| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.04.2015, 15:35
| #1 |
 |  Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Hallo, mein Rechner läuft seit einigen Tagen ziemlich unrund. Wie oben beschrieben sind alle Windows-Updates grundsätzlich "fehlgeschlagen", einige Programme haben seltsame Startmanieren (Adobe Illustrator, InDesign, etc.) und nicht nachvollziehbare Abstürze etc. Ich liess den Eset-Online-Scanner mal alles absuchen und er fand eben im Thread-Namen genannte Variante....nun weiss ich nicht, ob das alles ist und würde mich sehr freuen, wenn sich mir jemand annimmt. cheers  FRST LOG: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-04-2015 02
Ran by Dizzy (administrator) on SKYNET on 24-04-2015 16:11:32
Running from D:\Downloads
Loaded Profiles: Dizzy (Available profiles: Dizzy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Akamai Technologies, Inc.) C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe InDesign CC 2014\InDesign.exe
() C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() D:\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-04-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [867488 2015-03-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: H - H:\MAXON-Start.exe
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: {9c36a470-0b2c-11e3-bcbc-a531233bc614} - E:\pushinst.exe
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: {aac4a5a1-1e97-11e3-b6bf-806e6f6e6963} - H:\MAXON-Start.exe
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: {d3af642f-5424-11e4-987c-00040ecc8efb} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-23] (Microsoft Corporation)
Startup: C:\Users\Dizzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-10-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1277190080-726137398-56086049-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1277190080-726137398-56086049-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKU\.DEFAULT -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1277190080-726137398-56086049-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default
FF NewTab:
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de/
FF NetworkProxy: "socks_version", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1277190080-726137398-56086049-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-17] ()
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-12-05]
FF Extension: Stoiberfy me - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\jid0-ZAEPExfZFY30nV7SWBrSfc03iuQ@jetpack.xpi [2013-12-11]
FF Extension: Black Youtube Theme - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi [2014-04-18]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-08-22]
FF Extension: Adblock Plus - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-23]
FF Extension: DownThemAll! - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-09-22]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-04-07]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [603312 2015-04-20] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-16] (Duplex Secure Ltd.)
U3 azu1374d; C:\Windows\System32\Drivers\azu1374d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-24 16:11 - 2015-04-24 16:11 - 00000000 ____D () C:\FRST
2015-04-24 16:08 - 2015-04-24 16:08 - 00000020 _____ () C:\Users\Dizzy\defogger_reenable
2015-04-24 11:40 - 2015-04-24 11:40 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-23 11:05 - 2015-04-23 11:05 - 00000000 ____D () C:\Users\Dizzy\Desktop\Elster
2015-04-23 10:18 - 2015-04-23 10:19 - 00000000 ___RD () C:\Users\Dizzy\Desktop\DT
2015-04-22 17:35 - 2015-04-22 17:35 - 00005798 _____ () C:\Windows\system32\lvcoinst.log
2015-04-22 17:02 - 2015-04-22 17:02 - 00000000 ____D () C:\ProgramData\.pixartokens
2015-04-21 08:16 - 2015-04-21 08:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 11:10 - 2015-04-19 17:47 - 00000000 ____D () C:\Users\Dizzy\Desktop\003_ornament
2015-04-18 14:28 - 2015-04-18 14:28 - 05950841 _____ () C:\Users\Dizzy\Desktop\Opel Meriva.c4d
2015-04-18 11:11 - 2011-10-15 01:50 - 01772448 _____ () C:\Users\Dizzy\Desktop\Opel Meriva.lwo
2015-04-17 13:03 - 2015-04-17 13:07 - 00000000 ____D () C:\Users\Dizzy\Desktop\Unbenannter Export
2015-04-17 12:58 - 2015-04-17 12:58 - 00000000 ____D () C:\Users\Dizzy\Desktop\2015
2015-04-17 12:58 - 2015-04-17 12:58 - 00000000 ____D () C:\Users\Dizzy\Desktop\2014
2015-04-17 10:55 - 2015-04-17 11:06 - 464240640 _____ () C:\Users\Dizzy\Downloads\RenderManProServer-19.0_1468883-windows7_vc10icc121.x86_64.msi
2015-04-17 10:53 - 2015-04-17 11:07 - 00006600 _____ () C:\Users\Dizzy\Downloads\ncr.Hp2948.txt
2015-04-17 10:53 - 2015-04-17 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixar
2015-04-17 10:53 - 2015-04-17 11:06 - 00000000 ____D () C:\Program Files\Pixar
2015-04-10 10:44 - 2015-04-10 10:44 - 01270077 _____ () C:\Users\Dizzy\Desktop\future.wrl
2015-04-08 11:51 - 2015-04-08 14:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-08 08:43 - 2015-04-08 08:43 - 00000000 ____D () C:\Users\Dizzy\Tracing
2015-04-07 08:47 - 2015-04-07 08:47 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-04-07 08:47 - 2015-04-07 08:47 - 00002037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2015-04-07 08:47 - 2015-04-07 08:47 - 00002014 _____ () C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2015-03-31 19:35 - 2015-03-31 19:35 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Skynet-Dizzy
2015-03-31 11:21 - 2015-03-31 11:21 - 00003563 _____ () C:\Users\Dizzy\Desktop\NetworkInfo.txt
2015-03-31 11:12 - 2015-03-31 11:13 - 00000891 _____ () C:\Users\Dizzy\Desktop\Tracert.txt
2015-03-30 07:24 - 2015-03-30 07:24 - 00000000 ____D () C:\Users\Dizzy\Desktop\BIlder 2007-2015
2015-03-27 11:14 - 2015-03-27 13:25 - 00001704 _____ () C:\Users\Dizzy\Desktop\PingPtracer.txt
2015-03-27 09:47 - 2015-03-27 09:47 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-27 09:14 - 2015-03-27 09:25 - 00001107 _____ () C:\Users\Dizzy\Desktop\CINEMA 4D.lnk
2015-03-27 09:14 - 2015-03-27 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2015-03-27 00:53 - 2015-03-27 01:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-27 00:53 - 2015-03-27 00:53 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 00:53 - 2015-03-27 00:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-27 00:52 - 2015-03-27 00:52 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-26 23:05 - 2015-03-26 23:05 - 00000000 ____D () C:\ProgramData\ATI
2015-03-26 22:47 - 2015-03-26 23:20 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Raptr
2015-03-26 22:47 - 2015-03-26 22:47 - 00000000 ____D () C:\ProgramData\AMD
2015-03-26 20:28 - 2015-04-22 17:35 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-03-26 13:05 - 2015-03-26 13:05 - 00000000 ____D () C:\Program Files\MAXON
2015-03-26 12:30 - 2015-03-26 12:30 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\chc
2015-03-25 15:58 - 2015-03-25 15:58 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2014.lnk
2015-03-25 11:20 - 2015-03-25 11:20 - 00001337 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CC.lnk
2015-03-25 11:11 - 2015-03-25 11:11 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk
2015-03-25 10:53 - 2015-03-25 10:53 - 00002085 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7.1 64-Bit.lnk
2015-03-25 10:53 - 2015-03-25 10:53 - 00002065 _____ () C:\Users\Public\Desktop\Lightroom 5.7.1 64-Bit.lnk
2015-03-25 08:23 - 2015-04-07 15:24 - 00001088 _____ () C:\Windows\PFRO.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-24 16:08 - 2013-08-22 15:15 - 00000000 ____D () C:\Users\Dizzy
2015-04-24 15:58 - 2013-09-13 17:22 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Skype
2015-04-24 12:11 - 2013-08-22 15:15 - 01687574 _____ () C:\Windows\WindowsUpdate.log
2015-04-24 10:36 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:36 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:34 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-24 10:34 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-24 10:34 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-24 10:30 - 2014-09-01 08:10 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\Adobe
2015-04-24 10:30 - 2014-05-02 15:11 - 00000000 ___RD () C:\Users\Dizzy\Dropbox
2015-04-24 10:30 - 2014-05-02 15:09 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Dropbox
2015-04-24 10:29 - 2015-02-17 17:18 - 00018531 _____ () C:\Windows\setupact.log
2015-04-24 10:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-24 08:30 - 2013-09-01 15:34 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\vlc
2015-04-23 13:38 - 2014-05-29 08:44 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\Battle.net
2015-04-23 12:55 - 2014-05-10 11:45 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\JDownloader v2.0
2015-04-22 17:22 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-22 17:17 - 2014-10-21 10:54 - 00001456 _____ () C:\Users\Dizzy\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-04-22 13:53 - 2013-08-23 07:37 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-22 12:07 - 2013-09-12 07:56 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-22 12:04 - 2014-01-08 08:38 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 12:01 - 2015-03-24 12:47 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-04-22 12:01 - 2015-03-24 12:47 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-04-22 12:01 - 2013-09-12 07:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-22 07:56 - 2013-08-22 16:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-19 11:11 - 2015-03-24 15:00 - 00000034 _____ () C:\Users\Dizzy\AppData\Roaming\AdobeWLCMCache.dat
2015-04-17 12:58 - 2015-02-17 13:58 - 00000000 ____D () C:\Users\Dizzy\Desktop\Portfolio 2015
2015-04-16 10:32 - 2014-05-29 08:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-15 13:08 - 2013-08-22 17:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 13:06 - 2013-08-22 17:08 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 12:12 - 2014-07-30 13:12 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\dxhr
2015-04-11 11:27 - 2014-09-19 08:33 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\.minecraft
2015-04-10 07:52 - 2014-05-02 15:11 - 00001015 _____ () C:\Users\Dizzy\Desktop\Dropbox.lnk
2015-04-10 07:52 - 2014-05-02 15:10 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-08 08:43 - 2014-09-16 18:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-08 08:28 - 2013-09-13 17:22 - 00000000 ____D () C:\ProgramData\Skype
2015-04-07 15:25 - 2013-08-23 09:54 - 00065544 _____ () C:\Users\Dizzy\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-07 15:24 - 2009-07-14 06:45 - 04995896 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-07 08:48 - 2014-12-23 17:10 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-07 08:47 - 2013-09-16 16:39 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-27 09:25 - 2014-04-30 09:11 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\MAXON
2015-03-26 23:20 - 2015-03-02 19:49 - 00000000 ___RD () C:\Users\Dizzy\Documents\Notes
2015-03-26 23:20 - 2015-01-21 17:00 - 00000000 ____D () C:\Users\Dizzy\Documents\Heroes of the Storm
2015-03-26 23:20 - 2014-12-30 17:49 - 00000000 ____D () C:\Users\Dizzy\Documents\FLiNGTrainer
2015-03-26 23:20 - 2014-12-15 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-03-26 23:20 - 2014-03-06 13:59 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-03-26 23:20 - 2013-09-07 09:05 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\Akamai
2015-03-26 23:20 - 2013-08-22 16:20 - 00000000 ____D () C:\AMD
2015-03-26 23:20 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-26 23:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-26 23:19 - 2014-12-15 08:05 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-03-26 23:19 - 2014-11-13 09:48 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-03-26 23:19 - 2014-01-26 10:15 - 00000000 ____D () C:\Users\Dizzy\Documents\BioWare
2015-03-26 23:19 - 2013-08-24 07:21 - 00000000 ____D () C:\Users\Dizzy\Documents\my games
2015-03-26 23:19 - 2013-08-22 16:25 - 00000000 ____D () C:\Program Files\AMD
2015-03-26 12:23 - 2014-09-02 18:25 - 00000000 ____D () C:\Users\Dizzy\Documents\Adobe
2015-03-26 12:23 - 2013-08-22 16:22 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Adobe
2015-03-25 15:58 - 2014-09-02 16:29 - 00000000 ____D () C:\Program Files\Adobe
2015-03-25 15:58 - 2013-09-16 16:25 - 00000000 ____D () C:\Program Files\Common Files\Adobe
==================== Files in the root of some directories =======
2013-12-17 14:54 - 2013-12-17 15:09 - 0000132 _____ () C:\Users\Dizzy\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-03-24 15:00 - 2015-04-19 11:11 - 0000034 _____ () C:\Users\Dizzy\AppData\Roaming\AdobeWLCMCache.dat
2014-09-29 19:48 - 2014-09-29 19:48 - 0000037 ___SH () C:\Users\Dizzy\AppData\Local\69ff07055291669bb2b218.72821112
2014-10-21 10:54 - 2015-04-22 17:17 - 0001456 _____ () C:\Users\Dizzy\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-02 20:26 - 2014-07-29 11:39 - 0001456 _____ () C:\Users\Dizzy\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-12-05 19:29 - 2014-10-24 09:07 - 0007600 _____ () C:\Users\Dizzy\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Dizzy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppva4ih.dll
C:\Users\Dizzy\AppData\Local\Temp\proxy_vole4219066933589844200.dll
C:\Users\Dizzy\AppData\Local\Temp\raptrpatch.exe
C:\Users\Dizzy\AppData\Local\Temp\raptr_stub.exe
C:\Users\Dizzy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dizzy\AppData\Local\Temp\Uninstall.exe
C:\Users\Dizzy\AppData\Local\Temp\{144E8A71-A155-4D5D-9363-A9B18463713D}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2015-04-15 09:49
==================== End Of Log ============================
ADDITION.TXT: FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2015 02
Ran by Dizzy at 2015-04-24 16:11:59
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1277190080-726137398-56086049-500 - Administrator - Disabled)
Dizzy (S-1-5-21-1277190080-726137398-56086049-1000 - Administrator - Enabled) => C:\Users\Dizzy
Gast (S-1-5-21-1277190080-726137398-56086049-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1277190080-726137398-56086049-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.2.0.069 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Akamai NetSession Interface (HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CINEMA 4D 16.038 (HKLM\...\MAXON8B6F11F9) (Version: 16.038 - MAXON Computer GmbH)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MeshLab_64b 1.3.3 (HKLM-x32\...\MeshLab_64b) (Version: 1.3.3 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
PDFTK Builder 3.5.3 (HKLM-x32\...\PDFTK Builder_is1) (Version: - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pixar RenderMan Pro Server 19.0 (HKLM\...\{7EA92811-DDBD-11E4-A753-001CC4171F87}) (Version: 19.0.1468883 - Pixar)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RenderManNC-Installer (HKLM\...\{DAB7A2E1-D380-11E4-BBF3-001CC4171F87}) (Version: 1.0.0 - Pixar)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-04-2015 13:22:51 Windows Update
22-04-2015 17:01:39 Windows Update
22-04-2015 17:34:48 Windows Update
22-04-2015 18:25:31 Windows Update
22-04-2015 18:58:47 Windows Update
22-04-2015 20:32:05 Windows Update
23-04-2015 09:13:03 Windows Update
23-04-2015 13:43:23 Windows Update
24-04-2015 09:58:11 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-03-25 10:08 - 00001297 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 crl.verisign.net
127.0.0.1 ood.opsource.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 ocsp.spo1.verisign.com
127.0.0.1 192.168.112.2o7.net
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 199.7.52.190
127.0.0.1 199.7.54.72
127.0.0.1 209.34.83.67
127.0.0.1 209.34.83.73
127.0.0.1 2o7.net
127.0.0.1 tss-geotrust-crl.thawte.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1EBD3B3D-1FAE-4585-9E4C-E803225AE6EF} - System32\Tasks\AdobeAAMUpdater-1.0-Skynet-Dizzy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated)
Task: {499EFA2E-B3B9-49B0-964B-D8CEA97591EA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13] (Adobe Systems Incorporated)
Task: {886CE8B9-7CC2-411C-8E15-5D23FBAA2AD9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {C34DFF0A-C7EF-466A-862A-C8640CCDA84F} - System32\Tasks\{0709E55C-9BC3-41A1-A357-86B121504C79} => pcalua.exe -a "C:\Users\Dizzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LONCHF84\Firefox%20Setup%20Stub%2023.0.1[1].exe" -d C:\Users\Dizzy\Desktop
Task: {F4CDE599-A6DA-43D3-BC48-6D869CD60B0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2014-11-20 22:23 - 2014-11-20 22:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-11-20 22:23 - 2014-11-20 22:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-11-22 02:03 - 2014-11-22 02:03 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-20 22:23 - 2014-11-20 22:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-04-16 17:41 - 2015-04-16 17:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-04-24 11:40 - 2014-06-26 07:44 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-05-02 14:12 - 2015-02-07 11:16 - 00095424 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASLSupport.dll
2014-05-02 14:12 - 2014-05-02 14:12 - 00266432 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASKLib.dll
2015-02-07 11:16 - 2015-02-07 11:16 - 01276608 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\typekitC4.dll
2014-05-02 14:12 - 2015-02-07 11:16 - 00263360 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\AdamLib.dll
2014-05-02 14:12 - 2014-05-02 14:12 - 00073408 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\unihan.dll
2014-09-03 13:55 - 2014-09-03 13:55 - 00815104 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
2015-04-24 16:08 - 2015-04-24 16:08 - 00050477 _____ () D:\Downloads\Defogger.exe
2015-04-20 07:16 - 2015-04-20 07:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2015-04-24 10:30 - 2015-04-24 10:30 - 00043008 _____ () c:\users\dizzy\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppva4ih.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 00746672 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 00136368 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Program Files\Common Files\System:9F4ymvjw6kabpdQTgg2x18V
AlternateDataStreams: C:\ProgramData\Microsoft:C6jucDp0bZuZqJ9c14hb
AlternateDataStreams: C:\ProgramData\Microsoft:jAYCD1Iae9sKQ2xnSpzTMve
AlternateDataStreams: C:\ProgramData\Microsoft:r38uJZGn1tmWt6PkZN
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68825310.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68825310.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1277190080-726137398-56086049-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dizzy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dizzy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zenimax Launcher.lnk => C:\Windows\pss\Zenimax Launcher.lnk.Startup
