Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CMD prompt window pop up randomly!


  • Please log in to reply
27 replies to this topic

#1 Steve1989

Steve1989

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 08 March 2017 - 07:39 PM

Hello!

 

This issue has been happening for over 2 months now. Two CMD windows pop up, out of nowhere, and disappear just as fast (fast enough that you couldn't screenshot it even if you have your trigger fingers ready). It is completely random. Sometimes once or twice a day, sometimes several times each hour. Please tell me that my computer isn't being hacked! Now it happened when I was running a full-screen application which lead to landing at the desktop, and I had enough of this. I have full subscription of Avira and internet security turned up high.

I think the CMD window says something about 'COM Surrogate'.

 

Edit: I have Windows 8.1 Pro


Edited by Steve1989, 08 March 2017 - 07:51 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:09 AM

Posted 08 March 2017 - 08:57 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 08 March 2017 - 10:16 PM

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Avira Antivirus    
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 91  
 Java version 32-bit out of Date!
 Adobe Flash Player     24.0.0.221  
 Mozilla Firefox (51.0.1)
 Google Chrome (56.0.2924.87)
 Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Avira Antivirus sched.exe  
 Avira Antivirus avshadow.exe  
 Avira Antivirus avmailc7.exe  
 Avira Antivirus avwebg7.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#4 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 08 March 2017 - 10:19 PM

Farbar Service Scanner Version: 27-01-2016
Ran by PC (administrator) on 09-03-2017 at 04:18:49
Running from "C:\Users\PC\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****



#5 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 08 March 2017 - 10:30 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by PC (administrator) on 09-03-2017 at 04:24:01
Running from "C:\Users\PC\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Model: Z97-D3H Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
========================= IP Configuration: ================================

Intel® Ethernet Connection I217-V = Ethernet (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Helyi kapcsolat* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Helyi kapcsolat" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Felhasznalo
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : chello.hu

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : chello.hu
   Description . . . . . . . . . . . : Intel® Ethernet Connection I217-V
   Physical Address. . . . . . . . . : 74-D4-35-B8-D5-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4c83:ecf3:661b:848a%3(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 2017. m rcius 3. 14:35:09
   Lease Expires . . . . . . . . . . : 2017. m rcius 9. 21:36:18
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 57988149
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-CB-23-36-74-D4-35-B8-D5-A5
   DNS Servers . . . . . . . . . . . : 213.46.246.54
                                       213.46.246.53
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:34ad:4890:104a:1a5f:3f57:fff4(Preferred)
   Link-local IPv6 Address . . . . . : fe80::104a:1a5f:3f57:fff4%4(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 134217728
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-CB-23-36-74-D4-35-B8-D5-A5
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.chello.hu:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : chello.hu
   Description . . . . . . . . . . . : Microsoft ISATAP adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  hu-bud02a-dns04.chello.hu
Address:  213.46.246.54

Name:    google.com
Addresses:  2a00:1450:400d:802::200e
      216.58.214.206


Pinging google.com [216.58.214.206] with 32 bytes of data:
Reply from 216.58.214.206: bytes=32 time=10ms TTL=56
Reply from 216.58.214.206: bytes=32 time=10ms TTL=56

Ping statistics for 216.58.214.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 10ms, Maximum = 10ms, Average = 10ms
Server:  hu-bud02a-dns04.chello.hu
Address:  213.46.246.54

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=140ms TTL=48
Reply from 98.139.183.24: bytes=32 time=140ms TTL=48

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 140ms, Maximum = 140ms, Average = 140ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  3...74 d4 35 b8 d5 a5 ......Intel® Ethernet Connection I217-V
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
  6...00 00 00 00 00 00 00 e0 Microsoft ISATAP adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.11     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.11    266
     192.168.0.11  255.255.255.255         On-link      192.168.0.11    266
    192.168.0.255  255.255.255.255         On-link      192.168.0.11    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.11    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.11    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  4    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  4    306 2001::/32                On-link
  4    306 2001:0:34ad:4890:104a:1a5f:3f57:fff4/128
                                    On-link
  3    266 fe80::/64                On-link
  4    306 fe80::/64                On-link
  4    306 fe80::104a:1a5f:3f57:fff4/128
                                    On-link
  3    266 fe80::4c83:ecf3:661b:848a/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    266 ff00::/8                 On-link
  4    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/08/2017 10:00:22 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (03/08/2017 03:00:40 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (03/07/2017 04:07:28 PM) (Source: Application Error) (User: )
Description: A hibát okozó alkalmazás neve: wmprph.exe, verzió: 12.0.9600.17415, időbélyeg: 0x54504e5a
A hibát okozó modul neve: ntdll.dll, verzió: 6.3.9600.18438, időbélyeg: 0x57ae642e
Kivételkód: 0xc0000005
Hiba pozíciója: 0x000000000003dd8e
A hibát okozó folyamat azonosítója: 0x14264
A hibát okozó alkalmazás indításának időpontja: 0xwmprph.exe0
A hibát okozó alkalmazás elérési útja: wmprph.exe1
A hibát okozó modul elérési útja: wmprph.exe2
Jelentés azonosítója: wmprph.exe3
A hibát okozó csomag teljes neve: wmprph.exe4
A hibát okozó csomag relatív alkalmazásazonosítója: wmprph.exe5

Error: (03/07/2017 01:40:20 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (03/06/2017 01:22:38 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (03/05/2017 07:14:52 PM) (Source: Application Error) (User: )
Description: A hibát okozó alkalmazás neve: svchost.exe_PcaSvc, verzió: 6.3.9600.17415, időbélyeg: 0x54504177
A hibát okozó modul neve: ntdll.dll, verzió: 6.3.9600.18438, időbélyeg: 0x57ae642e
Kivételkód: 0xc0000008
Hiba pozíciója: 0x00000000000925fa
A hibát okozó folyamat azonosítója: 0x234
A hibát okozó alkalmazás indításának időpontja: 0xsvchost.exe_PcaSvc0
A hibát okozó alkalmazás elérési útja: svchost.exe_PcaSvc1
A hibát okozó modul elérési útja: svchost.exe_PcaSvc2
Jelentés azonosítója: svchost.exe_PcaSvc3
A hibát okozó csomag teljes neve: svchost.exe_PcaSvc4
A hibát okozó csomag relatív alkalmazásazonosítója: svchost.exe_PcaSvc5

Error: (03/05/2017 07:14:33 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: A kriptográfiai szolgáltatás hibával leállt, miközben az OnIdentity() hívást dolgozta fel a System Writer objektumban.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft LLDP protokoll.

System Error:
A hozzáférés megtagadva.
.

