Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
- Ran by Iamrock (21-07-2017 12:35:28)
- Running from C:\Users\Iamrock\Desktop
- Windows 7 Ultimate Service Pack 1 (X64) (2016-09-05 07:51:26)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-584166781-446285001-2979914001-500 - Administrator - Disabled)
- Guest (S-1-5-21-584166781-446285001-2979914001-501 - Limited - Disabled)
- Iamrock (S-1-5-21-584166781-446285001-2979914001-1000 - Administrator - Enabled) => C:\Users\Iamrock
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
- Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
- Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
- Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
- BlueStacks App Player (HKLM-x32\...\{DCDD7FA2-3933-4722-9089-0B95A132B37D}) (Version: 2.1.0.5905 - BlueStack Systems, Inc.)
- Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
- Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
- DriverPack Notifier (HKLM-x32\...\DriverPack Notifier) (Version: 2.1.4 - DriverPack Solution)
- FileZilla Client 3.25.2 (HKLM-x32\...\FileZilla Client) (Version: 3.25.2 - Tim Kosse)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
- Hotspot Shield 6.8.12 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925B1A76C50}) (Version: 6.8.12.10541 - AnchorFree Inc.) Hidden
- Hotspot Shield 6.8.12 (HKLM-x32\...\{c67c171b-b51a-4ff1-a641-6f4a9fb11bc9}) (Version: 6.8.12.10541 - AnchorFree Inc.)
- Hotspot Shield 6.8.12 (HKLM-x32\...\HotspotShield) (Version: 6.8.12 - AnchorFree Inc.) Hidden
- IconChanger (HKLM-x32\...\{C912EFA0-0076-11d5-B04A-BD6C80DF2479}) (Version: - )
- ICQ (version 10.0.12180) (HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\icq.desktop) (Version: 10.0.12180 - ICQ)
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
- Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
- Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
- KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
- Metasploit (HKLM-x32\...\Metasploit 4.14.0) (Version: 4.14.0 - Rapid7)
- Microsoft .NET Framework 4.6.1 Hotfix Rollup (KB3154529) (HKLM\...\{5B71B4F6-A412-3C48-B332-0FA9B9958940}) (Version: 4.6.01081 - Microsoft Corporation)
- Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
- MinerGate (HKLM-x32\...\MinerGate) (Version: 6.6 - Minergate Inc)
- Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
- Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.2 - Notepad++ Team)
- NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
- NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
- NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
- NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
- OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
- Opera Stable 46.0.2597.57 (HKLM-x32\...\Opera 46.0.2597.57) (Version: 46.0.2597.57 - Opera Software)
- Python 3.6.1 (32-bit) (HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)
- Python 3.6.1 Add to Path (32-bit) (HKLM-x32\...\{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32\...\{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Development Libraries (32-bit) (HKLM-x32\...\{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Documentation (32-bit) (HKLM-x32\...\{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Executables (32-bit) (HKLM-x32\...\{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32\...\{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Standard Library (32-bit) (HKLM-x32\...\{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Test Suite (32-bit) (HKLM-x32\...\{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32\...\{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
- Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
- Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
- Quicksys RegDefrag 2.9 (HKLM-x32\...\{5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1) (Version: - )
- Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.29092 - Realtek Semiconduct Corp.)
- SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden
- SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
- SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
- Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
- TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
- Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
- VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
- Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
- Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
- Windows Driver Package - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass (05/24/2012 6.0.0000.00000) (HKLM\...\45F0494FFE4F917A43E7F8EC9B2D43560396A625) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.)
- Windows Driver Package - OnePlus, Inc. (WinUSB) AndroidUsbDeviceClass (05/24/2012 6.0.0000.00000) (HKLM\...\59AFF6524BE5C0983F2711DEB8D25D511D4F4924) (Version: 05/24/2012 6.0.0000.00000 - OnePlus, Inc.)