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Google Update => "C:\Users\Dizzy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB-Videogerät
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3
Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x11d0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3
Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3
Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x10cc
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3
Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3
Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x124c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3
Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3
Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x12a0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3
Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3
Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x5e0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3
System errors:
=============
Error: (04/24/2015 04:11:41 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 01:00:46 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (04/24/2015 01:00:46 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Microsoft Office Sessions:
=========================
Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3
Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf11d001d07e72d9df8cf9C:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll17f6f8d3-ea66-11e4-874e-00040ecc8efb
Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3
Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf10cc01d07e72d6e18402C:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll150aca6f-ea66-11e4-874e-00040ecc8efb
Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3
Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf124c01d07e72d3e43e5dC:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll11f9fc81-ea66-11e4-874e-00040ecc8efb
Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3
Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf12a001d07e72d0dbadefC:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll0f11ecdc-ea66-11e4-874e-00040ecc8efb
Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3
Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf5e001d07e72cdeb87dbC:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll0c136eb2-ea66-11e4-874e-00040ecc8efb
CodeIntegrity Errors:
===================================
Date: 2015-03-26 22:10:05.251
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 22:10:05.126
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 22:03:34.314
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 22:03:34.189
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 21:28:10.844
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 21:28:10.672
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 18:00:29.329
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 18:00:29.158
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 17:43:52.360
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-26 17:43:52.220
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 16356.88 MB
Available physical RAM: 11346.13 MB
Total Pagefile: 47711.94 MB
Available Pagefile: 42544.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:17.51 GB) NTFS
Drive d: (Skynet) (Fixed) (Total:931.41 GB) (Free:573.47 GB) NTFS
Drive f: (Volume) (Fixed) (Total:153.38 GB) (Free:153.29 GB) NTFS
Drive g: (Volume) (Fixed) (Total:232.88 GB) (Free:232.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 7C2F6DC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D766D766)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 97458EC1)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 153.4 GB) (Disk ID: E891E891)
Partition 1: (Not Active) - (Size=153.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER-Copy: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-24 16:33:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 Corsair_Performance_Pro rev.1.0 119,24GB
Running: j39pjdsw.exe; Driver: C:\Users\Dizzy\AppData\Local\Temp\ugldypog.sys
---- Processes - GMER 2.1 ----
Library c:\users\dizzy\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwmldoi.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-04-24 14:28:50) 0000000003180000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24) 000000006e000000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (ICU I18N DLL/The ICU Project)(2015-03-04 21:45:30) 000000004a900000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (ICU Common DLL/The ICU Project)(2015-03-04 21:45:30) 0000000005e80000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (ICU Data DLL/The ICU Project)(2015-03-04 21:45:30) 000000004ad00000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 000000006c420000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006c130000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30) 000000006da70000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006d2d0000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006aa00000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006a7e0000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006a360000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006d1e0000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30) 000000006d1b0000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 000000006d180000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000006c860000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 00000000692e0000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30) 0000000069c20000
Library C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30) 0000000069aa0000
---- EOF - GMER 2.1 ----
p.s. entschuldige, ich hatte nach diesem "CODE" gesucht, es aber nicht gefunden...hoffe das nun alles besser lesbar ist Geändert von Oronwe (24.04.2015 um 15:50 Uhr) |
|
24.04.2015, 15:41
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
24.04.2015, 21:46
| #3 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Hier schon einmal das mbar Log:
__________________Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 10.0.9200.17267
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 3.492000 GHz
Memory total: 17151426560, free: 14426759168
Downloaded database version: v2015.04.24.03
Downloaded database version: v2015.04.21.01
Downloaded database version: v2015.04.22.01
=======================================
Initializing...
------------ Kernel report ------------
04/24/2015 16:46:46
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\fwlanusb.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\lvrs64.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Users\Dizzy\AppData\Local\Temp\ugldypog.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\user32.dll
\Windows\System32\sechost.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imm32.dll
\Windows\System32\msctf.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\shlwapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\kernel32.dll
\Windows\System32\shell32.dll
\Windows\System32\urlmon.dll
\Windows\System32\usp10.dll
\Windows\System32\comdlg32.dll
\Windows\System32\psapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\advapi32.dll
\Windows\System32\ole32.dll
\Windows\System32\lpk.dll
\Windows\System32\wininet.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.04.24.03
rootkit: v2015.04.21.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d5dd790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d5dd1e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5dd790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d3d0580, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d3cf060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7C2F6DC8
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 249860096
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 128035676160 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d5fc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d4d5980, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5fc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d132e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d3d3060, DeviceName: \Device\Ide\IdeDeviceP3T1L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D766D766
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 488384512
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 250055122432 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800d5fd060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d5fc970, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5fd060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d0a9670, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d3df680, DeviceName: \Device\Ide\IdeDeviceP2T1L0-7\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E891E891
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 321667072
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 164696555520 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xfffffa800d5fe060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d5fda30, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5fe060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d328520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d32a060, DeviceName: \Device\Ide\IdeDeviceP4T1L0-8\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 97458EC1
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 1953304576
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000200658432 bytes
Sector size: 512 bytes
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
Removal finished
Kleines Update, Der TSSKILLER läuft nun seit 3h42min und hängt noch immer (wieder) bei der Datei 1394ohci.sys. Was könnte ich nun machen? Geändert von Oronwe (24.04.2015 um 17:43 Uhr) |
|
25.04.2015, 15:07
| #4 |
| /// the machine /// TB-Ausbilder | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Beende TDSSKiller. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.04.2015, 11:06
| #5 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Hallo, ComboFix geht bis Step 50, danach erscheint folgende Meldung : System FIle is infected !! Attempting to restore "C:Windoews-system32-Services.exe" Danach passiert nichts weiter (kein Log oder sonstiges) |
|
26.04.2015, 18:22
| #6 |
| /// the machine /// TB-Ausbilder | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Jetzt wirds witzig TDSSKiller bitte mal im abgesicherten Modus starten.
__________________ --> Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. |
|
27.04.2015, 06:08
| #7 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Guten Morgen, wenn der ABgesicherte Modus das witzige war, kommt hier nun die Pointe. 175 gefundene Objekte und hier das Log: Code:
ATTFilter 06:48:14.0762 0x05ac TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
06:48:23.0669 0x05ac ============================================================
06:48:23.0669 0x05ac Current date / time: 2015/04/27 06:48:23.0669
06:48:23.0669 0x05ac SystemInfo:
06:48:23.0669 0x05ac
06:48:23.0669 0x05ac OS Version: 6.1.7601 ServicePack: 1.0
06:48:23.0669 0x05ac Product type: Workstation
06:48:23.0669 0x05ac ComputerName: SKYNET
06:48:23.0669 0x05ac UserName: Dizzy
06:48:23.0669 0x05ac Windows directory: C:\Windows
06:48:23.0669 0x05ac System windows directory: C:\Windows
06:48:23.0669 0x05ac Running under WOW64
06:48:23.0669 0x05ac Processor architecture: Intel x64
06:48:23.0669 0x05ac Number of processors: 8
06:48:23.0669 0x05ac Page size: 0x1000
06:48:23.0669 0x05ac Boot type: Safe boot
06:48:23.0669 0x05ac ============================================================
06:48:23.0903 0x05ac KLMD registered as C:\Windows\system32\drivers\44355286.sys
06:48:23.0934 0x05ac System UUID: {F21FE57E-0EA1-9F60-8D2A-C64ABB18169C}
06:48:24.0262 0x05ac Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 ( 153.39 Gb ), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac Drive \Device\Harddisk2\DR2 - Size: 0x3A38725E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x76C0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac Drive \Device\Harddisk3\DR3 - Size: 0xE8E09ADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac ============================================================
06:48:24.0278 0x05ac \Device\Harddisk0\DR0:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x132C4000
06:48:24.0278 0x05ac \Device\Harddisk1\DR1:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:48:24.0278 0x05ac \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
06:48:24.0278 0x05ac \Device\Harddisk2\DR2:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C2800
06:48:24.0278 0x05ac \Device\Harddisk3\DR3:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D1000
06:48:24.0278 0x05ac ============================================================
06:48:24.0278 0x05ac C: <-> \Device\Harddisk1\DR1\Partition2
06:48:24.0309 0x05ac D: <-> \Device\Harddisk3\DR3\Partition1
06:48:24.0324 0x05ac F: <-> \Device\Harddisk0\DR0\Partition1
06:48:24.0340 0x05ac G: <-> \Device\Harddisk2\DR2\Partition1
06:48:24.0340 0x05ac ============================================================
06:48:24.0340 0x05ac Initialize success
06:48:24.0340 0x05ac ============================================================
06:48:32.0780 0x05e4 ============================================================
06:48:32.0780 0x05e4 Scan started
06:48:32.0780 0x05e4 Mode: Manual; SigCheck; TDLFS;
06:48:32.0780 0x05e4 ============================================================
06:48:32.0780 0x05e4 KSN ping started
06:48:32.0795 0x05e4 KSN ping finished: false
06:48:32.0873 0x05e4 ================ Scan system memory ========================
06:48:32.0873 0x05e4 System memory - ok
06:48:32.0873 0x05e4 ================ Scan services =============================
06:48:32.0904 0x05e4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:48:49.0160 0x05e4 1394ohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0222 0x05e4 1394ohci ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0238 0x05e4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:48:49.0269 0x05e4 ACPI - ok
06:48:49.0269 0x05e4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:48:49.0269 0x05e4 AcpiPmi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0269 0x05e4 AcpiPmi ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0269 0x05e4 Force sending object to P2P due to detect: AcpiPmi
06:48:49.0269 0x05e4 Object send P2P result: false
06:48:49.0284 0x05e4 [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:48:49.0284 0x05e4 AdobeARMservice - ok
06:48:49.0316 0x05e4 [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:48:49.0316 0x05e4 AdobeFlashPlayerUpdateSvc - ok
06:48:49.0331 0x05e4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
06:48:49.0362 0x05e4 adp94xx - ok
06:48:49.0362 0x05e4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
06:48:49.0378 0x05e4 adpahci - ok
06:48:49.0394 0x05e4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
06:48:49.0394 0x05e4 adpu320 - ok
06:48:49.0409 0x05e4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:48:49.0409 0x05e4 AeLookupSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0409 0x05e4 Object is SCO, delete is not allowed
06:48:49.0409 0x05e4 AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0425 0x05e4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
06:48:49.0440 0x05e4 AFD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0440 0x05e4 Object is SCO, delete is not allowed
06:48:49.0440 0x05e4 AFD ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0440 0x05e4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
06:48:49.0440 0x05e4 agp440 - ok
06:48:49.0456 0x05e4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
06:48:49.0456 0x05e4 ALG - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0456 0x05e4 ALG ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0456 0x05e4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
06:48:49.0472 0x05e4 aliide - ok
06:48:49.0472 0x05e4 [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:48:49.0487 0x05e4 AMD External Events Utility - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0487 0x05e4 AMD External Events Utility ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0487 0x05e4 Force sending object to P2P due to detect: AMD External Events Utility
06:48:49.0487 0x05e4 Object send P2P result: false
06:48:49.0503 0x05e4 AMD FUEL Service - ok
06:48:49.0503 0x05e4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
06:48:49.0503 0x05e4 amdide - ok
06:48:49.0518 0x05e4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
06:48:49.0518 0x05e4 AmdK8 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0518 0x05e4 Object is SCO, delete is not allowed
06:48:49.0518 0x05e4 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0924 0x05e4 [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
06:48:50.0423 0x05e4 amdkmdag - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0423 0x05e4 amdkmdag ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0454 0x05e4 [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
06:48:50.0470 0x05e4 amdkmdap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0470 0x05e4 amdkmdap ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0470 0x05e4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:48:50.0486 0x05e4 AmdPPM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0486 0x05e4 AmdPPM ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0486 0x05e4 Force sending object to P2P due to detect: AmdPPM
06:48:50.0486 0x05e4 Object send P2P result: false
06:48:50.0486 0x05e4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:48:50.0501 0x05e4 amdsata - ok
06:48:50.0501 0x05e4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
06:48:50.0517 0x05e4 amdsbs - ok
06:48:50.0517 0x05e4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:48:50.0517 0x05e4 amdxata - ok
06:48:50.0532 0x05e4 AODDriver4.2.0 - ok
06:48:50.0532 0x05e4 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
06:48:50.0548 0x05e4 AODDriver4.3 - ok
06:48:50.0548 0x05e4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
06:48:50.0548 0x05e4 AppID - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0548 0x05e4 AppID ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0548 0x05e4 Force sending object to P2P due to detect: AppID
06:48:50.0548 0x05e4 Object send P2P result: false
06:48:50.0564 0x05e4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:48:50.0564 0x05e4 AppIDSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4 AppIDSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0564 0x05e4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
06:48:50.0564 0x05e4 Appinfo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4 Object is SCO, delete is not allowed