Error: (03/05/2017 06:00:48 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (03/04/2017 11:00:32 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (03/04/2017 05:08:22 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: A(z) Rendszer számára fenntartott kötet nem lett optimalizálva, mert hiba történt: A paraméter nem megfelelő. (0x80070057)


System errors:
=============
Error: (03/09/2017 02:38:23 AM) (Source: DCOM) (User: Felhasznalo)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/09/2017 02:37:53 AM) (Source: DCOM) (User: Felhasznalo)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/08/2017 06:26:24 PM) (Source: DCOM) (User: Felhasznalo)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/08/2017 06:25:54 PM) (Source: DCOM) (User: Felhasznalo)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/08/2017 04:25:53 PM) (Source: DCOM) (User: Felhasznalo)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/08/2017 04:25:23 PM) (Source: DCOM) (User: Felhasznalo)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/08/2017 03:35:08 PM) (Source: DCOM) (User: Felhasznalo)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/08/2017 03:34:38 PM) (Source: DCOM) (User: Felhasznalo)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/08/2017 02:16:47 PM) (Source: DCOM) (User: Felhasznalo)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/08/2017 02:16:17 PM) (Source: DCOM) (User: Felhasznalo)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================
Error: (03/08/2017 10:00:22 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (03/08/2017 03:00:40 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (03/07/2017 04:07:28 PM) (Source: Application Error)(User: )
Description: wmprph.exe12.0.9600.1741554504e5antdll.dll6.3.9600.1843857ae642ec0000005000000000003dd8e1426401d297548946daf4C:\Program Files\Windows Media Player\wmprph.exeC:\Windows\SYSTEM32\ntdll.dllc70663ec-0347-11e7-832b-74d435b8d5a5

Error: (03/07/2017 01:40:20 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (03/06/2017 01:22:38 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (03/05/2017 07:14:52 PM) (Source: Application Error)(User: )
Description: svchost.exe_PcaSvc6.3.9600.1741554504177ntdll.dll6.3.9600.1843857ae642ec000000800000000000925fa23401d29422f5974662C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlla017e663-01cf-11e7-832b-74d435b8d5a5

Error: (03/05/2017 07:14:33 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft LLDP protokoll.

System Error:
A hozzáférés megtagadva.

Error: (03/05/2017 06:00:48 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (03/04/2017 11:00:32 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (03/04/2017 05:08:22 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: Rendszer számára fenntartottA paraméter nem megfelelő. (0x80070057)


=========================== Installed Programs ============================

Ableton Live 9 Suite (HKLM\...\{D3E03B95-EA53-4817-8907-DDA4C722E031}) (Version: 9.0.0.0 - Ableton)
Ableton Live 9 Trial (HKLM\...\{D85562BD-24D2-415D-8E77-8E3C19A51FE8}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Hungarian (HKLM-x32\...\{AC76BA86-7AD7-1038-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Articulate Studio '13 (HKLM-x32\...\{0069B190-F534-498E-A198-DB54C537A102}) (Version: 4.00.13 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{3220CEC0-D83E-4981-A991-43DCBB62D3BC}) (Version: 4.2.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{34921849-A7BE-4730-BA48-94284A7B56EE}) (Version: 4.6.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{3F624FD2-7A99-44C4-9DE5-94EA779CE956}) (Version: 4.6.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{4043F4F2-CF84-470A-B779-C4FAAC87C425}) (Version: 4.6.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{63576F00-E9D5-4E36-BB10-62634946CFBF}) (Version: 4.00.13 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{7712F42D-2B91-42FD-8DD9-001643E18872}) (Version: 4.2.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{79931676-2C3D-431E-8850-320C98A28456}) (Version: 4.2.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{8B9F1CA9-BD27-47A3-9816-BC5E04A5B99B}) (Version: 4.00.13 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{8E5D5564-3A8A-426E-A21E-EC20A76B6E46}) (Version: 4.00.13 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{93EFACA5-01FD-424C-A561-3CDA0F72CAE2}) (Version: 4.6.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{98A03512-6A00-4DD1-90C3-FA9D0D781D0F}) (Version: 4.00.13 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{A541C2F5-E81D-43B9-A72A-F1CFC4DFFB77}) (Version: 4.2.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{B1813A97-DB24-43C7-8B88-B8646F385B0C}) (Version: 4.2.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{DB9B04B7-BDC6-44BF-A384-4413872617D4}) (Version: 4.2.00 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{EBB66BC4-94CF-45C4-AC03-99EA9AB422B7}) (Version: 4.00.13 - Articulate) Hidden
Articulate Studio '13 (HKLM-x32\...\{ED1D0362-6C85-4831-80D7-76E900AE0DCF}) (Version: 4.6.00 - Articulate) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assetto Corsa (HKLM\...\Steam App 244210) (Version:  - Kunos Simulazioni)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{7774002B-60B3-4146-BF82-5BF767D468B8}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.2.1195 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Heather (HKLM-x32\...\{F3715E9A-9C16-423F-9E50-39DE0F7A5BF1}) (Version: 1.00.0000 - Naturalsoft)
HeatherTrial (HKLM-x32\...\{1602CCF5-D338-4755-863C-40B7E1207436}) (Version: 1.00.0000 - Naturalsoft)
Hybrid (HKLM-x32\...\{85078f1b-c114-47c0-b9de-b753f2effd03}) (Version: 3.0.5.18874 - AIR Music Tech GmbH)
Hybrid Content (HKLM-x32\...\{6E03FBF9-91F9-4AEB-9820-921A58281AF2}) (Version: 3.0.5.18874 - AIR Music Tech GmbH) Hidden
Hybrid VST64 (HKLM\...\{DD630554-743F-4CB0-B816-8278A41D7A03}) (Version: 3.0.5.18874 - AIR Music Tech GmbH) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel® Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Chipkészlet-illesztő szoftver (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel® Corporation) Hidden
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation)
Microsoft Office 2013 Otthoni és kisvállalati verzió - hu-hu (HKLM\...\HomeBusinessRetail - hu-hu) (Version: 15.0.4903.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NaturalReader 14 (HKLM-x32\...\{9BB1F2B5-0A9D-402B-9613-DC5BCF878C22}) (Version: 1.00.0000 - Naturalsoft)
NVIDIA Grafikus illesztőprogram 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA HD audio-illesztőprogram 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast virtuális hang 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 365.10 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.6.0840 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM\...\{E798E8D9-5E46-4733-AA98-845779658D23}) (Version: 2.5.1.1018 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.6.0840 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{E798E8D9-5E46-4733-AA98-845779658D23}) (Version: 2.5.1.1018 - PACE Anti-Piracy, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Sharon (HKLM-x32\...\{62E376FD-0BAA-47A5-8473-1610F22D66C6}) (Version: 1.00.0000 - Naturalsoft)
ShutterCount (HKLM-x32\...\{02B0F035-BE6A-4BD4-88A2-E641537E6FB7}) (Version: 1.2.1 - DIRE Studio)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Sound Forge Pro 11.0 (HKLM-x32\...\{A376BDE2-EE3D-11E2-AA13-F04DA23A5C58}) (Version: 11.0.234 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{276E749A-F260-4493-979C-6C86A06BB10F}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{FC05F466-745D-4E6E-BCB0-42F88794B28E}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{741D5AEC-327A-4296-BB92-39A9AFD9A658}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

========================= Devices: ================================

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Device ID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0071&SUBSYS_1458366A&REV_1001\5&38576BEE&0&0001
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA Miracast Audio
Description: NVIDIA Miracast Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVVADARM
Device ID: DISPLAY\NVIDIAVIRTUALAUDIODEVICE\5&2FDE60BD&3&UID2902458369
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 16285.99 MB
Available physical RAM: 12650.49 MB
Total Virtual: 18877.99 MB
Available Virtual: 14267.05 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:223.23 GB) (Free:106.91 GB) NTFS
3 Drive e: (Új kötet) (Fixed) (Total:931.39 GB) (Free:853.23 GB) NTFS

========================= Users: ========================================

\\FELHASZNALO felhaszn l˘i fi˘kjai

ASPNET                   PC                       Rendszergazda            
Vend‚g                   
A parancs sikeresen v‚grehajtva.