- Windscribe version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe)
- WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
- WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
- XiaoMiFlash (HKLM-x32\...\{9AF75396-D38E-4F07-831C-9F78923DC015}) (Version: 1.0.0 - XiaoMi)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-584166781-446285001-2979914001-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
- ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
- ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
- ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
- ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-02-12] ()
- ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
- ContextMenuHandlers01: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} => -> No File
- ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-16] (Alexander Roshal)
- ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
- ContextMenuHandlers01: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
- ContextMenuHandlers02: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} => -> No File
- ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
- ContextMenuHandlers03: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} => -> No File
- ContextMenuHandlers03: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
- ContextMenuHandlers04: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
- ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
- ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-12] (Intel Corporation)
- ContextMenuHandlers05: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
- ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-19] (AVAST Software)
- ContextMenuHandlers06: [ChangeIcon] -> {C912EFA0-0076-11d5-B04A-BD6C80DF2479} => -> No File
- ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-16] (Alexander Roshal)
- ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
- ContextMenuHandlers06: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0DB41396-74A8-488C-9A8D-C8EADF257B1F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-11] (Adobe Systems Incorporated)
- Task: {3C65FC6D-B12B-4319-8332-D46A782D4F68} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-19] (AVAST Software)
- Task: {4945711E-F65D-42DD-AF3A-41F1F0147469} - System32\Tasks\Opera scheduled Autoupdate 1473114058 => C:\Program Files (x86)\Opera\launcher.exe [2017-07-17] (Opera Software)
- Task: {4F5A4165-6C6A-4D6E-BCCA-43B736AC9B88} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
- Task: {55FB53FF-F8D3-436B-A0A8-A29A72AEC587} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [2015-12-18] ()
- Task: {59B42350-BF20-4C5A-A8EA-995C5C461673} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-16] (AVAST Software)
- Task: {77B57F8E-D71B-4D49-8FF1-BF2389D2A32C} - System32\Tasks\{9832DC89-EC43-47EC-91A2-5F6EF85587D7} => C:\Windows\system32\pcalua.exe -a C:\Users\Iamrock\Desktop\sp66403.exe -d C:\Users\Iamrock\Desktop
- Task: {79B1DBEA-DE73-403B-B27A-2A738512B607} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
- Task: {84D1D440-A9E0-4D79-A17D-728C095262E0} - System32\Tasks\{329F3914-FB91-4C8E-9C5E-A4BE0C7D024C} => C:\Windows\system32\pcalua.exe -a E:\Apps\sp66924.exe -d E:\Apps
- Task: {A1A92370-FD81-4085-B8A6-1798C7031859} - System32\Tasks\SafeZone scheduled Autoupdate 1473150394 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software)
- Task: {A32E4107-31DB-4248-915F-A32C237343EF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
- Task: {C198E084-B3DD-481D-ABDB-E3C48AA19E4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-05] (Google Inc.)
- Task: {C627ED26-8D23-4F1C-A7FE-DCADE29E135E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
- Task: {CB812DDF-F85A-44D6-B361-9DBC7CAB4CAF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
- Task: {CE3ACE7B-83C4-4CB7-9B92-35C65C28F996} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
- Task: {E02F5CC3-988E-4F96-8AB8-1FF87D0FAF6A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
- Task: {F227F0C5-5DD5-496F-8DF2-5561389F2807} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-05] (Google Inc.)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00337887 _____ () C:\metasploit\postgresql\bin\LIBPQ.dll
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00116588 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\encdb.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00117650 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\trans\transdb.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00115630 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\windows_1252.so
- 2017-07-12 10:21 - 2017-06-27 14:00 - 00400904 _____ () C:\metasploit\ruby\lib\ruby\gems\2.3.0\extensions\x64-mingw32\2.3.0\ffi-1.9.18\ffi_c.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00150483 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\pathname.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00122103 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\etc.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00264450 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\socket.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00115600 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\io\wait.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00189761 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\zlib.so
- 2017-07-12 10:21 - 2017-06-27 14:00 - 00095232 _____ () C:\metasploit\ruby\bin\zlib1.dll