06:48:50.0564 0x05e4 Appinfo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0579 0x05e4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
06:48:50.0579 0x05e4 arc - ok
06:48:50.0595 0x05e4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
06:48:50.0595 0x05e4 arcsas - ok
06:48:50.0610 0x05e4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:48:50.0626 0x05e4 aspnet_state - ok
06:48:50.0626 0x05e4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:48:50.0626 0x05e4 AsyncMac - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0626 0x05e4 Object is SCO, delete is not allowed
06:48:50.0626 0x05e4 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0626 0x05e4 Force sending object to P2P due to detect: AsyncMac
06:48:50.0626 0x05e4 Object send P2P result: false
06:48:50.0642 0x05e4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
06:48:50.0642 0x05e4 atapi - ok
06:48:50.0642 0x05e4 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
06:48:50.0657 0x05e4 AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0657 0x05e4 AtiHDAudioService ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0673 0x05e4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:48:50.0688 0x05e4 AudioEndpointBuilder - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0688 0x05e4 Object is SCO, delete is not allowed
06:48:50.0688 0x05e4 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0704 0x05e4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:48:50.0720 0x05e4 AudioSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0720 0x05e4 Object is SCO, delete is not allowed
06:48:50.0720 0x05e4 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0735 0x05e4 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
06:48:50.0735 0x05e4 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0735 0x05e4 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0751 0x05e4 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
06:48:50.0751 0x05e4 avmeject - ok
06:48:50.0751 0x05e4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:48:50.0766 0x05e4 AxInstSV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0766 0x05e4 AxInstSV ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0766 0x05e4 Force sending object to P2P due to detect: AxInstSV
06:48:50.0766 0x05e4 Object send P2P result: false
06:48:50.0766 0x05e4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
06:48:50.0782 0x05e4 b06bdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0782 0x05e4 b06bdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0782 0x05e4 Force sending object to P2P due to detect: b06bdrv
06:48:50.0782 0x05e4 Object send P2P result: false
06:48:50.0798 0x05e4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:48:50.0813 0x05e4 b57nd60a - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4 b57nd60a ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
06:48:50.0813 0x05e4 BDESVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4 BDESVC ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
06:48:50.0829 0x05e4 Beep - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0829 0x05e4 Beep ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0844 0x05e4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
06:48:50.0860 0x05e4 BFE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0860 0x05e4 Object is SCO, delete is not allowed
06:48:50.0860 0x05e4 BFE ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0876 0x05e4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
06:48:50.0907 0x05e4 BITS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4 BITS ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0907 0x05e4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
06:48:50.0907 0x05e4 blbdrive - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4 Object is SCO, delete is not allowed
06:48:50.0907 0x05e4 blbdrive ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:48:50.0922 0x05e4 bowser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4 Object is SCO, delete is not allowed
06:48:50.0922 0x05e4 bowser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4 Force sending object to P2P due to detect: bowser
06:48:50.0922 0x05e4 Object send P2P result: false
06:48:50.0922 0x05e4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:48:50.0922 0x05e4 BrFiltLo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4 Object is SCO, delete is not allowed
06:48:50.0922 0x05e4 BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:48:50.0938 0x05e4 BrFiltUp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4 Object is SCO, delete is not allowed
06:48:50.0938 0x05e4 BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
06:48:50.0938 0x05e4 BridgeMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4 Object is SCO, delete is not allowed
06:48:50.0938 0x05e4 BridgeMP ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4 Force sending object to P2P due to detect: BridgeMP
06:48:50.0938 0x05e4 Object send P2P result: false
06:48:50.0954 0x05e4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
06:48:50.0954 0x05e4 Browser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0954 0x05e4 Browser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:48:50.0969 0x05e4 Brserid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0969 0x05e4 Object is SCO, delete is not allowed
06:48:50.0969 0x05e4 Brserid ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4 Force sending object to P2P due to detect: Brserid
06:48:50.0969 0x05e4 Object send P2P result: false
06:48:50.0969 0x05e4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:48:50.0985 0x05e4 BrSerWdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4 Object is SCO, delete is not allowed
06:48:50.0985 0x05e4 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:48:50.0985 0x05e4 BrUsbMdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4 Object is SCO, delete is not allowed
06:48:50.0985 0x05e4 BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4 Force sending object to P2P due to detect: BrUsbMdm
06:48:50.0985 0x05e4 Object send P2P result: false
06:48:50.0985 0x05e4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:48:50.0985 0x05e4 BrUsbSer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4 Object is SCO, delete is not allowed
06:48:50.0985 0x05e4 BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:48:51.0000 0x05e4 BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4 Object is SCO, delete is not allowed
06:48:51.0000 0x05e4 BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
06:48:51.0000 0x05e4 bthserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4 Object is SCO, delete is not allowed
06:48:51.0000 0x05e4 bthserv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:48:51.0016 0x05e4 cdfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0016 0x05e4 Object is SCO, delete is not allowed
06:48:51.0016 0x05e4 cdfs ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
06:48:51.0032 0x05e4 cdrom - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4 Object is SCO, delete is not allowed
06:48:51.0032 0x05e4 cdrom ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0032 0x05e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
06:48:51.0032 0x05e4 CertPropSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4 Object is SCO, delete is not allowed
06:48:51.0032 0x05e4 CertPropSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
06:48:51.0047 0x05e4 circlass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0047 0x05e4 Object is SCO, delete is not allowed
06:48:51.0047 0x05e4 circlass ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
06:48:51.0063 0x05e4 CLFS - ok
06:48:51.0078 0x05e4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:48:51.0078 0x05e4 clr_optimization_v2.0.50727_32 - ok
06:48:51.0094 0x05e4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:48:51.0094 0x05e4 clr_optimization_v2.0.50727_64 - ok
06:48:51.0110 0x05e4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:48:51.0141 0x05e4 clr_optimization_v4.0.30319_32 - ok
06:48:51.0141 0x05e4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:48:51.0156 0x05e4 clr_optimization_v4.0.30319_64 - ok
06:48:51.0156 0x05e4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:48:51.0156 0x05e4 CmBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0156 0x05e4 Object is SCO, delete is not allowed
06:48:51.0156 0x05e4 CmBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0156 0x05e4 Force sending object to P2P due to detect: CmBatt
06:48:51.0172 0x05e4 Object send P2P result: false
06:48:51.0172 0x05e4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:48:51.0172 0x05e4 cmdide - ok
06:48:51.0188 0x05e4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
06:48:51.0203 0x05e4 CNG - ok
06:48:51.0219 0x05e4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:48:51.0219 0x05e4 Compbatt - ok
06:48:51.0219 0x05e4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:48:51.0219 0x05e4 CompositeBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0219 0x05e4 CompositeBus ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0219 0x05e4 Force sending object to P2P due to detect: CompositeBus
06:48:51.0234 0x05e4 Object send P2P result: false
06:48:51.0234 0x05e4 COMSysApp - ok
06:48:51.0234 0x05e4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
06:48:51.0234 0x05e4 crcdisk - ok
06:48:51.0250 0x05e4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:48:51.0250 0x05e4 CryptSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0250 0x05e4 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0266 0x05e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:48:51.0281 0x05e4 DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0281 0x05e4 Object is SCO, delete is not allowed
06:48:51.0281 0x05e4 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0281 0x05e4 Force sending object to P2P due to detect: DcomLaunch
06:48:51.0281 0x05e4 Object send P2P result: false
06:48:51.0297 0x05e4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
06:48:51.0297 0x05e4 defragsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0297 0x05e4 defragsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0312 0x05e4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:48:51.0312 0x05e4 DfsC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0312 0x05e4 Object is SCO, delete is not allowed
06:48:51.0312 0x05e4 DfsC ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0328 0x05e4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
06:48:51.0328 0x05e4 Dhcp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0328 0x05e4 Dhcp ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
06:48:51.0344 0x05e4 discache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0344 0x05e4 discache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
06:48:51.0359 0x05e4 Disk - ok
06:48:51.0359 0x05e4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:48:51.0375 0x05e4 Dnscache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0375 0x05e4 Object is SCO, delete is not allowed
06:48:51.0375 0x05e4 Dnscache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0375 0x05e4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
06:48:51.0390 0x05e4 dot3svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4 Object is SCO, delete is not allowed
06:48:51.0390 0x05e4 dot3svc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0390 0x05e4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
06:48:51.0390 0x05e4 DPS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4 Object is SCO, delete is not allowed
06:48:51.0390 0x05e4 DPS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0406 0x05e4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:48:51.0406 0x05e4 drmkaud - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0406 0x05e4 drmkaud ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0422 0x05e4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:48:51.0453 0x05e4 DXGKrnl - ok
06:48:51.0453 0x05e4 EagleX64 - ok
06:48:51.0468 0x05e4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
06:48:51.0468 0x05e4 EapHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0468 0x05e4 Object is SCO, delete is not allowed
06:48:51.0468 0x05e4 EapHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0593 0x05e4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
06:48:51.0671 0x05e4 ebdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0671 0x05e4 ebdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0687 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\Windows\System32\lsass.exe
06:48:51.0687 0x05e4 EFS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0687 0x05e4 Object is SCO, delete is not allowed
06:48:51.0687 0x05e4 EFS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0702 0x05e4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:48:51.0718 0x05e4 ehRecvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0718 0x05e4 Object is SCO, delete is not allowed
06:48:51.0718 0x05e4 ehRecvr ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0734 0x05e4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
06:48:51.0734 0x05e4 ehSched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0734 0x05e4 Object is SCO, delete is not allowed
06:48:51.0734 0x05e4 ehSched ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0749 0x05e4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
06:48:51.0765 0x05e4 elxstor - ok
06:48:51.0765 0x05e4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:48:51.0765 0x05e4 ErrDev - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0765 0x05e4 Object is SCO, delete is not allowed
06:48:51.0765 0x05e4 ErrDev ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0780 0x05e4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
06:48:51.0796 0x05e4 EventSystem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0796 0x05e4 EventSystem ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
06:48:51.0812 0x05e4 exfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0812 0x05e4 Object is SCO, delete is not allowed
06:48:51.0812 0x05e4 exfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4 Force sending object to P2P due to detect: exfat
06:48:51.0812 0x05e4 Object send P2P result: false
06:48:51.0827 0x05e4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:48:51.0827 0x05e4 fastfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0827 0x05e4 Object is SCO, delete is not allowed
06:48:51.0827 0x05e4 fastfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0827 0x05e4 Force sending object to P2P due to detect: fastfat
06:48:51.0827 0x05e4 Object send P2P result: false
06:48:51.0843 0x05e4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
06:48:51.0858 0x05e4 Fax - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0858 0x05e4 Object is SCO, delete is not allowed
06:48:51.0858 0x05e4 Fax ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:48:51.0874 0x05e4 fdc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4 Object is SCO, delete is not allowed
06:48:51.0874 0x05e4 fdc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
06:48:51.0874 0x05e4 fdPHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4 Object is SCO, delete is not allowed
06:48:51.0874 0x05e4 fdPHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
06:48:51.0890 0x05e4 FDResPub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0890 0x05e4 Object is SCO, delete is not allowed
06:48:51.0890 0x05e4 FDResPub ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0890 0x05e4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:48:51.0890 0x05e4 FileInfo - ok
06:48:51.0905 0x05e4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:48:51.0905 0x05e4 Filetrace - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4 Object is SCO, delete is not allowed
06:48:51.0905 0x05e4 Filetrace ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:48:51.0905 0x05e4 flpydisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4 Object is SCO, delete is not allowed
06:48:51.0905 0x05e4 flpydisk ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4 Force sending object to P2P due to detect: flpydisk
06:48:51.0905 0x05e4 Object send P2P result: false
06:48:51.0921 0x05e4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:48:51.0936 0x05e4 FltMgr - ok
06:48:51.0936 0x05e4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:48:51.0936 0x05e4 FontCache3.0.0.0 - ok
06:48:51.0952 0x05e4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:48:51.0952 0x05e4 FsDepends - ok
06:48:51.0952 0x05e4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:48:51.0968 0x05e4 Fs_Rec - ok
06:48:51.0968 0x05e4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
06:48:51.0983 0x05e4 fvevol - ok
06:48:51.0999 0x05e4 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
06:48:52.0014 0x05e4 FWLANUSB - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0014 0x05e4 FWLANUSB ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0014 0x05e4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
06:48:52.0014 0x05e4 gagp30kx - ok
06:48:52.0046 0x05e4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
06:48:52.0061 0x05e4 gpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0061 0x05e4 Object is SCO, delete is not allowed
06:48:52.0061 0x05e4 gpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0061 0x05e4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
06:48:52.0077 0x05e4 hcw85cir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0077 0x05e4 hcw85cir ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0077 0x05e4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:48:52.0092 0x05e4 HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0092 0x05e4 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0092 0x05e4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
06:48:52.0108 0x05e4 HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4 Object is SCO, delete is not allowed
06:48:52.0108 0x05e4 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
06:48:52.0108 0x05e4 HidBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4 HidBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
06:48:52.0124 0x05e4 HidBth - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4 Object is SCO, delete is not allowed
06:48:52.0124 0x05e4 HidBth ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
06:48:52.0124 0x05e4 HidIr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4 Object is SCO, delete is not allowed
06:48:52.0124 0x05e4 HidIr ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
06:48:52.0124 0x05e4 hidserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4 Object is SCO, delete is not allowed
06:48:52.0124 0x05e4 hidserv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