========================= Restore Points ==================================

20-02-2017 16:07:51 Ütemezett ellenőrzési pont
22-02-2017 13:55:45 Installed XSplit Gamecaster
02-03-2017 12:15:38 Ütemezett ellenőrzési pont
05-03-2017 18:14:32 Installed NaturalReader 14 Free.

**** End of log ****
 



#6 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 08 March 2017 - 10:38 PM

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/9/17
Scan Time: 4:32 AM
Logfile:
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.75
Update Package Version: 1.0.1457
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Felhasznalo\PC

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 449485
Time Elapsed: 1 min, 59 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)



#7 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 08 March 2017 - 10:58 PM

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.03.08.06
  rootkit: v2017.02.27.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18538
PC :: FELHASZNALO [administrator]

2017.03.09. 4:45:42
mbar-log-2017-03-09 (04-45-42).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 402361
Time elapsed: 9 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18538

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 4.000000 GHz
Memory total: 17077100544, free: 12633231360

Downloaded database version: v2017.03.08.06
Canceled update
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18538

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 4.000000 GHz
Memory total: 17077100544, free: 12630200320

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18538

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 4.000000 GHz
Memory total: 17077100544, free: 12622295040

Downloaded database version: v2017.03.08.06
Downloaded database version: v2017.02.27.01
Downloaded database version: v2017.03.05.01
=======================================
Initializing...
------------ Kernel report ------------
     03/09/2017 04:44:49
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\Tpkd.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\e1d64x64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\system32\drivers\WmBEnum.sys
\SystemRoot\system32\drivers\WmXlCore.sys
\SystemRoot\System32\drivers\bomebus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\bomemidi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\rzendpt.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\rzudd.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\lvrs64.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\system32\drivers\rzpmgrk.sys
\??\C:\Windows\system32\drivers\rzpnk.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Windows\system32\drivers\farflt.sys
\??\C:\Windows\system32\drivers\mbae64.sys
\SystemRoot\system32\drivers\MBAMChameleon.sys
\??\C:\Windows\system32\drivers\mwac.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2017.03.08.06
  rootkit: v2017.02.27.01

<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 95DAD86E

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 716800
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 718848  Numsec = 468140032
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 240057409536 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffe000a3013670, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe000a3012040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe000a3013670, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffe000a0914e50, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe000a0916c60, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe000a0916060, DeviceName: \Device\00000038\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2067717975
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid 1a9f3507-faac-47b3-953a-3fd39369fdf
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2067717975
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid 1a9f3507-faac-47b3-953a-3fd39369fdf
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 72c762f4-ea71-4ac0-b0d1-2117918e6b41
    FirstLBA 34  Last LBA 262177
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID ca9a7e8c-ebfa-4bf4-9e94-555fe931a5f9
    FirstLBA 264192  Last LBA 1953523711
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\COMPOSITEBUS.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\Windows\System32\BthHFSrv.dll" is compressed (flags = 1)
File "C:\Windows\System32\CIRCoInst.dll" is compressed (flags = 1)
File "C:\Windows\System32\iscsilog.dll" is compressed (flags = 1)
File "C:\Windows\System32\streamci.dll" is compressed (flags = 1)
File "C:\Windows\System32\SysFxUI.dll" is compressed (flags = 1)
File "C:\Windows\System32\WMALFXGFXDSP.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtp.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtpUS.dll" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-718848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
 



#8 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 08 March 2017 - 11:01 PM

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/09/2017 04:59:23 AM in x64 mode.
Windows Version: Windows 8.1 Pro

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

 * HOSTS file entries found:

  127.0.0.1                   activate.adobe.com
  127.0.0.1                   practivate.adobe.com
  127.0.0.1                   na1r.services.adobe.com
  127.0.0.1                   hlrcv.stage.adobe.com

Program finished at: 03/09/2017 04:59:38 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)
 



#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:09 AM

Posted 08 March 2017 - 11:43 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.


-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#10 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 09 March 2017 - 12:12 AM

# AdwCleaner v6.044 - *Logfile created 09/03/2017 *at 06:08:30
# *Updated on 28/02/2017 by Malwarebytes
# *Database : 2017-03-09.1 [*Local]
# *Operating System : Windows 8.1 Pro  (X64)
# *Username : PC - FELHASZNALO
# *Running from : C:\Users\PC\Desktop\AdwCleaner.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****

[-] *Folder deleted: C:\Users\Public\Documents\Downloaded Installers


***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] *Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] *Key deleted: HKU\S-1-5-21-1696572180-1912202778-1873796917-1001\Software\Safer Technologies
[#] *Key deleted on reboot: HKCU\Software\Safer Technologies
[-] *Key deleted: HKLM\SOFTWARE\Safer Technologies
[#] *Key deleted on reboot: [x64] HKCU\Software\Safer Technologies
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] *Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Speedup_umh]


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1860 *Bytes] - [09/03/2017 06:08:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [2078 *Bytes] - [09/03/2017 05:55:21]
C:\AdwCleaner\AdwCleaner[S1].txt - [2151 *Bytes] - [09/03/2017 06:07:14]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2082 *Bytes] ##########
 



#11 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 09 March 2017 - 12:16 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 8.1 Pro x64
Ran by PC (Administrator) on 2017.03.09. at  6:14:18,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Program Files (x86)\safer technologies (Folder)



Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2017.03.09. at  6:15:02,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#12 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 09 March 2017 - 12:41 AM

Sophos Free Virus Removal Tool - 0 threats were found (however, halfway through Avira notified of host file). I made sure to disable my AV software in the previous step, and re-enabled it in this last one.



#13 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 09 March 2017 - 06:45 PM

Sir, it happened again just a minute ago. :smash: 

Any other solution?

Thank you very much for the help so far!