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00149942 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\stringio.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00120557 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\windows_31j.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00364458 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\date_core.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00140093 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\io\console.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00114849 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\cgi\escape.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00624382 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\openssl.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00130428 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00114504 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\io\nonblock.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00175139 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\fiddle.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00114670 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\utf_16le.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00120219 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\trans\utf_16_32.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00138885 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\strscan.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00112331 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest\sha1.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00112305 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest\md5.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00147435 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\psych.so
- 2017-07-12 10:21 - 2017-06-27 14:00 - 00586854 _____ () C:\metasploit\ruby\bin\libyaml-0-2.dll
- 2017-07-12 10:29 - 2017-06-27 13:55 - 00274413 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\nokogiri-1.8.0\lib\nokogiri\nokogiri.so
- 2017-07-12 10:21 - 2017-06-27 14:00 - 00630918 _____ () C:\metasploit\ruby\bin\libexslt-0.dll
- 2017-07-12 10:21 - 2017-06-27 14:00 - 01339762 _____ () C:\metasploit\ruby\bin\libxslt-1.dll
- 2017-07-12 10:21 - 2017-06-27 14:00 - 06287436 _____ () C:\metasploit\ruby\bin\libxml2-2.dll
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00129335 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\racc\cparse.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00214381 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\bigdecimal.so
- 2017-07-12 10:29 - 2017-06-27 13:48 - 00137564 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\json-2.1.0\lib\json\ext\parser.so
- 2017-07-12 10:29 - 2017-06-27 13:48 - 00157308 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\json-2.1.0\lib\json\ext\generator.so
- 2017-07-12 10:30 - 2017-06-27 13:53 - 00123529 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\network_interface-0.0.1\lib\network_interface_ext.so
- 2017-07-12 10:30 - 2017-06-27 13:53 - 00145043 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\pcaprub-0.12.4\lib\pcaprub_c.so
- 2017-07-12 10:30 - 2017-06-27 13:51 - 00441711 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\pg-0.20.0\lib\pg_ext.so
- 2017-07-12 10:21 - 2017-06-27 14:00 - 00337887 _____ () C:\metasploit\ruby\bin\LIBPQ.dll
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00121530 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\euc_jp.so
- 2017-07-12 10:29 - 2017-06-27 13:47 - 00135597 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\bcrypt-3.1.11\lib\bcrypt_ext.so
- 2017-07-12 10:29 - 2017-06-27 13:52 - 00659832 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\msgpack-1.1.0\lib\msgpack\msgpack.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00111146 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\fcntl.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00114949 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\digest\sha2.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00359508 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\win32ole.so
- 2017-07-12 10:30 - 2017-06-27 13:54 - 00349041 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\redcarpet-3.4.0\lib\redcarpet.so
- 2017-07-12 10:28 - 2017-06-27 13:50 - 07760437 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\eventmachine-1.2.3\lib\rubyeventmachine.so
- 2017-07-12 10:31 - 2017-06-27 13:56 - 00143191 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\thin-1.7.1\lib\thin_parser.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00114670 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\enc\utf_16be.so
- 2017-07-12 10:30 - 2017-06-27 13:52 - 00112532 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\pg_array_parser-0.0.9\lib\pg_array_parser\pg_array_parser.so
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00110970 _____ () C:\metasploit\ruby\lib\ruby\2.3.0\x64-mingw32\fiber.so
- 2017-07-12 10:30 - 2017-06-27 13:56 - 00130447 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\scrypt-2.1.1\ext\scrypt\x86_64-windows\scrypt_ext.dll
- 2017-07-12 10:30 - 2017-06-27 13:54 - 00166194 _____ () C:\metasploit\apps\pro\vendor\bundle\ruby\2.3.0\gems\sqlite3-1.3.13\lib\sqlite3\sqlite3_native.so
- 2017-07-12 10:21 - 2017-06-27 14:00 - 04179451 _____ () C:\metasploit\ruby\bin\libsqlite3-0.dll
- 2017-07-12 10:22 - 2017-06-27 14:00 - 06287436 _____ () C:\metasploit\postgresql\bin\libxml2-2.dll
- 2017-07-12 10:22 - 2017-06-27 14:00 - 00095232 _____ () C:\metasploit\postgresql\bin\zlib1.dll
- 2017-02-08 11:05 - 2017-01-20 11:36 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
- 2017-02-08 11:05 - 2017-01-20 11:36 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
- 2017-07-19 13:16 - 2017-07-19 13:16 - 00162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 00831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 00276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
- 2017-04-30 04:19 - 2017-04-30 04:19 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
- 2017-02-12 15:31 - 2017-02-12 15:31 - 00230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
- 2017-07-12 10:21 - 2017-06-27 14:00 - 02477568 _____ () C:\metasploit\nginx\sbin\nginxr7.exe
- 2017-06-28 11:57 - 2017-06-22 20:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
- 2017-06-28 11:57 - 2017-06-22 20:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