06:48:52.0139 0x05e4 HidUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0139 0x05e4 Object is SCO, delete is not allowed
06:48:52.0139 0x05e4 HidUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4 Force sending object to P2P due to detect: HidUsb
06:48:52.0139 0x05e4 Object send P2P result: false
06:48:52.0139 0x05e4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:48:52.0155 0x05e4 hkmsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0155 0x05e4 Object is SCO, delete is not allowed
06:48:52.0155 0x05e4 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0155 0x05e4 Force sending object to P2P due to detect: hkmsvc
06:48:52.0155 0x05e4 Object send P2P result: false
06:48:52.0155 0x05e4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:48:52.0170 0x05e4 HomeGroupListener - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0170 0x05e4 HomeGroupListener ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0170 0x05e4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:48:52.0170 0x05e4 HomeGroupProvider - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0186 0x05e4 HomeGroupProvider ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0186 0x05e4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
06:48:52.0186 0x05e4 HpSAMD - ok
06:48:52.0202 0x05e4 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
06:48:52.0202 0x05e4 HTCAND64 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0202 0x05e4 HTCAND64 ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0217 0x05e4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:48:52.0233 0x05e4 HTTP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0233 0x05e4 Object is SCO, delete is not allowed
06:48:52.0233 0x05e4 HTTP ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0248 0x05e4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
06:48:52.0248 0x05e4 hwpolicy - ok
06:48:52.0248 0x05e4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
06:48:52.0264 0x05e4 i8042prt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0264 0x05e4 Object is SCO, delete is not allowed
06:48:52.0264 0x05e4 i8042prt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0264 0x05e4 Force sending object to P2P due to detect: i8042prt
06:48:52.0264 0x05e4 Object send P2P result: false
06:48:52.0264 0x05e4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
06:48:52.0280 0x05e4 iaStorV - ok
06:48:52.0311 0x05e4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:48:52.0326 0x05e4 idsvc - ok
06:48:52.0342 0x05e4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
06:48:52.0342 0x05e4 iirsp - ok
06:48:52.0373 0x05e4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
06:48:52.0389 0x05e4 IKEEXT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0389 0x05e4 Object is SCO, delete is not allowed
06:48:52.0389 0x05e4 IKEEXT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0482 0x05e4 [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:48:52.0592 0x05e4 IntcAzAudAddService - ok
06:48:52.0592 0x05e4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
06:48:52.0607 0x05e4 intelide - ok
06:48:52.0607 0x05e4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:48:52.0607 0x05e4 intelppm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0607 0x05e4 Object is SCO, delete is not allowed
06:48:52.0607 0x05e4 intelppm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0607 0x05e4 Force sending object to P2P due to detect: intelppm
06:48:52.0607 0x05e4 Object send P2P result: false
06:48:52.0607 0x05e4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:48:52.0623 0x05e4 IPBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4 Object is SCO, delete is not allowed
06:48:52.0623 0x05e4 IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4 Force sending object to P2P due to detect: IPBusEnum
06:48:52.0623 0x05e4 Object send P2P result: false
06:48:52.0623 0x05e4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:48:52.0623 0x05e4 IpFilterDriver - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4 Object is SCO, delete is not allowed
06:48:52.0623 0x05e4 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4 Force sending object to P2P due to detect: IpFilterDriver
06:48:52.0623 0x05e4 Object send P2P result: false
06:48:52.0638 0x05e4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:48:52.0654 0x05e4 iphlpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0654 0x05e4 Object is SCO, delete is not allowed
06:48:52.0654 0x05e4 iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
06:48:52.0670 0x05e4 IPMIDRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0670 0x05e4 Object is SCO, delete is not allowed
06:48:52.0670 0x05e4 IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
06:48:52.0685 0x05e4 IPNAT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4 Object is SCO, delete is not allowed
06:48:52.0685 0x05e4 IPNAT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:48:52.0685 0x05e4 IRENUM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4 Object is SCO, delete is not allowed
06:48:52.0685 0x05e4 IRENUM ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4 Force sending object to P2P due to detect: IRENUM
06:48:52.0685 0x05e4 Object send P2P result: false
06:48:52.0685 0x05e4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:48:52.0701 0x05e4 isapnp - ok
06:48:52.0701 0x05e4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
06:48:52.0716 0x05e4 iScsiPrt - ok
06:48:52.0716 0x05e4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
06:48:52.0732 0x05e4 kbdclass - ok
06:48:52.0732 0x05e4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
06:48:52.0732 0x05e4 kbdhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0732 0x05e4 Object is SCO, delete is not allowed
06:48:52.0732 0x05e4 kbdhid ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0732 0x05e4 Force sending object to P2P due to detect: kbdhid
06:48:52.0732 0x05e4 Object send P2P result: false
06:48:52.0732 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\Windows\system32\lsass.exe
06:48:52.0748 0x05e4 KeyIso - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0748 0x05e4 Object is SCO, delete is not allowed
06:48:52.0748 0x05e4 KeyIso ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0748 0x05e4 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:48:52.0748 0x05e4 KSecDD - ok
06:48:52.0763 0x05e4 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
06:48:52.0763 0x05e4 KSecPkg - ok
06:48:52.0779 0x05e4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
06:48:52.0779 0x05e4 ksthunk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0779 0x05e4 ksthunk ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0794 0x05e4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
06:48:52.0794 0x05e4 KtmRm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0794 0x05e4 Object is SCO, delete is not allowed
06:48:52.0794 0x05e4 KtmRm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
06:48:52.0810 0x05e4 LanmanServer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0810 0x05e4 Object is SCO, delete is not allowed
06:48:52.0810 0x05e4 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4 Force sending object to P2P due to detect: LanmanServer
06:48:52.0810 0x05e4 Object send P2P result: false
06:48:52.0826 0x05e4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:48:52.0826 0x05e4 LanmanWorkstation - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0826 0x05e4 Object is SCO, delete is not allowed
06:48:52.0826 0x05e4 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0826 0x05e4 Force sending object to P2P due to detect: LanmanWorkstation
06:48:52.0826 0x05e4 Object send P2P result: false
06:48:52.0826 0x05e4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:48:52.0841 0x05e4 lltdio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0841 0x05e4 Object is SCO, delete is not allowed
06:48:52.0841 0x05e4 lltdio ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0841 0x05e4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:48:52.0857 0x05e4 lltdsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4 Object is SCO, delete is not allowed
06:48:52.0857 0x05e4 lltdsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0857 0x05e4 Force sending object to P2P due to detect: lltdsvc
06:48:52.0857 0x05e4 Object send P2P result: false
06:48:52.0857 0x05e4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:48:52.0857 0x05e4 lmhosts - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4 Object is SCO, delete is not allowed
06:48:52.0857 0x05e4 lmhosts ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0872 0x05e4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
06:48:52.0872 0x05e4 LSI_FC - ok
06:48:52.0888 0x05e4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
06:48:52.0888 0x05e4 LSI_SAS - ok
06:48:52.0904 0x05e4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:48:52.0904 0x05e4 LSI_SAS2 - ok
06:48:52.0904 0x05e4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:48:52.0919 0x05e4 LSI_SCSI - ok
06:48:52.0919 0x05e4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
06:48:52.0919 0x05e4 luafv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0935 0x05e4 Object is SCO, delete is not allowed
06:48:52.0935 0x05e4 luafv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0935 0x05e4 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
06:48:52.0950 0x05e4 LVRS64 - ok
06:48:52.0950 0x05e4 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
06:48:52.0966 0x05e4 MBfilt - ok
06:48:52.0966 0x05e4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:48:52.0982 0x05e4 Mcx2Svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0982 0x05e4 Object is SCO, delete is not allowed
06:48:52.0982 0x05e4 Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0982 0x05e4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
06:48:52.0982 0x05e4 megasas - ok
06:48:52.0997 0x05e4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
06:48:53.0013 0x05e4 MegaSR - ok
06:48:53.0013 0x05e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
06:48:53.0013 0x05e4 MMCSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0013 0x05e4 Object is SCO, delete is not allowed
06:48:53.0013 0x05e4 MMCSS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0013 0x05e4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
06:48:53.0028 0x05e4 Modem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4 Object is SCO, delete is not allowed
06:48:53.0028 0x05e4 Modem ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:48:53.0028 0x05e4 monitor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4 Object is SCO, delete is not allowed
06:48:53.0028 0x05e4 monitor ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4 Force sending object to P2P due to detect: monitor
06:48:53.0028 0x05e4 Object send P2P result: false
06:48:53.0028 0x05e4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
06:48:53.0044 0x05e4 mouclass - ok
06:48:53.0044 0x05e4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
06:48:53.0044 0x05e4 mouhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0044 0x05e4 Object is SCO, delete is not allowed
06:48:53.0044 0x05e4 mouhid ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0044 0x05e4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
06:48:53.0060 0x05e4 mountmgr - ok
06:48:53.0060 0x05e4 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:48:53.0075 0x05e4 MozillaMaintenance - ok
06:48:53.0091 0x05e4 [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
06:48:53.0091 0x05e4 MpFilter - ok
06:48:53.0106 0x05e4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
06:48:53.0106 0x05e4 mpio - ok
06:48:53.0122 0x05e4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:48:53.0122 0x05e4 mpsdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0122 0x05e4 Object is SCO, delete is not allowed
06:48:53.0122 0x05e4 mpsdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0138 0x05e4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
06:48:53.0169 0x05e4 MpsSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0169 0x05e4 Object is SCO, delete is not allowed
06:48:53.0169 0x05e4 MpsSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0169 0x05e4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:48:53.0169 0x05e4 MRxDAV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4 Object is SCO, delete is not allowed
06:48:53.0184 0x05e4 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0184 0x05e4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:48:53.0184 0x05e4 mrxsmb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4 Object is SCO, delete is not allowed
06:48:53.0184 0x05e4 mrxsmb ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0200 0x05e4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:48:53.0200 0x05e4 mrxsmb10 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0200 0x05e4 Object is SCO, delete is not allowed
06:48:53.0200 0x05e4 mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:48:53.0216 0x05e4 mrxsmb20 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0216 0x05e4 Object is SCO, delete is not allowed
06:48:53.0216 0x05e4 mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4 Force sending object to P2P due to detect: mrxsmb20
06:48:53.0216 0x05e4 Object send P2P result: false
06:48:53.0216 0x05e4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
06:48:53.0231 0x05e4 msahci - ok
06:48:53.0231 0x05e4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:48:53.0247 0x05e4 msdsm - ok
06:48:53.0247 0x05e4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
06:48:53.0262 0x05e4 MSDTC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4 Object is SCO, delete is not allowed
06:48:53.0262 0x05e4 MSDTC ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:48:53.0262 0x05e4 Msfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4 Object is SCO, delete is not allowed
06:48:53.0262 0x05e4 Msfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4 Force sending object to P2P due to detect: Msfs
06:48:53.0262 0x05e4 Object send P2P result: false
06:48:53.0262 0x05e4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
06:48:53.0262 0x05e4 mshidkmdf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4 mshidkmdf ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0278 0x05e4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:48:53.0278 0x05e4 msisadrv - ok
06:48:53.0294 0x05e4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:48:53.0294 0x05e4 MSiSCSI - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4 Object is SCO, delete is not allowed
06:48:53.0294 0x05e4 MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0294 0x05e4 msiserver - ok
06:48:53.0294 0x05e4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:48:53.0294 0x05e4 MSKSSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4 Object is SCO, delete is not allowed
06:48:53.0294 0x05e4 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0294 0x05e4 Force sending object to P2P due to detect: MSKSSRV
06:48:53.0309 0x05e4 Object send P2P result: false
06:48:53.0309 0x05e4 [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
06:48:53.0309 0x05e4 MsMpSvc - ok
06:48:53.0309 0x05e4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:48:53.0325 0x05e4 MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4 Object is SCO, delete is not allowed
06:48:53.0325 0x05e4 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4 Force sending object to P2P due to detect: MSPCLOCK
06:48:53.0325 0x05e4 Object send P2P result: false
06:48:53.0325 0x05e4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:48:53.0325 0x05e4 MSPQM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4 Object is SCO, delete is not allowed
06:48:53.0325 0x05e4 MSPQM ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4 Force sending object to P2P due to detect: MSPQM
06:48:53.0325 0x05e4 Object send P2P result: false
06:48:53.0340 0x05e4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:48:53.0356 0x05e4 MsRPC - ok
06:48:53.0356 0x05e4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
06:48:53.0356 0x05e4 mssmbios - ok
06:48:53.0356 0x05e4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:48:53.0372 0x05e4 MSTEE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4 Object is SCO, delete is not allowed
06:48:53.0372 0x05e4 MSTEE ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
06:48:53.0372 0x05e4 MTConfig - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4 MTConfig ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
06:48:53.0387 0x05e4 Mup - ok
06:48:53.0403 0x05e4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
06:48:53.0418 0x05e4 napagent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0418 0x05e4 Object is SCO, delete is not allowed
06:48:53.0418 0x05e4 napagent ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0418 0x05e4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:48:53.0434 0x05e4 NativeWifiP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0434 0x05e4 Object is SCO, delete is not allowed
06:48:53.0434 0x05e4 NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0450 0x05e4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
06:48:53.0481 0x05e4 NDIS - ok
06:48:53.0481 0x05e4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
06:48:53.0496 0x05e4 NdisCap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4 NdisCap ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4 Force sending object to P2P due to detect: NdisCap
06:48:53.0496 0x05e4 Object send P2P result: false
06:48:53.0496 0x05e4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:48:53.0496 0x05e4 NdisTapi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4 Object is SCO, delete is not allowed
06:48:53.0496 0x05e4 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:48:53.0512 0x05e4 Ndisuio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4 Object is SCO, delete is not allowed
06:48:53.0512 0x05e4 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0512 0x05e4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:48:53.0512 0x05e4 NdisWan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4 Object is SCO, delete is not allowed
06:48:53.0512 0x05e4 NdisWan ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:48:53.0528 0x05e4 NDProxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4 Object is SCO, delete is not allowed
06:48:53.0528 0x05e4 NDProxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:48:53.0528 0x05e4 NetBIOS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4 Object is SCO, delete is not allowed
06:48:53.0528 0x05e4 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0543 0x05e4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
06:48:53.0543 0x05e4 NetBT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0543 0x05e4 Object is SCO, delete is not allowed
06:48:53.0543 0x05e4 NetBT ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\Windows\system32\lsass.exe