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:09 AM

Posted 09 March 2017 - 06:58 PM

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as Autoruns.txt file to know location.
You must select Text from drop-down menu as a file type:

p4436801.gif

Paste content of Autoruns.txt file into your next reply.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 Steve1989

Steve1989
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:10:09 AM

Posted 09 March 2017 - 07:09 PM

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "2017.03.09. 5:04"    ""
+ "AdobeAAMUpdater-1.0"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"    "2016.01.07. 17:36"    ""
+ "IAStorIcon"    "Delayed launcher"    "Intel Corporation"    "c:\program files\intel\intel® rapid storage technology\iastoriconlaunch.exe"    "2014.04.11. 17:32"    ""
+ "Onboard"    ""    ""    "File not found: C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe /Onboard "C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe".exe"    ""    ""
+ "RTHDVCPL"    "Realtek HD Audio Manager"    "Realtek Semiconductor"    "c:\program files\realtek\audio\hda\rtkngui64.exe"    "2015.06.12. 10:17"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "2016.10.16. 3:26"    ""
+ "Adobe Creative Cloud"    "Adobe Creative Cloud"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe"    "2016.02.12. 18:53"    ""
+ "avgnt"    "Avira system tray application"    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\antivirus\avgnt.exe"    "2017.02.15. 11:35"    ""
+ "Avira SystrayStartTrigger"    "Avira Connect"    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\launcher\avira.systraystarttrigger.exe"    "2016.12.29. 9:17"    ""
+ "DriveUtilitiesHelper"    "WD Drive Utilities Helper"    "Western Digital Technologies, Inc."    "c:\program files (x86)\western digital\wd utilities\wddriveutilitieshelper.exe"    "2014.05.23. 19:59"    ""
+ "Razer Synapse"    "Razer Synapse"    "Razer Inc."    "c:\program files (x86)\razer\synapse\rzsynapse.exe"    "2015.07.08. 8:18"    ""
+ "WD Drive Unlocker"    "WD Drive Auto Unlock"    "Western Digital Technologies, Inc."    "c:\program files (x86)\western digital\wd security\wddriveautounlock.exe"    "2014.05.23. 19:55"    ""
+ "WD Quick View"    "WD Quick View"    "Western Digital Technologies, Inc."    "c:\program files (x86)\western digital\wd quick view\wddmstatus.exe"    "2014.07.22. 23:15"    ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "2017.03.01. 19:50"    ""
+ "Skype"    "Skype "    "Skype Technologies S.A."    "c:\program files (x86)\skype\phone\skype.exe"    "2017.02.14. 12:33"    ""
+ "Steam"    "Steam Client Bootstrapper"    "Valve Corporation"    "c:\program files (x86)\steam\steam.exe"    "2017.01.19. 2:23"    ""
"C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""    "2017.01.05. 12:46"    ""
+ "EOS Utility.lnk"    ""    ""    "File not found: File"    ""    ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "2015.10.15. 5:45"    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"    "2014.10.29. 2:52"    ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "2017.01.10. 2:02"    ""
+ "Google Chrome"    "Google Chrome Installer"    "Google Inc."    "c:\program files (x86)\google\chrome\application\56.0.2924.87\installer\chrmstp.exe"    "2017.02.01. 8:48"    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"    "2014.10.29. 2:20"    ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "2017.03.02. 17:07"    ""
+ "AccExt"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "2016.01.22. 14:20"    ""
+ "Shell Extension for Malware scanning"    "AntiVirus context menu"    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\antivirus\shlext64.dll"    "2017.02.09. 12:05"    ""
+ "WDBackupMenuHandler"    "WD ContextMenu Handler"    "Western Digital Technologies, Inc."    "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"    "2014.07.22. 23:22"    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files\winrar\rarext.dll"    "2015.02.15. 9:00"    ""
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers"    ""    ""    ""    "2015.10.01. 19:25"    ""
+ "CWDDriveMenuHandler"    "WD ContextMenu Handler"    "Western Digital Technologies, Inc."    "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"    "2014.07.22. 23:22"    ""
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers"    ""    ""    ""    "2015.10.01. 19:25"    ""
+ "WDBackupPropSheetHandler"    "WD ContextMenu Handler"    "Western Digital Technologies, Inc."    "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"    "2014.07.22. 23:22"    ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "2016.05.05. 23:04"    ""
+ "NvCplDesktopContext"    "NVIDIA Display Shell Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvshext.dll"    "2016.04.27. 12:42"    ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "2017.03.09. 5:04"    ""
+ "AccExt"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "2016.01.22. 14:20"    ""
+ "Shell Extension for Malware scanning"    "AntiVirus context menu"    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\antivirus\shlext64.dll"    "2017.02.09. 12:05"    ""
+ "WDBackupMenuHandler"    "WD ContextMenu Handler"    "Western Digital Technologies, Inc."    "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"    "2014.07.22. 23:22"    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files\winrar\rarext.dll"    "2015.02.15. 9:00"    ""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""    "2015.04.23. 20:49"    ""
+ "WinRAR"    "WinRAR shell extension"    "Alexander Roshal"    "c:\program files\winrar\rarext.dll"    "2015.02.15. 9:00"    ""
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers"    ""    ""    ""    "2015.10.01. 19:25"    ""
+ "WDBackupPropSheetHandler"    "WD ContextMenu Handler"    "Western Digital Technologies, Inc."    "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"    "2014.07.22. 23:22"    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "2016.03.20. 3:34"    ""
+ " AccExtIco1"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "2016.01.22. 14:20"    ""
+ " AccExtIco2"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "2016.01.22. 14:20"    ""
+ " AccExtIco3"    "Core Sync"    ""    "c:\program files (x86)\adobe\adobe creative cloud\coresyncextension\coresync_x64.dll"    "2016.01.22. 14:20"    ""
+ " SkyDrivePro1 (ErrorConflict)"    "Microsoft OneDrive for Business Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"    "2016.11.01. 9:49"    ""
+ " SkyDrivePro2 (SyncInProgress)"    "Microsoft OneDrive for Business Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"    "2016.11.01. 9:49"    ""
+ " SkyDrivePro3 (InSync)"    "Microsoft OneDrive for Business Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"    "2016.11.01. 9:49"    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "2016.03.16. 1:25"    ""
+ "Microsoft SkyDrive Pro Browser Helper"    "Microsoft OneDrive for Business Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll"    "2016.11.01. 9:49"    ""
+ "Skype for Business Browser Helper"    "Skype for Business"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll"    "2016.12.13. 8:13"    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "2016.06.26. 2:37"    ""