- 2017-07-20 05:42 - 2017-07-20 05:42 - 05784064 _____ () C:\Program Files\AVAST Software\Avast\defs\17072000\algo.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 00231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
- 2017-07-21 10:08 - 2017-07-21 10:08 - 05886720 _____ () C:\Program Files\AVAST Software\Avast\defs\17072102\algo.dll
- 2017-06-15 10:36 - 2017-06-15 10:36 - 00166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
- 2017-02-08 11:05 - 2017-01-20 11:36 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
- 2017-02-08 11:05 - 2017-01-20 11:36 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
- 2017-02-08 11:05 - 2017-01-20 11:36 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
- 2017-07-19 13:17 - 2017-07-19 13:17 - 01065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
- 2017-07-12 04:25 - 2017-07-12 04:25 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
- 2017-07-19 13:16 - 2017-07-19 13:16 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
- 2017-06-20 09:28 - 2017-06-20 09:28 - 01997792 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
- 2017-02-08 11:06 - 2017-01-20 06:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
- 2017-02-08 11:06 - 2017-01-20 06:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
- 2017-02-08 11:06 - 2017-01-20 06:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
- 2017-02-08 11:06 - 2017-01-20 06:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
- 2017-02-08 11:06 - 2017-01-20 06:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
- 2017-02-08 11:06 - 2017-01-20 06:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
- 2017-02-08 11:06 - 2017-01-20 06:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
- 2017-02-08 11:06 - 2017-01-20 06:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE trusted site: HKU\S-1-5-21-584166781-446285001-2979914001-1000\...\localhost -> hxxps://localhost
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-13 19:34 - 2017-05-25 06:45 - 00000828 _____ C:\Windows\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-584166781-446285001-2979914001-1000\Control Panel\Desktop\\Wallpaper ->
- DNS Servers: 46.166.170.10
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- MSCONFIG\startupreg: DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe --run startup
- MSCONFIG\startupreg: MinerGateGui => C:\Program Files\MinerGate\minergate.exe --auto
- MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
- MSCONFIG\startupreg: Update => C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSDCSC\dCLJuuhXQNtN\msdcsc.exe
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [TCP Query User{51C43D01-FBEB-4BF9-8162-3874A2D73A34}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [UDP Query User{8AD77406-2F10-47F3-BEF0-D454E0F0D0B4}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [{F10D5182-0A4F-46F0-83A7-582949699CC2}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
- FirewallRules: [{3D0F0980-6B27-4CF2-9F7A-18386D06167A}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
- FirewallRules: [{6F41C615-E018-4C4D-8704-05B5D2547677}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{A9FCF883-AF13-43AC-AABE-51F528204C83}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{398EF406-86BD-4AE1-A166-DD7B0197343B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{5E4973DF-0A5F-47B4-A178-8B3CC6F88F92}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{4C2E4599-97BB-42FC-938E-63CAC2D788FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [TCP Query User{75C1633F-3D33-4F7B-8AC9-FFAE5F445809}C:\users\iamrock\desktop\15 pics\hideallip.exe] => (Allow) C:\users\iamrock\desktop\15 pics\hideallip.exe
- FirewallRules: [UDP Query User{118015E6-FC0B-4EF4-8F99-93894C195DED}C:\users\iamrock\desktop\15 pics\hideallip.exe] => (Allow) C:\users\iamrock\desktop\15 pics\hideallip.exe
- FirewallRules: [TCP Query User{D50F708D-5904-4786-862C-58F6CA76DB96}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [UDP Query User{847F78DC-BED5-4ABD-824B-BC527683923A}C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\iamrock\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [{5B809314-D753-46C4-AACB-559EAFD3F0C7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{E9F477CA-5AE1-4075-A0A2-CDD8EB01C598}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{0663D79C-C612-452F-9E62-6E56FD4E4D97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{BC6B158B-D9F9-4A3A-B79C-995BD9274B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{81E69295-DD18-4A30-95DF-D50E1CAD5FF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
- FirewallRules: [{D0E0B7A4-802A-419D-BC7D-BAE26FACDEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
- FirewallRules: [{CDC837E8-E24E-41EE-B3C9-CDBD37E7DBB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{890A7D00-BB94-46AF-A80B-CC7291991948}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{52F9A443-8DC2-4CF5-A88D-B95EDB25D586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{381309A5-19D0-46AD-A345-9D2B82B09B8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{D6CEEAE2-6FDB-4FC1-9EC7-D76A8405D432}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{9358FFCD-CAB1-4736-A832-EE3E35CF2097}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{CB2275EF-E346-4C20-9A2A-EDA6F35D0056}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
- FirewallRules: [{7677BC0F-81C1-4EAC-A075-77133E6ED152}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
- FirewallRules: [{EA3C825F-1FC0-43E0-8C28-7D74155006B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
- FirewallRules: [{56C23AE6-A514-45BC-AD15-B5E1232F1C5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{78550E21-A4DD-4789-85DF-D7BDE4A70010}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{295105C1-1EF7-401A-97D1-4D621D25B882}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{39B1B5CB-EB4A-449E-8F50-A739B14378CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{2A0DFE83-C6B9-44AB-AB7A-3B9991EFC5F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{D350051D-1F15-484E-8CDD-B0A099847022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{92A7D19D-6316-467F-BCFC-6D44A55E8374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