06:48:53.0559 0x05e4 Netlogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0559 0x05e4 Object is SCO, delete is not allowed
06:48:53.0559 0x05e4 Netlogon ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4 Force sending object to P2P due to detect: Netlogon
06:48:53.0559 0x05e4 Object send P2P result: false
06:48:53.0559 0x05e4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
06:48:53.0574 0x05e4 Netman - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0574 0x05e4 Netman ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0590 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0590 0x05e4 NetMsmqActivator - ok
06:48:53.0606 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0606 0x05e4 NetPipeActivator - ok
06:48:53.0621 0x05e4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
06:48:53.0637 0x05e4 netprofm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0637 0x05e4 Object is SCO, delete is not allowed
06:48:53.0637 0x05e4 netprofm ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0637 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0652 0x05e4 NetTcpActivator - ok
06:48:53.0652 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0668 0x05e4 NetTcpPortSharing - ok
06:48:53.0668 0x05e4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
06:48:53.0684 0x05e4 nfrd960 - ok
06:48:53.0684 0x05e4 [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
06:48:53.0699 0x05e4 NisDrv - ok
06:48:53.0699 0x05e4 [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
06:48:53.0730 0x05e4 NisSrv - ok
06:48:53.0730 0x05e4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
06:48:53.0746 0x05e4 NlaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4 Object is SCO, delete is not allowed
06:48:53.0746 0x05e4 NlaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0746 0x05e4 Force sending object to P2P due to detect: NlaSvc
06:48:53.0746 0x05e4 Object send P2P result: false
06:48:53.0746 0x05e4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:48:53.0746 0x05e4 Npfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4 Object is SCO, delete is not allowed
06:48:53.0746 0x05e4 Npfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
06:48:53.0762 0x05e4 nsi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4 Object is SCO, delete is not allowed
06:48:53.0762 0x05e4 nsi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:48:53.0762 0x05e4 nsiproxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4 Object is SCO, delete is not allowed
06:48:53.0762 0x05e4 nsiproxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0808 0x05e4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:48:53.0855 0x05e4 Ntfs - ok
06:48:53.0855 0x05e4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
06:48:53.0855 0x05e4 Null - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0855 0x05e4 Object is SCO, delete is not allowed
06:48:53.0855 0x05e4 Null ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0855 0x05e4 Force sending object to P2P due to detect: Null
06:48:53.0855 0x05e4 Object send P2P result: false
06:48:53.0855 0x05e4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:48:53.0871 0x05e4 nvraid - ok
06:48:53.0886 0x05e4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:48:53.0886 0x05e4 nvstor - ok
06:48:53.0902 0x05e4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:48:53.0902 0x05e4 nv_agp - ok
06:48:53.0902 0x05e4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
06:48:53.0918 0x05e4 ohci1394 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0918 0x05e4 Object is SCO, delete is not allowed
06:48:53.0918 0x05e4 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0918 0x05e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
06:48:53.0933 0x05e4 p2pimsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0933 0x05e4 p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0949 0x05e4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
06:48:53.0964 0x05e4 p2psvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4 Object is SCO, delete is not allowed
06:48:53.0964 0x05e4 p2psvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
06:48:53.0964 0x05e4 Parport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4 Object is SCO, delete is not allowed
06:48:53.0964 0x05e4 Parport ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:48:53.0980 0x05e4 partmgr - ok
06:48:53.0980 0x05e4 [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
06:48:53.0996 0x05e4 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0996 0x05e4 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0996 0x05e4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
06:48:54.0011 0x05e4 PcaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0011 0x05e4 Object is SCO, delete is not allowed
06:48:54.0011 0x05e4 PcaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0011 0x05e4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
06:48:54.0027 0x05e4 pci - ok
06:48:54.0027 0x05e4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
06:48:54.0027 0x05e4 pciide - ok
06:48:54.0042 0x05e4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
06:48:54.0058 0x05e4 pcmcia - ok
06:48:54.0058 0x05e4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
06:48:54.0074 0x05e4 pcw - ok
06:48:54.0089 0x05e4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:48:54.0105 0x05e4 PEAUTH - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0105 0x05e4 Object is SCO, delete is not allowed
06:48:54.0105 0x05e4 PEAUTH ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0105 0x05e4 Force sending object to P2P due to detect: PEAUTH
06:48:54.0105 0x05e4 Object send P2P result: false
06:48:54.0120 0x05e4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
06:48:54.0136 0x05e4 PerfHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0136 0x05e4 PerfHost ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0167 0x05e4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
06:48:54.0198 0x05e4 pla - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0198 0x05e4 Object is SCO, delete is not allowed
06:48:54.0198 0x05e4 pla ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0198 0x05e4 Force sending object to P2P due to detect: pla
06:48:54.0214 0x05e4 Object send P2P result: false
06:48:54.0230 0x05e4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:48:54.0230 0x05e4 PlugPlay - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0230 0x05e4 Object is SCO, delete is not allowed
06:48:54.0230 0x05e4 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
06:48:54.0245 0x05e4 PNRPAutoReg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0245 0x05e4 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
06:48:54.0261 0x05e4 PNRPsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0261 0x05e4 PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0276 0x05e4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:48:54.0292 0x05e4 PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0292 0x05e4 Object is SCO, delete is not allowed
06:48:54.0292 0x05e4 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0292 0x05e4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
06:48:54.0308 0x05e4 Power - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4 Power ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0308 0x05e4 Force sending object to P2P due to detect: Power
06:48:54.0308 0x05e4 Object send P2P result: false
06:48:54.0308 0x05e4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:48:54.0308 0x05e4 PptpMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4 Object is SCO, delete is not allowed
06:48:54.0308 0x05e4 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
06:48:54.0323 0x05e4 Processor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0323 0x05e4 Object is SCO, delete is not allowed
06:48:54.0323 0x05e4 Processor ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4 Force sending object to P2P due to detect: Processor
06:48:54.0323 0x05e4 Object send P2P result: false
06:48:54.0323 0x05e4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
06:48:54.0339 0x05e4 ProfSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4 Object is SCO, delete is not allowed
06:48:54.0339 0x05e4 ProfSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0339 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:48:54.0339 0x05e4 ProtectedStorage - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4 Object is SCO, delete is not allowed
06:48:54.0339 0x05e4 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
06:48:54.0354 0x05e4 Psched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0354 0x05e4 Object is SCO, delete is not allowed
06:48:54.0354 0x05e4 Psched ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
06:48:54.0370 0x05e4 PxHlpa64 - ok
06:48:54.0401 0x05e4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
06:48:54.0448 0x05e4 ql2300 - ok
06:48:54.0448 0x05e4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
06:48:54.0464 0x05e4 ql40xx - ok
06:48:54.0464 0x05e4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
06:48:54.0479 0x05e4 QWAVE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4 Object is SCO, delete is not allowed
06:48:54.0479 0x05e4 QWAVE ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:48:54.0479 0x05e4 QWAVEdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4 Object is SCO, delete is not allowed
06:48:54.0479 0x05e4 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:48:54.0495 0x05e4 RasAcd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4 Object is SCO, delete is not allowed
06:48:54.0495 0x05e4 RasAcd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
06:48:54.0495 0x05e4 RasAgileVpn - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4 RasAgileVpn ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
06:48:54.0510 0x05e4 RasAuto - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4 Object is SCO, delete is not allowed
06:48:54.0510 0x05e4 RasAuto ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0510 0x05e4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:48:54.0510 0x05e4 Rasl2tp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4 Object is SCO, delete is not allowed
06:48:54.0510 0x05e4 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0526 0x05e4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
06:48:54.0542 0x05e4 RasMan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4 Object is SCO, delete is not allowed
06:48:54.0542 0x05e4 RasMan ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0542 0x05e4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:48:54.0542 0x05e4 RasPppoe - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4 Object is SCO, delete is not allowed
06:48:54.0542 0x05e4 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:48:54.0557 0x05e4 RasSstp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0557 0x05e4 Object is SCO, delete is not allowed
06:48:54.0557 0x05e4 RasSstp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:48:54.0573 0x05e4 rdbss - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0573 0x05e4 Object is SCO, delete is not allowed
06:48:54.0573 0x05e4 rdbss ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0573 0x05e4 Force sending object to P2P due to detect: rdbss
06:48:54.0573 0x05e4 Object send P2P result: false
06:48:54.0573 0x05e4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
06:48:54.0588 0x05e4 rdpbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4 rdpbus ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:48:54.0588 0x05e4 RDPCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4 Object is SCO, delete is not allowed
06:48:54.0588 0x05e4 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:48:54.0588 0x05e4 RDPENCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4 Object is SCO, delete is not allowed
06:48:54.0588 0x05e4 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
06:48:54.0604 0x05e4 RDPREFMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4 RDPREFMP ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:48:54.0604 0x05e4 RdpVideoMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4 RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0620 0x05e4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:48:54.0620 0x05e4 RDPWD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0620 0x05e4 Object is SCO, delete is not allowed
06:48:54.0620 0x05e4 RDPWD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0635 0x05e4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
06:48:54.0635 0x05e4 rdyboost - ok
06:48:54.0651 0x05e4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:48:54.0651 0x05e4 RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0651 0x05e4 Object is SCO, delete is not allowed
06:48:54.0651 0x05e4 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0651 0x05e4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:48:54.0666 0x05e4 RemoteRegistry - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
06:48:54.0666 0x05e4 RpcEptMapper - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4 RpcEptMapper ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4 Force sending object to P2P due to detect: RpcEptMapper
06:48:54.0666 0x05e4 Object send P2P result: false
06:48:54.0682 0x05e4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
06:48:54.0682 0x05e4 RpcLocator - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0682 0x05e4 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0682 0x05e4 Force sending object to P2P due to detect: RpcLocator
06:48:54.0682 0x05e4 Object send P2P result: false
06:48:54.0698 0x05e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
06:48:54.0698 0x05e4 RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0698 0x05e4 Object is SCO, delete is not allowed
06:48:54.0698 0x05e4 RpcSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:48:54.0713 0x05e4 rspndr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4 Object is SCO, delete is not allowed
06:48:54.0713 0x05e4 rspndr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\Windows\system32\lsass.exe
06:48:54.0713 0x05e4 SamSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4 Object is SCO, delete is not allowed
06:48:54.0713 0x05e4 SamSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4 Force sending object to P2P due to detect: SamSs
06:48:54.0713 0x05e4 Object send P2P result: false
06:48:54.0729 0x05e4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:48:54.0729 0x05e4 sbp2port - ok
06:48:54.0744 0x05e4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:48:54.0744 0x05e4 SCardSvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0744 0x05e4 Object is SCO, delete is not allowed
06:48:54.0744 0x05e4 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0760 0x05e4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
06:48:54.0760 0x05e4 scfilter - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0760 0x05e4 scfilter ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0791 0x05e4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
06:48:54.0822 0x05e4 Schedule - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4 Schedule ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0822 0x05e4 Force sending object to P2P due to detect: Schedule
06:48:54.0822 0x05e4 Object send P2P result: false
06:48:54.0822 0x05e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
06:48:54.0822 0x05e4 SCPolicySvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4 Object is SCO, delete is not allowed
06:48:54.0822 0x05e4 SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:48:54.0838 0x05e4 SDRSVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0838 0x05e4 Object is SCO, delete is not allowed
06:48:54.0838 0x05e4 SDRSVC ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:48:54.0838 0x05e4 secdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4 secdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
06:48:54.0854 0x05e4 seclogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4 Object is SCO, delete is not allowed
06:48:54.0854 0x05e4 seclogon ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
06:48:54.0854 0x05e4 SENS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4 Object is SCO, delete is not allowed
06:48:54.0854 0x05e4 SENS ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
06:48:54.0869 0x05e4 SensrSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4 SensrSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
06:48:54.0869 0x05e4 Serenum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4 Object is SCO, delete is not allowed
06:48:54.0869 0x05e4 Serenum ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
06:48:54.0885 0x05e4 Serial - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4 Object is SCO, delete is not allowed
06:48:54.0885 0x05e4 Serial ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
06:48:54.0885 0x05e4 sermouse - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4 Object is SCO, delete is not allowed
06:48:54.0885 0x05e4 sermouse ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4 Force sending object to P2P due to detect: sermouse
06:48:54.0885 0x05e4 Object send P2P result: false
06:48:54.0900 0x05e4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
06:48:54.0900 0x05e4 SessionEnv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0900 0x05e4 Object is SCO, delete is not allowed
06:48:54.0900 0x05e4 SessionEnv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0900 0x05e4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:48:54.0900 0x05e4 sffdisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4 Object is SCO, delete is not allowed
06:48:54.0916 0x05e4 sffdisk ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:48:54.0916 0x05e4 sffp_mmc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4 Object is SCO, delete is not allowed
06:48:54.0916 0x05e4 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:48:54.0916 0x05e4 sffp_sd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4 Object is SCO, delete is not allowed
06:48:54.0916 0x05e4 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
06:48:54.0932 0x05e4 sfloppy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0932 0x05e4 Object is SCO, delete is not allowed
06:48:54.0932 0x05e4 sfloppy ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0932 0x05e4 Force sending object to P2P due to detect: sfloppy
06:48:54.0932 0x05e4 Object send P2P result: false
06:48:54.0932 0x05e4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:48:54.0947 0x05e4 SharedAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0947 0x05e4 Object is SCO, delete is not allowed
06:48:54.0947 0x05e4 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0963 0x05e4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:48:54.0963 0x05e4 ShellHWDetection - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0963 0x05e4 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0978 0x05e4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:48:54.0978 0x05e4 SiSRaid2 - ok