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre1.8.0_91\bin\jp2ssv.dll"    "2016.05.21. 2:22"    ""
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files (x86)\java\jre1.8.0_91\bin\ssv.dll"    "2016.05.21. 2:21"    ""
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "2016.03.16. 1:25"    ""
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnielinkednotes.dll"    "2016.11.01. 9:48"    ""
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnie.dll"    "2016.11.01. 9:41"    ""
+ "Skype for Business Click to Call"    "Skype for Business"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll"    "2016.12.13. 8:13"    ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "2015.11.24. 19:53"    ""
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\onbttnielinkednotes.dll"    "2016.11.01. 8:18"    ""
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office 15\root\office15\onbttnie.dll"    "2016.11.01. 8:28"    ""
"Task Scheduler"    ""    ""    ""    ""    ""
+ "\Adobe Acrobat Update Task"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"    "2016.12.20. 7:33"    ""
+ "\AdobeAAMUpdater-1.0-Felhasznalo-PC"    "Adobe Updater Startup Utility"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"    "2016.01.07. 17:36"    ""
+ "\Microsoft\Office\Office Automatic Updates"    "Microsoft Office Click-to-Run Client"    "Microsoft Corporation"    "c:\program files\microsoft office 15\clientx64\officec2rclient.exe"    "2017.01.17. 9:26"    ""
+ "\Microsoft\Office\Office ClickToRun Service Monitor"    "Microsoft Office Click-to-Run Client"    "Microsoft Corporation"    "c:\program files\microsoft office 15\clientx64\officec2rclient.exe"    "2017.01.17. 9:26"    ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"    "2014.04.01. 5:28"    ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"    "2013.07.18. 16:53"    ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "A Windows Media Player hálózatmegosztási szolgáltatásának konfigurálóalkalmazása"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"    "2014.10.29. 3:28"    ""
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "2017.03.09. 6:39"    ""
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"    "2016.12.20. 7:32"    ""
+ "AdobeUpdateService"    "Adobe Update Service"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\adobe desktop common\elevationmanager\adobeupdateservice.exe"    "2016.01.28. 21:07"    ""
+ "AGSService"    "Adobe Genuine Software Integrity Service"    "Adobe Systems, Incorporated"    "c:\program files (x86)\common files\adobe\adobegcclient\agsservice.exe"    "2017.01.19. 6:38"    ""
+ "AntiVirMailService"    "Offers permanent protection against viruses and malware for email clients with the Avira search engine."    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\antivirus\avmailc7.exe"    "2017.02.15. 11:35"    ""
+ "AntiVirSchedulerService"    "Service to schedule Avira Antivirus jobs and updates."    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\antivirus\sched.exe"    "2017.02.15. 11:35"    ""
+ "AntiVirService"    "Offers permanent protection against viruses and malware with the Avira search engine."    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\antivirus\avguard.exe"    "2017.02.15. 11:35"    ""
+ "AntiVirWebService"    "Offers permanent protection against viruses and malware for web browsers with the Avira search engine."    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\antivirus\avwebg7.exe"    "2017.02.15. 11:35"    ""
+ "Avira.ServiceHost"    "Hosts multiple Avira services within one Windows service."    "Avira Operations GmbH & Co. KG"    "c:\program files (x86)\avira\launcher\avira.servicehost.exe"    "2016.12.29. 9:19"    ""
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"    "2011.08.31. 6:52"    ""
+ "ClickToRunSvc"    "A Microsoft Office-termékek és a kapcsolódó frissítések erőforrás-koordinációját, háttérbeli adatfolyamát és rendszerintegrációját irányítja. A szolgáltatásnak mindegyik Microsoft Office-program használatakor, valamint az első, adatfolyam-alapú telepítés és a későbbi frissítések során is futnia kell."    "Microsoft Corporation"    "c:\program files\microsoft office 15\clientx64\officeclicktorun.exe"    "2017.01.17. 9:14"    ""
+ "gupdate"    "Rendszeresen frissíti az Ön által használt Google-szoftvereket. Ha kikapcsolja vagy leállítja ezt a szolgáltatást, a Google-szoftverek nem frissülnek, ami azt jelenti, hogy az esetlegesen felmerülő biztonsági hibákat nem lehet kijavítani, és az új funkciók sem jelennek meg. Ez a szolgáltatás eltávolítja saját magát, ha semmilyen Google-szoftver nem használja."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"    "2015.09.04. 2:32"    ""
+ "gupdatem"    "Rendszeresen frissíti az Ön által használt Google-szoftvereket. Ha kikapcsolja vagy leállítja ezt a szolgáltatást, a Google-szoftverek nem frissülnek, ami azt jelenti, hogy az esetlegesen felmerülő biztonsági hibákat nem lehet kijavítani, és az új funkciók sem jelennek meg. Ez a szolgáltatás eltávolítja saját magát, ha semmilyen Google-szoftver nem használja."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"    "2015.09.04. 2:32"    ""
+ "IAStorDataMgrSvc"    "Provides storage event notification and manages communication between the storage driver and user space applications."    "Intel Corporation"    "c:\program files\intel\intel® rapid storage technology\iastordatamgrsvc.exe"    "2014.04.04. 0:01"    ""
+ "ICCS"    "Intel® Integrated Clock Controller Service - Intel® ICCS"    "Intel Corporation"    "c:\program files (x86)\intel\intel® integrated clock controller service\iccproxy.exe"    "2014.06.24. 23:11"    ""
+ "Intel® Capability Licensing Service TCP IP Interface"    "Version: 1.35.127.1"    "Intel® Corporation"    "c:\program files\intel\icls client\socketheciserver.exe"    "2014.01.31. 15:41"    ""
+ "Intel® PROSet Monitoring Service"    "The Intel® PROSet Monitoring Service actively monitors changes to the system and updates affected network devices to keep them running in optimal condition.  Stopping this service may negatively affect the performance of the network devices on the system."    "Intel Corporation"    "c:\windows\system32\iprosetmonitor.exe"    "2014.10.16. 22:38"    ""
+ "jhi_service"    "Intel® Dynamic Application Loader Host Interface Service - Allows applications to access the local Intel ® DAL"    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe"    "2014.02.26. 3:50"    ""
+ "LMS"    "Intel® Management and Security Application Local Management Service - Provides OS-related Intel® ME functionality."    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"    "2014.02.26. 3:48"    ""
+ "MozillaMaintenance"    "A Mozilla karbantartási szolgáltatás biztosítja, hogy a számítógépén található Mozilla Firefox verzió a legújabb és legbiztonságosabb. A Firefox naprakészen tartása nagyon fontos az online biztonság érdekében, és a Mozilla kifejezetten javasolja, hogy hagyja engedélyezve ezt a szolgáltatást."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"    "2017.01.25. 19:46"    ""
+ "nvsvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvvsvc.exe"    "2016.04.27. 12:42"    ""