- FirewallRules: [{62599343-F108-4607-8AFF-EB7A02C3D7DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
- FirewallRules: [{4CA02F4D-4F58-440F-A313-46AAE8B3284D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{FF75B8AC-AFF2-4A39-8D7D-914791464391}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{8014BC09-1B31-4E01-975A-F3F867BC8CC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{892D2FF1-081D-4DA8-8800-8E706EC91105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{E06AD99A-BBB1-4240-B398-41A479DD7F84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{1832A51B-5430-4B5C-A180-20D4A9FE6165}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{53FCF403-FB40-4E09-B62E-FB98C284DBC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{4C333DC7-B1FD-4765-B96A-321DBD92921E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{44659F00-9897-4113-9C8D-718A688FC529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{353CA884-F51E-4532-855C-71DB9E1EBA85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{88BCEB31-0CB0-4EA2-9E5B-B56AAE2EE506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{161AB0C9-B9E1-4B28-9C4E-FD9475E2CE57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{A91B73E5-95B0-46FB-BFBF-88D4F8D0E166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{AE3A23C9-8E02-4DCB-B0F6-69287E3C076E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{2865EB28-FBD4-4658-AD81-6B469D366264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{17E956B8-2A99-4827-BB93-217E9F1B5BF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{1A1FE5B8-3F39-4B59-B371-8364D31C73F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{9420CC58-C76A-4E2C-A813-81A090F1F635}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{83BF8516-29AD-48CB-BB24-CE6F80D5047D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{F77D375C-E702-4305-AB04-EA89623C2A0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{776E375A-80C0-4FAC-9C96-5602838A6805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{D1F8FCDA-0ACE-4BDB-9E5D-74F510894520}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{7E5BAB99-EA8E-4AE9-8211-BCC307AE409B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{E798FDD0-5F14-4178-953D-696D17EEEC7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{6F3912B1-939C-454D-980B-22281959E60D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{F6909EF5-3D6C-4174-BE44-966029318907}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{E961C3AE-C4FF-44EC-B86A-34FB82F5FDDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{135EF350-7B6A-443F-B4AB-56A17074E999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{AFC60A53-A3E9-4312-B018-85B9CD8FAC0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{6CF72B30-CF7C-401F-9183-579949E7C494}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{081DF08B-41AB-4BF1-BEB0-1856E928A7DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{77BA692F-F05B-45DE-A81B-93506381F82B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{DA213E77-495D-49DE-AFD8-0C5A3ECC701D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{5F2973F0-9AD8-4D63-8EFB-0B6E07B629D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
- FirewallRules: [{EF612B9F-E64E-4C8E-BC51-74848C649542}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{92428DCF-C861-4F42-A538-9A03345C01DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{E85C5F94-97EE-4C99-ADF8-91297478B76C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{6C6930E1-C18B-4F4E-AB09-9FF8CEB81453}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [TCP Query User{23B8A9BC-FFEB-4341-94F4-D179F4375C5C}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
- FirewallRules: [UDP Query User{A3F9758F-48F1-40FC-A1C6-93BF5CB69BB6}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
- FirewallRules: [{DC63F122-AF83-4584-9A65-81F2C309FB82}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{3EA97C50-59AA-4CA1-96B6-44AA9F8ED294}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{9373651B-E3DC-499D-8966-C5ADA813C010}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [TCP Query User{69858534-D3EB-4F73-A1D2-AE9D87E1C131}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
- FirewallRules: [UDP Query User{96346016-B063-4ECC-BEE2-8CFA4632FF83}C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe] => (Allow) C:\users\iamrock\downloads\compressed\vip72socks\vip72socks.exe
- FirewallRules: [{2ADE89D0-8C4A-4EFE-9658-119B5B44873A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
- FirewallRules: [{3764D2A1-B937-4D81-8055-3E30F8F497A1}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.46\opera.exe
- FirewallRules: [{C26090D3-20F4-43A9-AED3-9D447DE47966}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
- FirewallRules: [{BC57FF24-310B-4C1B-871E-2A0EAE90D8B0}] => (Allow) C:\Program Files (x86)\Opera\46.0.2597.57\opera.exe
- ==================== Restore Points =========================
- ==================== Faulty Device Manager Devices =============
- Name:
- Description:
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (07/21/2017 10:59:25 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: plugin-container.exe, version: 43.0.1.5828, time stamp: 0x56723a12
- Faulting module name: mozglue.dll, version: 43.0.1.5828, time stamp: 0x56722c0b
- Exception code: 0x80000003
- Fault offset: 0x0000ed63
- Faulting process id: 0x4c8
- Faulting application start time: 0x01d3024ad8d68e7b
- Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
- Faulting module path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
- Report Id: 54c96302-6e3e-11e7-bd89-fc15b406fe9e
- Error: (07/20/2017 11:52:10 PM) (Source: nginx) (EventID: 3299) (User: )
- Description: C:\metasploit\apps\pro\..\..\nginx\sbin\nginxr7.exe:
- could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
- .