06:48:54.0978 0x05e4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
06:48:54.0994 0x05e4 SiSRaid4 - ok
06:48:55.0056 0x05e4 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
06:48:55.0072 0x05e4 SkypeUpdate - ok
06:48:55.0072 0x05e4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:48:55.0072 0x05e4 Smb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0072 0x05e4 Object is SCO, delete is not allowed
06:48:55.0072 0x05e4 Smb ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0072 0x05e4 Force sending object to P2P due to detect: Smb
06:48:55.0072 0x05e4 Object send P2P result: false
06:48:55.0088 0x05e4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:48:55.0088 0x05e4 SNMPTRAP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0088 0x05e4 Object is SCO, delete is not allowed
06:48:55.0088 0x05e4 SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0088 0x05e4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
06:48:55.0088 0x05e4 spldr - ok
06:48:55.0103 0x05e4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
06:48:55.0119 0x05e4 Spooler - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0119 0x05e4 Spooler ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0197 0x05e4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
06:48:55.0290 0x05e4 sppsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0290 0x05e4 sppsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0290 0x05e4 Force sending object to P2P due to detect: sppsvc
06:48:55.0306 0x05e4 Object send P2P result: false
06:48:55.0306 0x05e4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
06:48:55.0306 0x05e4 sppuinotify - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0306 0x05e4 sppuinotify ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0306 0x05e4 Force sending object to P2P due to detect: sppuinotify
06:48:55.0306 0x05e4 Object send P2P result: false
06:48:55.0306 0x05e4 sptd - ok
06:48:55.0322 0x05e4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
06:48:55.0337 0x05e4 srv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0337 0x05e4 Object is SCO, delete is not allowed
06:48:55.0337 0x05e4 srv ( UnsignedFile.Multi.Generic ) - warning
|
|
27.04.2015, 06:10
| #8 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. 2ter Teil: Code:
ATTFilter 06:48:55.0353 0x05e4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:48:55.0368 0x05e4 srv2 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0368 0x05e4 Object is SCO, delete is not allowed
06:48:55.0368 0x05e4 srv2 ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0368 0x05e4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:48:55.0384 0x05e4 srvnet - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0384 0x05e4 Object is SCO, delete is not allowed
06:48:55.0384 0x05e4 srvnet ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0384 0x05e4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:48:55.0400 0x05e4 SSDPSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0400 0x05e4 Force sending object to P2P due to detect: SSDPSRV
06:48:55.0400 0x05e4 Object send P2P result: false
06:48:55.0400 0x05e4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:48:55.0400 0x05e4 SstpSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4 Object is SCO, delete is not allowed
06:48:55.0400 0x05e4 SstpSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0415 0x05e4 [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
06:48:55.0431 0x05e4 Steam Client Service - ok
06:48:55.0446 0x05e4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
06:48:55.0446 0x05e4 stexstor - ok
06:48:55.0462 0x05e4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
06:48:55.0478 0x05e4 stisvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0478 0x05e4 Object is SCO, delete is not allowed
06:48:55.0478 0x05e4 stisvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0478 0x05e4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
06:48:55.0493 0x05e4 swenum - ok
06:48:55.0509 0x05e4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
06:48:55.0524 0x05e4 swprv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0524 0x05e4 Object is SCO, delete is not allowed
06:48:55.0524 0x05e4 swprv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0524 0x05e4 Force sending object to P2P due to detect: swprv
06:48:55.0524 0x05e4 Object send P2P result: false
06:48:55.0556 0x05e4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
06:48:55.0602 0x05e4 SysMain - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0602 0x05e4 Object is SCO, delete is not allowed
06:48:55.0602 0x05e4 SysMain ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:48:55.0618 0x05e4 TabletInputService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0618 0x05e4 Object is SCO, delete is not allowed
06:48:55.0618 0x05e4 TabletInputService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
06:48:55.0634 0x05e4 TapiSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0634 0x05e4 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0634 0x05e4 Force sending object to P2P due to detect: TapiSrv
06:48:55.0634 0x05e4 Object send P2P result: false
06:48:55.0634 0x05e4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
06:48:55.0649 0x05e4 TBS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0649 0x05e4 Object is SCO, delete is not allowed
06:48:55.0649 0x05e4 TBS ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0696 0x05e4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:48:55.0743 0x05e4 Tcpip - ok
06:48:55.0774 0x05e4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
06:48:55.0821 0x05e4 TCPIP6 - ok
06:48:55.0836 0x05e4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:48:55.0836 0x05e4 tcpipreg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4 Object is SCO, delete is not allowed
06:48:55.0836 0x05e4 tcpipreg ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0836 0x05e4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:48:55.0836 0x05e4 TDPIPE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4 Object is SCO, delete is not allowed
06:48:55.0836 0x05e4 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:48:55.0852 0x05e4 TDTCP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4 Object is SCO, delete is not allowed
06:48:55.0852 0x05e4 TDTCP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4 Force sending object to P2P due to detect: TDTCP
06:48:55.0852 0x05e4 Object send P2P result: false
06:48:55.0852 0x05e4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:48:55.0852 0x05e4 tdx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4 Object is SCO, delete is not allowed
06:48:55.0852 0x05e4 tdx ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0868 0x05e4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
06:48:55.0868 0x05e4 TermDD - ok
06:48:55.0883 0x05e4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
06:48:55.0899 0x05e4 TermService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0899 0x05e4 Object is SCO, delete is not allowed
06:48:55.0899 0x05e4 TermService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
06:48:55.0914 0x05e4 Themes - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0914 0x05e4 Themes ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
06:48:55.0930 0x05e4 THREADORDER - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4 Object is SCO, delete is not allowed
06:48:55.0930 0x05e4 THREADORDER ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0930 0x05e4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
06:48:55.0930 0x05e4 TrkWks - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4 Object is SCO, delete is not allowed
06:48:55.0930 0x05e4 TrkWks ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:48:55.0946 0x05e4 TrustedInstaller - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0946 0x05e4 Object is SCO, delete is not allowed
06:48:55.0946 0x05e4 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4 Force sending object to P2P due to detect: TrustedInstaller
06:48:55.0946 0x05e4 Object send P2P result: false
06:48:55.0946 0x05e4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:48:55.0961 0x05e4 tssecsrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4 Object is SCO, delete is not allowed
06:48:55.0961 0x05e4 tssecsrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
06:48:55.0961 0x05e4 TsUsbFlt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4 TsUsbFlt ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:48:55.0977 0x05e4 tunnel - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0977 0x05e4 Object is SCO, delete is not allowed
06:48:55.0977 0x05e4 tunnel ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0977 0x05e4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
06:48:55.0977 0x05e4 uagp35 - ok
06:48:55.0992 0x05e4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:48:56.0008 0x05e4 udfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4 Object is SCO, delete is not allowed
06:48:56.0008 0x05e4 udfs ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0008 0x05e4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:48:56.0008 0x05e4 UI0Detect - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4 Object is SCO, delete is not allowed
06:48:56.0008 0x05e4 UI0Detect ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0024 0x05e4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:48:56.0024 0x05e4 uliagpkx - ok
06:48:56.0024 0x05e4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
06:48:56.0039 0x05e4 umbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4 Object is SCO, delete is not allowed
06:48:56.0039 0x05e4 umbus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0039 0x05e4 Force sending object to P2P due to detect: umbus
06:48:56.0039 0x05e4 Object send P2P result: false
06:48:56.0039 0x05e4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
06:48:56.0039 0x05e4 UmPass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4 Object is SCO, delete is not allowed
06:48:56.0039 0x05e4 UmPass ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0055 0x05e4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
06:48:56.0055 0x05e4 upnphost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0055 0x05e4 upnphost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
06:48:56.0070 0x05e4 usbaudio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0070 0x05e4 usbaudio ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4 Force sending object to P2P due to detect: usbaudio
06:48:56.0070 0x05e4 Object send P2P result: false
06:48:56.0070 0x05e4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
06:48:56.0086 0x05e4 usbccgp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4 Object is SCO, delete is not allowed
06:48:56.0086 0x05e4 usbccgp ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0086 0x05e4 Force sending object to P2P due to detect: usbccgp
06:48:56.0086 0x05e4 Object send P2P result: false
06:48:56.0086 0x05e4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:48:56.0086 0x05e4 usbcir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4 Object is SCO, delete is not allowed
06:48:56.0086 0x05e4 usbcir ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0102 0x05e4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
06:48:56.0102 0x05e4 usbehci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0102 0x05e4 Object is SCO, delete is not allowed
06:48:56.0102 0x05e4 usbehci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:48:56.0117 0x05e4 usbhub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0117 0x05e4 Object is SCO, delete is not allowed
06:48:56.0117 0x05e4 usbhub ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
06:48:56.0133 0x05e4 usbohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4 Object is SCO, delete is not allowed
06:48:56.0133 0x05e4 usbohci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4 Force sending object to P2P due to detect: usbohci
06:48:56.0133 0x05e4 Object send P2P result: false
06:48:56.0133 0x05e4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
06:48:56.0133 0x05e4 usbprint - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4 Object is SCO, delete is not allowed
06:48:56.0133 0x05e4 usbprint ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:48:56.0148 0x05e4 USBSTOR - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
06:48:56.0148 0x05e4 usbuhci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4 Object is SCO, delete is not allowed
06:48:56.0148 0x05e4 usbuhci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4 Force sending object to P2P due to detect: usbuhci
06:48:56.0148 0x05e4 Object send P2P result: false
06:48:56.0148 0x05e4 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
06:48:56.0148 0x05e4 usb_rndisx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4 usb_rndisx ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
06:48:56.0164 0x05e4 UxSms - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4 Object is SCO, delete is not allowed
06:48:56.0164 0x05e4 UxSms ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\Windows\system32\lsass.exe
06:48:56.0164 0x05e4 VaultSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4 Object is SCO, delete is not allowed
06:48:56.0164 0x05e4 VaultSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
06:48:56.0180 0x05e4 vdrvroot - ok
06:48:56.0195 0x05e4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
06:48:56.0211 0x05e4 vds - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4 Object is SCO, delete is not allowed
06:48:56.0211 0x05e4 vds ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:48:56.0211 0x05e4 vga - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4 Object is SCO, delete is not allowed
06:48:56.0211 0x05e4 vga ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4 Force sending object to P2P due to detect: vga
06:48:56.0211 0x05e4 Object send P2P result: false
06:48:56.0226 0x05e4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
06:48:56.0226 0x05e4 VgaSave - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0226 0x05e4 Object is SCO, delete is not allowed
06:48:56.0226 0x05e4 VgaSave ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0226 0x05e4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
06:48:56.0242 0x05e4 vhdmp - ok
06:48:56.0242 0x05e4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
06:48:56.0258 0x05e4 viaide - ok
06:48:56.0258 0x05e4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:48:56.0258 0x05e4 volmgr - ok
06:48:56.0273 0x05e4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:48:56.0289 0x05e4 volmgrx - ok
06:48:56.0304 0x05e4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:48:56.0304 0x05e4 volsnap - ok
06:48:56.0320 0x05e4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
06:48:56.0320 0x05e4 vsmraid - ok
06:48:56.0367 0x05e4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
06:48:56.0398 0x05e4 VSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0398 0x05e4 Object is SCO, delete is not allowed
06:48:56.0398 0x05e4 VSS ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0414 0x05e4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
06:48:56.0414 0x05e4 vwifibus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0414 0x05e4 vwifibus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0429 0x05e4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
06:48:56.0429 0x05e4 W32Time - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0429 0x05e4 Object is SCO, delete is not allowed
06:48:56.0429 0x05e4 W32Time ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
06:48:56.0445 0x05e4 WacomPen - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4 Object is SCO, delete is not allowed
06:48:56.0445 0x05e4 WacomPen ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0445 0x05e4 WANARP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4 Object is SCO, delete is not allowed
06:48:56.0445 0x05e4 WANARP ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0460 0x05e4 Wanarpv6 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0460 0x05e4 Object is SCO, delete is not allowed
06:48:56.0460 0x05e4 Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4 Force sending object to P2P due to detect: Wanarpv6
06:48:56.0460 0x05e4 Object send P2P result: false
06:48:56.0492 0x05e4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
06:48:56.0523 0x05e4 WatAdminSvc - ok
06:48:56.0570 0x05e4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
06:48:56.0601 0x05e4 wbengine - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0601 0x05e4 Object is SCO, delete is not allowed
06:48:56.0601 0x05e4 wbengine ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0616 0x05e4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
06:48:56.0616 0x05e4 WbioSrvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0616 0x05e4 WbioSrvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0632 0x05e4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:48:56.0632 0x05e4 wcncsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0632 0x05e4 Object is SCO, delete is not allowed
06:48:56.0632 0x05e4 wcncsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:48:56.0648 0x05e4 WcsPlugInService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0648 0x05e4 Object is SCO, delete is not allowed
06:48:56.0648 0x05e4 WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
06:48:56.0663 0x05e4 Wd - ok
06:48:56.0679 0x05e4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:48:56.0694 0x05e4 Wdf01000 - ok
06:48:56.0710 0x05e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:48:56.0710 0x05e4 WdiServiceHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0710 0x05e4 Object is SCO, delete is not allowed
06:48:56.0710 0x05e4 WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:48:56.0726 0x05e4 WdiSystemHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0726 0x05e4 Object is SCO, delete is not allowed
06:48:56.0726 0x05e4 WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
06:48:56.0741 0x05e4 WebClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0741 0x05e4 Object is SCO, delete is not allowed
06:48:56.0741 0x05e4 WebClient ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:48:56.0757 0x05e4 Wecsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0757 0x05e4 Object is SCO, delete is not allowed
06:48:56.0757 0x05e4 Wecsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:48:56.0772 0x05e4 wercplsupport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4 Object is SCO, delete is not allowed
06:48:56.0772 0x05e4 wercplsupport ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