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"    "2012.11.07. 11:37"    ""
+ "PaceLicenseDServices"    "Services for PACE Licensing Technology"    "PACE Anti-Piracy, Inc."    "c:\program files (x86)\common files\pace\services\licenseservices\ldsvc.exe"    "2015.07.25. 10:08"    ""
+ "Razer Game Scanner Service"    "GameScannerService"    ""    "c:\program files (x86)\razer\razer services\gss\gamescannerservice.exe"    "2015.06.23. 20:11"    ""
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files (x86)\skype\updater\updater.exe"    "2017.01.02. 0:50"    ""
+ "Steam Client Service"    "Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files (x86)\common files\steam\steamservice.exe"    "2017.01.19. 2:22"    ""
+ "WDBackup"    "WD SmartWare Backup Engine"    "Western Digital Technologies, Inc."    "c:\program files (x86)\western digital\wd smartware\wdbackupengine.exe"    "2014.07.22. 23:17"    ""
+ "WDDriveService"    "Provides discovery of WD Drives"    "Western Digital Technologies, Inc."    "c:\program files (x86)\western digital\wd drive manager\wddriveservice.exe"    "2014.05.23. 20:08"    ""
+ "WdNisSvc"    "Védelem a hálózati protokollok ismert és újonnan észlelt biztonsági réseit célzó behatolási kísérletek ellen"    "Microsoft Corporation"    "c:\program files\windows defender\nissrv.exe"    "2015.07.01. 2:07"    ""
+ "WinDefend"    "A felhasználói adatok védelme a kártevők és az egyéb vélhetően nemkívánatos szoftverek ellen"    "Microsoft Corporation"    "c:\program files\windows defender\msmpeng.exe"    "2015.07.01. 2:07"    ""
+ "WMPNetworkSvc"    "Windows Media Player műsortárak megosztása a hálózatra csatlakozó más lejátszókkal és lejátszóeszközökkel Universal Plug and Play szabvány segítségével"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "2014.10.29. 2:36"    ""
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "2017.03.09. 6:39"    ""
+ "3ware"    "LSI 3ware SCSI Storport Driver"    "LSI"    "c:\windows\system32\drivers\3ware.sys"    "2013.04.11. 23:49"    ""
+ "AcpiCtlDrv"    "Intel® Acpi Control Driver"    "Intel Corporation"    "c:\windows\system32\drivers\acpictldrv.sys"    "2012.07.17. 18:07"    ""
+ "ADP80XX"    "PMC-Sierra Storport  Driver For SPC8x6G SAS/SATA controller"    "PMC-Sierra"    "c:\windows\system32\drivers\adp80xx.sys"    "2013.07.12. 22:47"    ""
+ "amdsata"    "AHCI 1.3 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"    "2013.07.08. 23:54"    ""
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"    "2012.12.11. 22:21"    ""
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"    "2013.07.08. 23:45"    ""
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "PMC-Sierra, Inc."    "c:\windows\system32\drivers\arcsas.sys"    "2013.07.09. 1:50"    ""
+ "avgntflt"    "Avira mini-filter driver"    "Avira Operations GmbH & Co. KG"    "c:\windows\system32\drivers\avgntflt.sys"    "2016.12.16. 16:52"    ""
+ "avipbb"    "Avira Security Enhancement Driver"    "Avira Operations GmbH & Co. KG"    "c:\windows\system32\drivers\avipbb.sys"    "2016.12.16. 16:52"    ""
+ "avkmgr"    "Avira Manager Driver"    "Avira Operations GmbH & Co. KG"    "c:\windows\system32\drivers\avkmgr.sys"    "2016.12.16. 16:52"    ""
+ "avnetflt"    "Avira WFP Network Driver"    "Avira Operations GmbH & Co. KG"    "c:\windows\system32\drivers\avnetflt.sys"    "2016.12.16. 16:52"    ""
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"    "2013.02.04. 20:47"    ""
+ "bcmfn2"    "BCM Function 2  Device Driver"    "Windows ® Win 7 DDK provider"    "c:\windows\system32\drivers\bcmfn2.sys"    "2013.08.03. 0:59"    ""
+ "bomebus"    "Bome Virtual MIDI Enumerator"    "Bome Software GmbH & Co. KG"    "c:\windows\system32\drivers\bomebus.sys"    "2014.06.26. 9:52"    ""
+ "bomemidi"    "Bome Virtual MIDI Port"    "Bome Software GmbH & Co. KG"    "c:\windows\system32\drivers\bomemidi.sys"    "2014.06.26. 9:52"    ""
+ "dg_ssudbus"    "SAMSUNG USB Composite Device Driver"    "Samsung Electronics Co., Ltd."    "c:\windows\system32\drivers\ssudbus.sys"    "2016.08.24. 9:00"    ""
+ "dtlitescsibus"    "DAEMON Tools Lite Virtual SCSI Bus Driver"    "Disc Soft Ltd"    "c:\windows\system32\drivers\dtlitescsibus.sys"    "2015.09.24. 21:17"    ""
+ "dtliteusbbus"    "DAEMON Tools Lite Virtual USB Bus Driver"    "Disc Soft Ltd"    "c:\windows\system32\drivers\dtliteusbbus.sys"    "2015.12.28. 14:05"    ""
+ "e1dexpress"    "Intel® Gigabit Adapter NDIS 6.x driver"    "Intel Corporation"    "c:\windows\system32\drivers\e1d64x64.sys"    "2014.09.29. 18:02"    ""
+ "e1iexpress"    "Intel® Gigabit Adapter NDIS 6.x driver"    "Intel Corporation"    "c:\windows\system32\drivers\e1i63x64.sys"    "2013.03.20. 8:37"    ""
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"    "2013.04.08. 15:30"    ""
+ "gdrv"    ""    ""    "File not found: C:\Windows\gdrv.sys"    ""    ""
+ "hidkmdf"    "Filter Driver for HID-KMDF Interface"    "Windows ® Win 7 DDK provider"    "c:\windows\system32\drivers\hidkmdf.sys"    "2011.08.24. 20:48"    ""
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"    "2013.03.26. 22:36"    ""
+ "HWiNFO32"    "HWiNFO AMD64 Kernel Driver"    "REALiX™"    "c:\windows\syswow64\drivers\hwinfo64a.sys"    "2014.11.23. 17:24"    ""
+ "iaLPSSi_GPIO"    "Intel® Serial IO GPIO Controller Driver"    "Intel Corporation"    "c:\windows\system32\drivers\ialpssi_gpio.sys"    "2013.06.26. 15:22"    ""
+ "iaLPSSi_I2C"    "Intel® Serial IO I2C Controller Driver"    "Intel Corporation"    "c:\windows\system32\drivers\ialpssi_i2c.sys"    "2013.06.26. 15:22"    ""
+ "iaStorA"    "Intel® Rapid Storage Technology driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastora.sys"    "2014.04.04. 0:00"    ""
+ "iaStorAV"    "Intel Rapid Storage Technology driver (inbox) - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorav.sys"    "2013.08.01. 1:00"    ""
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"    "2011.04.11. 19:48"    ""
+ "ICCWDT"    "Intel® Watchdog Timer Driver (Intel® WDT)"    "Intel Corporation"    "c:\windows\system32\drivers\iccwdt.sys"    "2013.08.12. 18:59"    ""
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"    "2015.03.03. 18:29"    ""
+ "intaud_WaveExtensible"    "Intel® WiDi Solution"    "Intel Corporation"    "c:\windows\system32\drivers\intelaud.sys"    "2014.10.04. 1:31"    ""
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"    "2015.06.18. 11:45"    ""
+ "iwdbus"    "Intel® WiDi Solution"    "Intel Corporation"    "c:\windows\system32\drivers\iwdbus.sys"    "2014.10.04. 1:31"    ""
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"    "2013.03.28. 18:42"    ""
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"    "2013.03.28. 18:45"    ""
+ "LSI_SAS3"    "LSI SAS Gen3 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas3.sys"    "2013.03.16. 0:38"    ""
+ "LSI_SSS"    "LSI SSS PCIe/Flash Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sss.sys"    "2013.03.16. 0:39"    ""
+ "LVRS64"    "Logitech Kernel Audio Improvement Filter Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvrs64.sys"    "2012.10.23. 3:11"    ""