- Error: (07/20/2017 11:47:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
- Error: (07/20/2017 11:46:22 PM) (Source: DbxSvc) (EventID: 320) (User: )
- Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
- Error: (07/20/2017 05:43:55 AM) (Source: nginx) (EventID: 3299) (User: )
- Description: C:\metasploit\apps\pro\..\..\nginx\sbin\nginxr7.exe:
- could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
- .
- Error: (07/20/2017 05:43:44 AM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: plugin-container.exe, version: 43.0.1.5828, time stamp: 0x56723a12
- Faulting module name: mozglue.dll, version: 43.0.1.5828, time stamp: 0x56722c0b
- Exception code: 0x80000003
- Fault offset: 0x0000ed63
- Faulting process id: 0x1a34
- Faulting application start time: 0x01d30155af4e0a26
- Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
- Faulting module path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
- Report Id: 10ab4a7b-6d49-11e7-a5d5-fc15b406fe9e
- Error: (07/20/2017 05:37:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
- Error: (07/20/2017 05:36:15 AM) (Source: DbxSvc) (EventID: 320) (User: )
- Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
- Error: (07/20/2017 01:01:05 AM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "c:\program files (x86)\oneplus usb drivers\tool_ia64.exe".
- Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (07/20/2017 12:17:24 AM) (Source: nginx) (EventID: 3299) (User: )
- Description: C:\metasploit\apps\pro\..\..\nginx\sbin\nginxr7.exe:
- could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
- .
- System errors:
- =============
- Error: (07/20/2017 11:49:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
- The service did not respond to the start or control request in a timely fashion.
- Error: (07/20/2017 11:49:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
- Error: (07/20/2017 05:37:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The TeamViewer 12 service failed to start due to the following error:
- The service did not respond to the start or control request in a timely fashion.
- Error: (07/20/2017 05:37:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 12 service to connect.
- Error: (07/20/2017 01:47:05 AM) (Source: DCOM) (EventID: 10010) (User: )
- Description: The server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} did not register with DCOM within the required timeout.
- Error: (07/20/2017 12:14:27 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
- Description: The Windows Update service hung on starting.
- Error: (07/19/2017 04:00:52 PM) (Source: DCOM) (EventID: 10010) (User: )
- Description: The server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} did not register with DCOM within the required timeout.
- Error: (07/19/2017 10:31:14 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: The following fatal alert was generated: 10. The internal error state is 10.
- Error: (07/19/2017 04:33:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
- The service did not respond to the start or control request in a timely fashion.
- Error: (07/19/2017 04:33:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
- CodeIntegrity:
- ===================================
- Date: 2017-07-20 23:46:13.496
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-20 23:46:13.480
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-20 05:36:06.636
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-20 05:36:06.621
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-20 00:09:54.202
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-20 00:09:53.781
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-19 04:34:56.674
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-19 04:34:56.175
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-18 10:07:07.960
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2017-07-18 10:07:07.947
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\btfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
- Percentage of memory in use: 74%
- Total physical RAM: 3994.35 MB
- Available physical RAM: 1007.97 MB
- Total Virtual: 13986.9 MB
- Available Virtual: 9751.32 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:97.56 GB) (Free:16.79 GB) NTFS
- Drive d: () (Fixed) (Total:195.31 GB) (Free:77 GB) NTFS
- Drive e: () (Fixed) (Total:168.75 GB) (Free:68.13 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F5B9B9A4)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
- Partition 4: (Not Active) - (Size=168.8 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================
Add Comment
Please, Sign In to add comment