06:48:56.0772 0x05e4 WerSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4 Object is SCO, delete is not allowed
06:48:56.0772 0x05e4 WerSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
06:48:56.0788 0x05e4 WfpLwf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0788 0x05e4 WfpLwf ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0788 0x05e4 Force sending object to P2P due to detect: WfpLwf
06:48:56.0788 0x05e4 Object send P2P result: false
06:48:56.0788 0x05e4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
06:48:56.0788 0x05e4 WIMMount - ok
06:48:56.0788 0x05e4 WinDefend - ok
06:48:56.0804 0x05e4 WinHttpAutoProxySvc - ok
06:48:56.0804 0x05e4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:48:56.0819 0x05e4 Winmgmt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0819 0x05e4 Object is SCO, delete is not allowed
06:48:56.0819 0x05e4 Winmgmt ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0866 0x05e4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
06:48:56.0913 0x05e4 WinRM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0913 0x05e4 Object is SCO, delete is not allowed
06:48:56.0913 0x05e4 WinRM ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0928 0x05e4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
06:48:56.0928 0x05e4 WinUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0928 0x05e4 WinUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0944 0x05e4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
06:48:56.0975 0x05e4 Wlansvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0975 0x05e4 Object is SCO, delete is not allowed
06:48:56.0975 0x05e4 Wlansvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0022 0x05e4 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:48:57.0084 0x05e4 wlidsvc - ok
06:48:57.0084 0x05e4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
06:48:57.0084 0x05e4 WmiAcpi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0084 0x05e4 Object is SCO, delete is not allowed
06:48:57.0084 0x05e4 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0100 0x05e4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:48:57.0100 0x05e4 wmiApSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0100 0x05e4 Object is SCO, delete is not allowed
06:48:57.0100 0x05e4 wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4 WMPNetworkSvc - ok
06:48:57.0116 0x05e4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:48:57.0116 0x05e4 WPCSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0116 0x05e4 Object is SCO, delete is not allowed
06:48:57.0116 0x05e4 WPCSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4 Force sending object to P2P due to detect: WPCSvc
06:48:57.0116 0x05e4 Object send P2P result: false
06:48:57.0116 0x05e4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:48:57.0131 0x05e4 WPDBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4 Object is SCO, delete is not allowed
06:48:57.0131 0x05e4 WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:48:57.0131 0x05e4 ws2ifsl - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4 Object is SCO, delete is not allowed
06:48:57.0131 0x05e4 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
06:48:57.0147 0x05e4 wscsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0147 0x05e4 Object is SCO, delete is not allowed
06:48:57.0147 0x05e4 wscsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0147 0x05e4 Force sending object to P2P due to detect: wscsvc
06:48:57.0147 0x05e4 Object send P2P result: false
06:48:57.0147 0x05e4 WSearch - ok
06:48:57.0209 0x05e4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
06:48:57.0272 0x05e4 wuauserv - ok
06:48:57.0272 0x05e4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
06:48:57.0287 0x05e4 WudfPf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4 Object is SCO, delete is not allowed
06:48:57.0287 0x05e4 WudfPf ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:48:57.0287 0x05e4 WUDFRd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4 Object is SCO, delete is not allowed
06:48:57.0287 0x05e4 WUDFRd ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4 Force sending object to P2P due to detect: WUDFRd
06:48:57.0303 0x05e4 Object send P2P result: false
06:48:57.0303 0x05e4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:48:57.0303 0x05e4 wudfsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0303 0x05e4 Object is SCO, delete is not allowed
06:48:57.0303 0x05e4 wudfsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
06:48:57.0318 0x05e4 WwanSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0318 0x05e4 WwanSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4 Force sending object to P2P due to detect: WwanSvc
06:48:57.0318 0x05e4 Object send P2P result: false
06:48:57.0318 0x05e4 ================ Scan global ===============================
06:48:57.0334 0x05e4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
06:48:57.0334 0x05e4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
06:48:57.0365 0x05e4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
06:48:57.0365 0x05e4 [ Global ] - ok
06:48:57.0365 0x05e4 ================ Scan MBR ==================================
06:48:57.0365 0x05e4 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
06:48:57.0412 0x05e4 \Device\Harddisk0\DR0 - ok
06:48:57.0412 0x05e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
06:48:57.0521 0x05e4 \Device\Harddisk1\DR1 - ok
06:48:57.0521 0x05e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
06:48:57.0568 0x05e4 \Device\Harddisk2\DR2 - ok
06:48:57.0584 0x05e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
06:48:57.0630 0x05e4 \Device\Harddisk3\DR3 - ok
06:48:57.0630 0x05e4 ================ Scan VBR ==================================
06:48:57.0630 0x05e4 [ 0EE2DD8428A12145BDEE66378AE92E26 ] \Device\Harddisk0\DR0\Partition1
06:48:57.0630 0x05e4 \Device\Harddisk0\DR0\Partition1 - ok
06:48:57.0630 0x05e4 [ 9C9C8B45E21AD77EA6D5035C53019B6A ] \Device\Harddisk1\DR1\Partition1
06:48:57.0630 0x05e4 \Device\Harddisk1\DR1\Partition1 - ok
06:48:57.0646 0x05e4 [ 1CF7C9E0C2891AADCDBA1FC14C9B93BF ] \Device\Harddisk1\DR1\Partition2
06:48:57.0646 0x05e4 \Device\Harddisk1\DR1\Partition2 - ok
06:48:57.0646 0x05e4 [ 803961758AD5EF82D9A740EB838293FE ] \Device\Harddisk2\DR2\Partition1
06:48:57.0662 0x05e4 \Device\Harddisk2\DR2\Partition1 - ok
06:48:57.0662 0x05e4 [ 543BE68A69DD2EEAF6271B5357D6D96A ] \Device\Harddisk3\DR3\Partition1
06:48:57.0693 0x05e4 \Device\Harddisk3\DR3\Partition1 - ok
06:48:57.0693 0x05e4 ================ Scan generic autorun ======================
06:48:57.0974 0x05e4 [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
06:48:58.0301 0x05e4 RTHDVCPL - ok
06:48:58.0348 0x05e4 [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
06:48:58.0395 0x05e4 MSC - ok
06:48:58.0410 0x05e4 [ 51B634D617073986FA73417318F7C121, CAB64175383F501FA515D335167334D7F2147F0889E5052484AA1FF866C6F8CF ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
06:48:58.0426 0x05e4 AdobeAAMUpdater-1.0 - ok
06:48:58.0473 0x05e4 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
06:48:58.0520 0x05e4 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:58.0520 0x05e4 AVMWlanClient ( UnsignedFile.Multi.Generic ) - warning
06:48:58.0520 0x05e4 [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
06:48:58.0535 0x05e4 NUSB3MON - ok
06:48:58.0566 0x05e4 [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
06:48:58.0582 0x05e4 StartCCC - ok
06:48:58.0644 0x05e4 [ 87EE3EF42CF8257F6B14BAD6F77DFF04, 8E64B1BD89C322753D0E1BBBFD61D5FFE202CA3C07298BC613E3D7E303479E23 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
06:48:58.0707 0x05e4 Adobe Creative Cloud - ok
06:48:58.0738 0x05e4 [ 2E156FEA6FA4F462F39F6AA86E03A269, E99343353781DBD5B300D6B887D8CC91DB019922CA7E494500CC2604685287FD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
06:48:58.0785 0x05e4 Acrobat Assistant 8.0 - ok
06:48:58.0894 0x05e4 [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
06:48:59.0019 0x05e4 Akamai NetSession Interface - ok
06:48:59.0175 0x05e4 [ 18EE6C694976C4D205AF24D6CCE3B660, 262F8B929CBBC8BFDD465826A27625ED9508A7C325C45F1964A4EFAC36D60056 ] C:\Program Files\CCleaner\CCleaner64.exe
06:48:59.0362 0x05e4 CCleaner Monitoring - ok
06:48:59.0393 0x05e4 [ D3D72615EA99E9B4D83101A4006595EA, E6ED416D75B9A7C573F68DBEB5E58D771D6D0D46415C373466EDC4E266C100D7 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
06:48:59.0409 0x05e4 Adobe Acrobat Synchronizer - ok
06:48:59.0440 0x05e4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x60000 ( disabled : updated )
06:48:59.0456 0x05e4 Win FW state via NFP2: enabled
06:48:59.0456 0x05e4 ============================================================
06:48:59.0456 0x05e4 Scan finished
06:48:59.0456 0x05e4 ============================================================
06:48:14.0762 0x05ac TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
06:48:23.0669 0x05ac ============================================================
06:48:23.0669 0x05ac Current date / time: 2015/04/27 06:48:23.0669
06:48:23.0669 0x05ac SystemInfo:
06:48:23.0669 0x05ac
06:48:23.0669 0x05ac OS Version: 6.1.7601 ServicePack: 1.0
06:48:23.0669 0x05ac Product type: Workstation
06:48:23.0669 0x05ac ComputerName: SKYNET
06:48:23.0669 0x05ac UserName: Dizzy
06:48:23.0669 0x05ac Windows directory: C:\Windows
06:48:23.0669 0x05ac System windows directory: C:\Windows
06:48:23.0669 0x05ac Running under WOW64
06:48:23.0669 0x05ac Processor architecture: Intel x64
06:48:23.0669 0x05ac Number of processors: 8
06:48:23.0669 0x05ac Page size: 0x1000
06:48:23.0669 0x05ac Boot type: Safe boot
06:48:23.0669 0x05ac ============================================================
06:48:23.0903 0x05ac KLMD registered as C:\Windows\system32\drivers\44355286.sys
06:48:23.0934 0x05ac System UUID: {F21FE57E-0EA1-9F60-8D2A-C64ABB18169C}
06:48:24.0262 0x05ac Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 ( 153.39 Gb ), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac Drive \Device\Harddisk2\DR2 - Size: 0x3A38725E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x76C0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac Drive \Device\Harddisk3\DR3 - Size: 0xE8E09ADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac ============================================================
06:48:24.0278 0x05ac \Device\Harddisk0\DR0:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x132C4000
06:48:24.0278 0x05ac \Device\Harddisk1\DR1:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:48:24.0278 0x05ac \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
06:48:24.0278 0x05ac \Device\Harddisk2\DR2:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C2800
06:48:24.0278 0x05ac \Device\Harddisk3\DR3:
06:48:24.0278 0x05ac MBR partitions:
06:48:24.0278 0x05ac \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D1000
06:48:24.0278 0x05ac ============================================================
06:48:24.0278 0x05ac C: <-> \Device\Harddisk1\DR1\Partition2
06:48:24.0309 0x05ac D: <-> \Device\Harddisk3\DR3\Partition1
06:48:24.0324 0x05ac F: <-> \Device\Harddisk0\DR0\Partition1
06:48:24.0340 0x05ac G: <-> \Device\Harddisk2\DR2\Partition1
06:48:24.0340 0x05ac ============================================================
06:48:24.0340 0x05ac Initialize success
06:48:24.0340 0x05ac ============================================================
06:48:32.0780 0x05e4 ============================================================
06:48:32.0780 0x05e4 Scan started
06:48:32.0780 0x05e4 Mode: Manual; SigCheck; TDLFS;
06:48:32.0780 0x05e4 ============================================================
06:48:32.0780 0x05e4 KSN ping started
06:48:32.0795 0x05e4 KSN ping finished: false
06:48:32.0873 0x05e4 ================ Scan system memory ========================
06:48:32.0873 0x05e4 System memory - ok
06:48:32.0873 0x05e4 ================ Scan services =============================
06:48:32.0904 0x05e4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:48:49.0160 0x05e4 1394ohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0222 0x05e4 1394ohci ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0238 0x05e4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:48:49.0269 0x05e4 ACPI - ok
06:48:49.0269 0x05e4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:48:49.0269 0x05e4 AcpiPmi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0269 0x05e4 AcpiPmi ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0269 0x05e4 Force sending object to P2P due to detect: AcpiPmi
06:48:49.0269 0x05e4 Object send P2P result: false
06:48:49.0284 0x05e4 [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:48:49.0284 0x05e4 AdobeARMservice - ok
06:48:49.0316 0x05e4 [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:48:49.0316 0x05e4 AdobeFlashPlayerUpdateSvc - ok
06:48:49.0331 0x05e4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
06:48:49.0362 0x05e4 adp94xx - ok
06:48:49.0362 0x05e4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
06:48:49.0378 0x05e4 adpahci - ok
06:48:49.0394 0x05e4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
06:48:49.0394 0x05e4 adpu320 - ok
06:48:49.0409 0x05e4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:48:49.0409 0x05e4 AeLookupSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0409 0x05e4 Object is SCO, delete is not allowed
06:48:49.0409 0x05e4 AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0425 0x05e4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
06:48:49.0440 0x05e4 AFD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0440 0x05e4 Object is SCO, delete is not allowed
06:48:49.0440 0x05e4 AFD ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0440 0x05e4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
06:48:49.0440 0x05e4 agp440 - ok
06:48:49.0456 0x05e4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
06:48:49.0456 0x05e4 ALG - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0456 0x05e4 ALG ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0456 0x05e4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
06:48:49.0472 0x05e4 aliide - ok
06:48:49.0472 0x05e4 [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:48:49.0487 0x05e4 AMD External Events Utility - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0487 0x05e4 AMD External Events Utility ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0487 0x05e4 Force sending object to P2P due to detect: AMD External Events Utility
06:48:49.0487 0x05e4 Object send P2P result: false
06:48:49.0503 0x05e4 AMD FUEL Service - ok
06:48:49.0503 0x05e4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
06:48:49.0503 0x05e4 amdide - ok
06:48:49.0518 0x05e4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
06:48:49.0518 0x05e4 AmdK8 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0518 0x05e4 Object is SCO, delete is not allowed
06:48:49.0518 0x05e4 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0924 0x05e4 [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
06:48:50.0423 0x05e4 amdkmdag - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0423 0x05e4 amdkmdag ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0454 0x05e4 [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
06:48:50.0470 0x05e4 amdkmdap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0470 0x05e4 amdkmdap ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0470 0x05e4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:48:50.0486 0x05e4 AmdPPM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0486 0x05e4 AmdPPM ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0486 0x05e4 Force sending object to P2P due to detect: AmdPPM
06:48:50.0486 0x05e4 Object send P2P result: false
06:48:50.0486 0x05e4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:48:50.0501 0x05e4 amdsata - ok
06:48:50.0501 0x05e4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
06:48:50.0517 0x05e4 amdsbs - ok
06:48:50.0517 0x05e4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:48:50.0517 0x05e4 amdxata - ok
06:48:50.0532 0x05e4 AODDriver4.2.0 - ok
06:48:50.0532 0x05e4 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
06:48:50.0548 0x05e4 AODDriver4.3 - ok
06:48:50.0548 0x05e4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
06:48:50.0548 0x05e4 AppID - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0548 0x05e4 AppID ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0548 0x05e4 Force sending object to P2P due to detect: AppID
06:48:50.0548 0x05e4 Object send P2P result: false
06:48:50.0564 0x05e4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:48:50.0564 0x05e4 AppIDSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4 AppIDSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0564 0x05e4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
06:48:50.0564 0x05e4 Appinfo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4 Object is SCO, delete is not allowed
06:48:50.0564 0x05e4 Appinfo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0579 0x05e4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
06:48:50.0579 0x05e4 arc - ok
06:48:50.0595 0x05e4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
06:48:50.0595 0x05e4 arcsas - ok
06:48:50.0610 0x05e4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:48:50.0626 0x05e4 aspnet_state - ok
06:48:50.0626 0x05e4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:48:50.0626 0x05e4 AsyncMac - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0626 0x05e4 Object is SCO, delete is not allowed
06:48:50.0626 0x05e4 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0626 0x05e4 Force sending object to P2P due to detect: AsyncMac
06:48:50.0626 0x05e4 Object send P2P result: false
06:48:50.0642 0x05e4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
06:48:50.0642 0x05e4 atapi - ok
06:48:50.0642 0x05e4 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
06:48:50.0657 0x05e4 AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0657 0x05e4 AtiHDAudioService ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0673 0x05e4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:48:50.0688 0x05e4 AudioEndpointBuilder - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0688 0x05e4 Object is SCO, delete is not allowed
06:48:50.0688 0x05e4 AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0704 0x05e4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:48:50.0720 0x05e4 AudioSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0720 0x05e4 Object is SCO, delete is not allowed
06:48:50.0720 0x05e4 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0735 0x05e4 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
06:48:50.0735 0x05e4 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0735 0x05e4 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0751 0x05e4 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
06:48:50.0751 0x05e4 avmeject - ok