+ "megasas"    "MEGASAS RAID Controller Driver for Windows"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"    "2013.07.23. 22:08"    ""
+ "megasr"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"    "2013.06.03. 23:02"    ""
+ "MEIx64"    "Intel® Management Engine Interface"    "Intel Corporation"    "c:\windows\system32\drivers\teedriverx64.sys"    "2014.09.23. 21:01"    ""
+ "mvumis"    "Marvell Flash Controller Driver"    "Marvell Semiconductor, Inc."    "c:\windows\system32\drivers\mvumis.sys"    "2013.03.20. 18:14"    ""
+ "NVHDA"    "NVIDIA HDMI Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvhda64v.sys"    "2015.09.21. 10:44"    ""
+ "nvlddmkm"    "NVIDIA Windows Kernel Mode Driver, Version 365.10 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvlddmkm.sys"    "2016.04.27. 12:17"    ""
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"    "2011.09.13. 1:01"    ""
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"    "2011.09.13. 0:53"    ""
+ "nvvad_WaveExtensible"    "NVIDIA Virtual Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvvad64v.sys"    "2016.12.19. 6:50"    ""
+ "NVVADARM"    "NVIDIA Virtual Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvvadarm.sys"    "2016.04.27. 12:22"    ""
+ "nvvhci"    "Virtual USB Host Controller driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvvhci.sys"    "2016.12.28. 2:44"    ""
+ "rzendpt"    "Razer RzEndPt"    "Razer Inc"    "c:\windows\system32\drivers\rzendpt.sys"    "2014.12.30. 10:32"    ""
+ "rzpmgrk"    "Razer Overlay Support"    "Razer, Inc."    "c:\windows\system32\drivers\rzpmgrk.sys"    "2015.06.12. 3:57"    ""
+ "rzpnk"    "Razer Overlay Support"    "Razer, Inc."    "c:\windows\system32\drivers\rzpnk.sys"    "2015.05.28. 20:22"    ""
+ "rzudd"    "Razer Rzudd Engine"    "Razer Inc"    "c:\windows\system32\drivers\rzudd.sys"    "2015.09.01. 3:57"    ""
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"    "2008.09.24. 19:28"    ""
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"    "2008.10.01. 22:56"    ""
+ "ssudmdm"    "@oem82.inf,%ssud.Service.Desc%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)"    "Samsung Electronics Co., Ltd."    "c:\windows\system32\drivers\ssudmdm.sys"    "2016.08.24. 9:00"    ""
+ "stexstor"    "Promise SuperTrak EX Series Driver for Windows x64"    "Promise Technology, Inc."    "c:\windows\system32\drivers\stexstor.sys"    "2012.11.27. 1:02"    ""
+ "Tpkd"    "64bit Tpkd Device Driver"    "PACE Anti-Piracy, Inc."    "c:\windows\system32\drivers\tpkd.sys"    "2013.04.11. 22:04"    ""
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"    "2013.08.22. 12:40"    ""
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"    "2013.01.23. 21:35"    ""
+ "VSTXRAID"    "VIA StorX RAID Controller Driver"    "VIA Corporation"    "c:\windows\system32\drivers\vstxraid.sys"    "2013.01.21. 20:00"    ""
+ "WacHidRouter"    ""    ""    "File not found: C:\Windows\System32\drivers\wachidrouter.sys"    ""    ""
+ "wacomrouterfilter"    ""    ""    "File not found: C:\Windows\System32\drivers\wacomrouterfilter.sys"    ""    ""
+ "WDC_SAM"    "@oem78.inf,%WDC_SAM_ServiceDesc%;Manages WD external storage products."    "Western Digital Technologies"    "c:\windows\system32\drivers\wdcsam64.sys"    "2008.04.16. 9:39"    ""
+ "WmBEnum"    "Logitech WingMan Virtual Bus Enumerator Driver"    "Logitech Inc."    "c:\windows\system32\drivers\wmbenum.sys"    "2010.04.27. 21:10"    ""
+ "WmFilter"    "Logitech WingMan Hid Filter Driver"    "Logitech Inc."    "c:\windows\system32\drivers\wmfilter.sys"    "2010.04.27. 21:10"    ""
+ "WmHidLo"    "Logitech WingMan Hid Lower Filter Driver"    "Logitech Inc."    "c:\windows\system32\drivers\wmhidlo.sys"    "2010.04.27. 21:09"    ""
+ "WmVirHid"    "Logitech WingMan Virtual Hid Device Driver"    "Logitech Inc."    "c:\windows\system32\drivers\wmvirhid.sys"    "2010.04.27. 21:08"    ""
+ "WmXlCore"    "Logitech WingMan Translation Driver"    "Logitech Inc."    "c:\windows\system32\drivers\wmxlcore.sys"    "2010.04.27. 21:09"    ""
+ "XSplit_Dummy"    "XSplit Stream Audio"    "SplitmediaLabs Limited"    "c:\windows\system32\drivers\xspltspk.sys"    "2014.06.11. 21:59"    ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers"    ""    ""    ""    "2013.08.22. 16:37"    ""
+ "Adobe Type Manager"    "Windows NT OpenType/Type 1 Font Driver"    "Adobe Systems Incorporated"    "c:\windows\system32\atmfd.dll"    "2016.11.02. 15:03"    ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "2017.02.22. 16:11"    ""
+ "msacm.bdmpeg"    ""    ""    "c:\windows\system32\bdmpega64.acm"    "2017.01.26. 8:25"    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "2014.10.29. 3:42"    ""
+ "msacm.vorbis"    "Ogg Vorbis CODEC for MSACM"    "HMS http://hp.vector.co.jp/authors/VA012897/"    "c:\windows\system32\vorbis.acm"    "2012.11.15. 17:16"    ""
+ "VIDC.FPS1"    "Fraps"    "Beepa P/L"    "c:\windows\system32\frapsv64.dll"    "2015.09.05. 9:09"    ""
+ "vidc.i420"    ""    ""    "File not found: lvcod64.dll"    ""    ""
+ "vidc.mjpg"    ""    ""    "c:\windows\system32\bdmjpeg64.dll"    "2017.01.26. 8:25"    ""
+ "vidc.mpeg"    ""    ""    "c:\windows\system32\bdmpegv64.dll"    "2017.01.26. 8:25"    ""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "2017.02.22. 16:11"    ""
+ "msacm.bdmpeg"    ""    ""    "c:\windows\syswow64\bdmpega.acm"    "2017.01.26. 8:25"    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"    "2014.10.29. 2:58"    ""
+ "msacm.vorbis"    "Ogg Vorbis CODEC for MSACM"    "HMS http://hp.vector.co.jp/authors/VA012897/"    "c:\windows\syswow64\vorbis.acm"    "2009.08.03. 5:09"    ""
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"    "2014.10.29. 2:58"    ""
+ "VIDC.FPS1"    "Fraps"    "Beepa P/L"    "c:\windows\syswow64\frapsvid.dll"    "2015.09.05. 9:09"    ""
+ "vidc.i420"    ""    ""    "File not found: lvcodec2.dll"    ""    ""
+ "vidc.mjpg"    ""    ""    "c:\windows\syswow64\bdmjpeg.dll"    "2017.01.26. 8:25"    ""
+ "vidc.mpeg"    ""    ""    "c:\windows\syswow64\bdmpegv.dll"    "2017.01.26. 8:25"    ""
"HKLM\Software\Classes\Filter"    ""    ""    ""    "2017.02.24. 5:29"    ""
+ "Sony Acoustic Mirror"    "Sony Acoustic Mirror"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfmirror_x64.dll"    "2013.06.07. 16:30"    ""
+ "Sony Acoustic Mirror"    "Sony Acoustic Mirror"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfmirror.dll"    "2013.06.07. 16:25"    ""
+ "Sony Amplitude Modulation"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"    "2013.06.07. 16:25"    ""
+ "Sony Chorus"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"    "2013.06.07. 16:25"    ""
+ "Sony Distortion"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Amplitude Modulation"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Chorus"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Delay"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Distortion"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Dynamics"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"    "2013.06.07. 16:26"    ""
+ "Sony ExpressFX Equalization"    "Sony ExpressFX 2 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Flange/Wah-Wah"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Graphic EQ"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"    "2013.06.07. 16:26"    ""
