513.   Date: 2017-07-19 04:34:56.674
  514.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  515.  
  516.   Date: 2017-07-19 04:34:56.175
  517.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  518.  
  519.   Date: 2017-07-18 10:07:07.960
  520.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  521.  
  522.   Date: 2017-07-18 10:07:07.947
  523.   Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  524.  
  525.  
  526. ==================== Memory info ===========================
  527.  
  528. Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
  529. Percentage of memory in use: 74%
  530. Total physical RAM: 3994.35 MB
  531. Available physical RAM: 1007.97 MB
  532. Total Virtual: 13986.9 MB
  533. Available Virtual: 9751.32 MB
  534.  
  535. ==================== Drives ================================
  536.  
  537. Drive c: () (Fixed) (Total:97.56 GB) (Free:16.79 GB) NTFS
  538. Drive d: () (Fixed) (Total:195.31 GB) (Free:77 GB) NTFS
  539. Drive e: () (Fixed) (Total:168.75 GB) (Free:68.13 GB) NTFS
  540.  
  541. ==================== MBR & Partition Table ==================
  542.  
  543. ========================================================
  544. Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F5B9B9A4)
  545. Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
  546. Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
  547. Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
  548. Partition 4: (Not Active) - (Size=168.8 GB) - (Type=07 NTFS)
  549.  
  550. ==================== End of Addition.txt ============================
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top