+ "Sony ExpressFX Noise Gate"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"    "2013.06.07. 16:26"    ""
+ "Sony ExpressFX Reverb"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Stutter"    "Sony ExpressFX 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll"    "2013.06.07. 16:25"    ""
+ "Sony ExpressFX Time Stretch"    "Sony ExpressFX 3 "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll"    "2013.06.07. 16:26"    ""
+ "Sony Flange/Wah-wah"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"    "2013.06.07. 16:25"    ""
+ "Sony Gapper/Snipper"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"    "2013.06.07. 16:25"    ""
+ "Sony Graphic Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"    "2013.06.07. 16:25"    ""
+ "Sony Graphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"    "2013.06.07. 16:25"    ""
+ "Sony Multi-Band Dynamics"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"    "2013.06.07. 16:25"    ""
+ "Sony Multi-Tap Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"    "2013.06.07. 16:25"    ""
+ "Sony Noise Gate"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"    "2013.06.07. 16:25"    ""
+ "Sony Pan"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sffrgpnv.dll"    "2013.06.07. 16:26"    ""
+ "Sony Paragraphic EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"    "2013.06.07. 16:25"    ""
+ "Sony Parametric EQ"    "Sony XFX 2 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll"    "2013.06.07. 16:25"    ""
+ "Sony Pitch Shift"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"    "2013.06.07. 16:25"    ""
+ "Sony Resonant Filter"    "Sony Resonant Filter"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfresfilter.dll"    "2013.06.07. 16:26"    ""
+ "Sony Reverb"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"    "2013.06.07. 16:25"    ""
+ "Sony Simple Delay"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"    "2013.06.07. 16:25"    ""
+ "Sony Smooth/Enhance"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"    "2013.06.07. 16:25"    ""
+ "Sony Time Stretch"    "Sony XFX 1 Plug-In Pack "    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll"    "2013.06.07. 16:25"    ""
+ "Sony Vibrato"    "Sony XFX 3 Plug-In Pack"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll"    "2013.06.07. 16:25"    ""
+ "Sony Volume"    "Sound Forge Pro Pan and Volume 1"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sffrgpnv.dll"    "2013.06.07. 16:26"    ""
+ "Sony élastique Timestretch"    "Sony élastique Timestretch Plug-In"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfzplane_x64.dll"    "2013.06.07. 16:32"    ""
+ "Sony élastique Timestretch"    "Sony élastique Timestretch Plug-In"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfzplane.dll"    "2013.06.07. 16:26"    ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "2017.02.22. 16:11"    ""
+ "Bandicam MPEG-1 Audio Decoder"    "Bandicam Directshow Filter"    "Bandicam Company"    "c:\program files (x86)\bandimpeg1\bdfilters64.dll"    "2017.01.26. 8:25"    ""
+ "Bandicam MPEG-1 Video Decoder"    "Bandicam Directshow Filter"    "Bandicam Company"    "c:\program files (x86)\bandimpeg1\bdfilters64.dll"    "2017.01.26. 8:25"    ""
+ "Sony Wave Hammer"    "Sony Wave Hammer"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio_x64\sfhammer_x64.dll"    "2013.06.07. 16:31"    ""
+ "Video Memory Render Filter"    ""    ""    "File not found: E:\Program Files (x86)\Image-Line\FL Studio 12\Plugins\Fruity\Effects\ZGameEditor Visualizer\VideoMemoryRenderFilter_x64.ax"    ""    ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "2017.02.24. 5:29"    ""
+ "Bandicam MPEG-1 Audio Decoder"    "Bandicam Directshow Filter"    "Bandicam Company"    "c:\program files (x86)\bandimpeg1\bdfilters.dll"    "2017.01.26. 8:25"    ""
+ "Bandicam MPEG-1 Video Decoder"    "Bandicam Directshow Filter"    "Bandicam Company"    "c:\program files (x86)\bandimpeg1\bdfilters.dll"    "2017.01.26. 8:25"    ""
+ "Capture File Writer"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
+ "Microcrap MPEG-4 Video Decompressor"    "Microcrap MPEG-4 Video Decompressor"    "Microcrap Corporation"    "c:\windows\syswow64\mpg4ds32.ax"    "1999.12.08. 9:19"    ""
+ "Record Queue"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
+ "Sony Wave Hammer"    "Sony Wave Hammer"    "Sony Creative Software Inc."    "c:\program files (x86)\sony\shared plug-ins\audio\sfhammer.dll"    "2013.06.07. 16:25"    ""
+ "Video Memory Render Filter"    ""    ""    "File not found: E:\Program Files (x86)\Image-Line\FL Studio 12\Plugins\Fruity\Effects\ZGameEditor Visualizer\VideoMemoryRenderFilter.ax"    ""    ""
+ "WM VIH2 Fix"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
+ "WMT DV Extract Filter"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
+ "WMT Sample Info Filter"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
+ "WMT Switch Filter"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
+ "WMT Virtual Renderer"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
+ "WMT Virtual Source"    "Photo Gallery Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"    "2014.04.01. 5:27"    ""
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""    "2015.04.23. 21:00"    ""
+ "{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}"    "Microsoft Camera Codec Pack"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"    "2014.10.02. 6:06"    ""
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"    ""    ""    ""    "2015.04.23. 21:00"    ""
+ "{5FDD51E2-A9D0-44CE-8C8D-162BA0C591A0}"    "Microsoft Camera Codec Pack"    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\microsoft camera codec pack\microsoftrawcodec.dll"    "2014.10.02. 5:34"    ""
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)"    ""    ""    ""    "2013.08.22. 16:43"    ""
+ "C:\Program Files\Internet Explorer\iexplore.exe"    "Internet Explorer"    "Microsoft Corporation"    "c:\program files\internet explorer\iexplore.exe"    "2015.11.08. 21:24"    ""
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls"    ""    ""    ""    "2014.11.21. 4:27"    ""
+ "_Wow64"    ""    ""    "File not found: C:\Windows\SysWOW64\Wow64.dll"    ""    ""
+ "_Wow64cpu"    ""    ""    "File not found: C:\Windows\SysWOW64\Wow64cpu.dll"    ""    ""
+ "_Wow64win"    ""    ""    "File not found: C:\Windows\SysWOW64\Wow64win.dll"    ""    ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""    "2016.06.09. 12:45"    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files (x86)\bonjour\mdnsnsp.dll"    "2011.08.31. 6:44"    ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""    "2016.06.09. 12:45"    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"    "2011.08.31. 6:53"    ""
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "2017.01.23. 16:57"    ""
+ "CutePDF Writer Monitor"    ""    ""    "c:\windows\system32\cpwmon64.dll"    "2016.01.22. 22:30"    ""
+ "HP B011 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinkstsb011lm.dll"    "2012.01.11. 11:31"    ""
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users