06:48:50.0751 0x05e4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:48:50.0766 0x05e4 AxInstSV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0766 0x05e4 AxInstSV ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0766 0x05e4 Force sending object to P2P due to detect: AxInstSV
06:48:50.0766 0x05e4 Object send P2P result: false
06:48:50.0766 0x05e4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
06:48:50.0782 0x05e4 b06bdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0782 0x05e4 b06bdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0782 0x05e4 Force sending object to P2P due to detect: b06bdrv
06:48:50.0782 0x05e4 Object send P2P result: false
06:48:50.0798 0x05e4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:48:50.0813 0x05e4 b57nd60a - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4 b57nd60a ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
06:48:50.0813 0x05e4 BDESVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4 BDESVC ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
06:48:50.0829 0x05e4 Beep - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0829 0x05e4 Beep ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0844 0x05e4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
06:48:50.0860 0x05e4 BFE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0860 0x05e4 Object is SCO, delete is not allowed
06:48:50.0860 0x05e4 BFE ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0876 0x05e4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
06:48:50.0907 0x05e4 BITS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4 BITS ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0907 0x05e4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
06:48:50.0907 0x05e4 blbdrive - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4 Object is SCO, delete is not allowed
06:48:50.0907 0x05e4 blbdrive ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:48:50.0922 0x05e4 bowser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4 Object is SCO, delete is not allowed
06:48:50.0922 0x05e4 bowser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4 Force sending object to P2P due to detect: bowser
06:48:50.0922 0x05e4 Object send P2P result: false
06:48:50.0922 0x05e4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:48:50.0922 0x05e4 BrFiltLo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4 Object is SCO, delete is not allowed
06:48:50.0922 0x05e4 BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:48:50.0938 0x05e4 BrFiltUp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4 Object is SCO, delete is not allowed
06:48:50.0938 0x05e4 BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
06:48:50.0938 0x05e4 BridgeMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4 Object is SCO, delete is not allowed
06:48:50.0938 0x05e4 BridgeMP ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4 Force sending object to P2P due to detect: BridgeMP
06:48:50.0938 0x05e4 Object send P2P result: false
06:48:50.0954 0x05e4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
06:48:50.0954 0x05e4 Browser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0954 0x05e4 Browser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:48:50.0969 0x05e4 Brserid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0969 0x05e4 Object is SCO, delete is not allowed
06:48:50.0969 0x05e4 Brserid ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4 Force sending object to P2P due to detect: Brserid
06:48:50.0969 0x05e4 Object send P2P result: false
06:48:50.0969 0x05e4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:48:50.0985 0x05e4 BrSerWdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4 Object is SCO, delete is not allowed
06:48:50.0985 0x05e4 BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:48:50.0985 0x05e4 BrUsbMdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4 Object is SCO, delete is not allowed
06:48:50.0985 0x05e4 BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4 Force sending object to P2P due to detect: BrUsbMdm
06:48:50.0985 0x05e4 Object send P2P result: false
06:48:50.0985 0x05e4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:48:50.0985 0x05e4 BrUsbSer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4 Object is SCO, delete is not allowed
06:48:50.0985 0x05e4 BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:48:51.0000 0x05e4 BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4 Object is SCO, delete is not allowed
06:48:51.0000 0x05e4 BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
06:48:51.0000 0x05e4 bthserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4 Object is SCO, delete is not allowed
06:48:51.0000 0x05e4 bthserv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:48:51.0016 0x05e4 cdfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0016 0x05e4 Object is SCO, delete is not allowed
06:48:51.0016 0x05e4 cdfs ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
06:48:51.0032 0x05e4 cdrom - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4 Object is SCO, delete is not allowed
06:48:51.0032 0x05e4 cdrom ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0032 0x05e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
06:48:51.0032 0x05e4 CertPropSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4 Object is SCO, delete is not allowed
06:48:51.0032 0x05e4 CertPropSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
06:48:51.0047 0x05e4 circlass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0047 0x05e4 Object is SCO, delete is not allowed
06:48:51.0047 0x05e4 circlass ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
06:48:51.0063 0x05e4 CLFS - ok
06:48:51.0078 0x05e4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:48:51.0078 0x05e4 clr_optimization_v2.0.50727_32 - ok
06:48:51.0094 0x05e4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:48:51.0094 0x05e4 clr_optimization_v2.0.50727_64 - ok
06:48:51.0110 0x05e4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:48:51.0141 0x05e4 clr_optimization_v4.0.30319_32 - ok
06:48:51.0141 0x05e4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:48:51.0156 0x05e4 clr_optimization_v4.0.30319_64 - ok
06:48:51.0156 0x05e4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:48:51.0156 0x05e4 CmBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0156 0x05e4 Object is SCO, delete is not allowed
06:48:51.0156 0x05e4 CmBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0156 0x05e4 Force sending object to P2P due to detect: CmBatt
06:48:51.0172 0x05e4 Object send P2P result: false
06:48:51.0172 0x05e4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:48:51.0172 0x05e4 cmdide - ok
06:48:51.0188 0x05e4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
06:48:51.0203 0x05e4 CNG - ok
06:48:51.0219 0x05e4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:48:51.0219 0x05e4 Compbatt - ok
06:48:51.0219 0x05e4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:48:51.0219 0x05e4 CompositeBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0219 0x05e4 CompositeBus ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0219 0x05e4 Force sending object to P2P due to detect: CompositeBus
06:48:51.0234 0x05e4 Object send P2P result: false
06:48:51.0234 0x05e4 COMSysApp - ok
06:48:51.0234 0x05e4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
06:48:51.0234 0x05e4 crcdisk - ok
06:48:51.0250 0x05e4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:48:51.0250 0x05e4 CryptSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0250 0x05e4 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0266 0x05e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:48:51.0281 0x05e4 DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0281 0x05e4 Object is SCO, delete is not allowed
06:48:51.0281 0x05e4 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0281 0x05e4 Force sending object to P2P due to detect: DcomLaunch
06:48:51.0281 0x05e4 Object send P2P result: false
06:48:51.0297 0x05e4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
06:48:51.0297 0x05e4 defragsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0297 0x05e4 defragsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0312 0x05e4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:48:51.0312 0x05e4 DfsC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0312 0x05e4 Object is SCO, delete is not allowed
06:48:51.0312 0x05e4 DfsC ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0328 0x05e4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
06:48:51.0328 0x05e4 Dhcp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0328 0x05e4 Dhcp ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
06:48:51.0344 0x05e4 discache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0344 0x05e4 discache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
06:48:51.0359 0x05e4 Disk - ok
06:48:51.0359 0x05e4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:48:51.0375 0x05e4 Dnscache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0375 0x05e4 Object is SCO, delete is not allowed
06:48:51.0375 0x05e4 Dnscache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0375 0x05e4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
06:48:51.0390 0x05e4 dot3svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4 Object is SCO, delete is not allowed
06:48:51.0390 0x05e4 dot3svc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0390 0x05e4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
06:48:51.0390 0x05e4 DPS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4 Object is SCO, delete is not allowed
06:48:51.0390 0x05e4 DPS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0406 0x05e4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:48:51.0406 0x05e4 drmkaud - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0406 0x05e4 drmkaud ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0422 0x05e4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:48:51.0453 0x05e4 DXGKrnl - ok
06:48:51.0453 0x05e4 EagleX64 - ok
06:48:51.0468 0x05e4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
06:48:51.0468 0x05e4 EapHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0468 0x05e4 Object is SCO, delete is not allowed
06:48:51.0468 0x05e4 EapHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0593 0x05e4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
06:48:51.0671 0x05e4 ebdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0671 0x05e4 ebdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0687 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\Windows\System32\lsass.exe
06:48:51.0687 0x05e4 EFS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0687 0x05e4 Object is SCO, delete is not allowed
06:48:51.0687 0x05e4 EFS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0702 0x05e4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:48:51.0718 0x05e4 ehRecvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0718 0x05e4 Object is SCO, delete is not allowed
06:48:51.0718 0x05e4 ehRecvr ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0734 0x05e4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
06:48:51.0734 0x05e4 ehSched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0734 0x05e4 Object is SCO, delete is not allowed
06:48:51.0734 0x05e4 ehSched ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0749 0x05e4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
06:48:51.0765 0x05e4 elxstor - ok
06:48:51.0765 0x05e4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:48:51.0765 0x05e4 ErrDev - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0765 0x05e4 Object is SCO, delete is not allowed
06:48:51.0765 0x05e4 ErrDev ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0780 0x05e4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
06:48:51.0796 0x05e4 EventSystem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0796 0x05e4 EventSystem ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
06:48:51.0812 0x05e4 exfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0812 0x05e4 Object is SCO, delete is not allowed
06:48:51.0812 0x05e4 exfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4 Force sending object to P2P due to detect: exfat
06:48:51.0812 0x05e4 Object send P2P result: false
06:48:51.0827 0x05e4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:48:51.0827 0x05e4 fastfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0827 0x05e4 Object is SCO, delete is not allowed
06:48:51.0827 0x05e4 fastfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0827 0x05e4 Force sending object to P2P due to detect: fastfat
06:48:51.0827 0x05e4 Object send P2P result: false
06:48:51.0843 0x05e4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
06:48:51.0858 0x05e4 Fax - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0858 0x05e4 Object is SCO, delete is not allowed
06:48:51.0858 0x05e4 Fax ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:48:51.0874 0x05e4 fdc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4 Object is SCO, delete is not allowed
06:48:51.0874 0x05e4 fdc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
06:48:51.0874 0x05e4 fdPHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4 Object is SCO, delete is not allowed
06:48:51.0874 0x05e4 fdPHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
06:48:51.0890 0x05e4 FDResPub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0890 0x05e4 Object is SCO, delete is not allowed
06:48:51.0890 0x05e4 FDResPub ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0890 0x05e4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:48:51.0890 0x05e4 FileInfo - ok
06:48:51.0905 0x05e4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:48:51.0905 0x05e4 Filetrace - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4 Object is SCO, delete is not allowed
06:48:51.0905 0x05e4 Filetrace ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:48:51.0905 0x05e4 flpydisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4 Object is SCO, delete is not allowed
06:48:51.0905 0x05e4 flpydisk ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4 Force sending object to P2P due to detect: flpydisk
06:48:51.0905 0x05e4 Object send P2P result: false
06:48:51.0921 0x05e4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:48:51.0936 0x05e4 FltMgr - ok
06:48:51.0936 0x05e4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:48:51.0936 0x05e4 FontCache3.0.0.0 - ok
06:48:51.0952 0x05e4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:48:51.0952 0x05e4 FsDepends - ok
06:48:51.0952 0x05e4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:48:51.0968 0x05e4 Fs_Rec - ok
06:48:51.0968 0x05e4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
06:48:51.0983 0x05e4 fvevol - ok
06:48:51.0999 0x05e4 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
06:48:52.0014 0x05e4 FWLANUSB - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0014 0x05e4 FWLANUSB ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0014 0x05e4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
06:48:52.0014 0x05e4 gagp30kx - ok
06:48:52.0046 0x05e4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
06:48:52.0061 0x05e4 gpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0061 0x05e4 Object is SCO, delete is not allowed
06:48:52.0061 0x05e4 gpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0061 0x05e4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
06:48:52.0077 0x05e4 hcw85cir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0077 0x05e4 hcw85cir ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0077 0x05e4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:48:52.0092 0x05e4 HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0092 0x05e4 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0092 0x05e4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
06:48:52.0108 0x05e4 HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4 Object is SCO, delete is not allowed
06:48:52.0108 0x05e4 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
06:48:52.0108 0x05e4 HidBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4 HidBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
06:48:52.0124 0x05e4 HidBth - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4 Object is SCO, delete is not allowed
06:48:52.0124 0x05e4 HidBth ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
06:48:52.0124 0x05e4 HidIr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4 Object is SCO, delete is not allowed
06:48:52.0124 0x05e4 HidIr ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
06:48:52.0124 0x05e4 hidserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4 Object is SCO, delete is not allowed
06:48:52.0124 0x05e4 hidserv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
06:48:52.0139 0x05e4 HidUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0139 0x05e4 Object is SCO, delete is not allowed
06:48:52.0139 0x05e4 HidUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4 Force sending object to P2P due to detect: HidUsb
06:48:52.0139 0x05e4 Object send P2P result: false
06:48:52.0139 0x05e4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:48:52.0155 0x05e4 hkmsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0155 0x05e4 Object is SCO, delete is not allowed
06:48:52.0155 0x05e4 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0155 0x05e4 Force sending object to P2P due to detect: hkmsvc
06:48:52.0155 0x05e4 Object send P2P result: false
06:48:52.0155 0x05e4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:48:52.0170 0x05e4 HomeGroupListener - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0170 0x05e4 HomeGroupListener ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0170 0x05e4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:48:52.0170 0x05e4 HomeGroupProvider - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0186 0x05e4 HomeGroupProvider ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0186 0x05e4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
06:48:52.0186 0x05e4 HpSAMD - ok
06:48:52.0202 0x05e4 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
06:48:52.0202 0x05e4 HTCAND64 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0202 0x05e4 HTCAND64 ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0217 0x05e4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:48:52.0233 0x05e4 HTTP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0233 0x05e4 Object is SCO, delete is not allowed
06:48:52.0233 0x05e4 HTTP ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0248 0x05e4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
06:48:52.0248 0x05e4 hwpolicy - ok
06:48:52.0248 0x05e4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
06:48:52.0264 0x05e4 i8042prt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0264 0x05e4 Object is SCO, delete is not allowed
06:48:52.0264 0x05e4 i8042prt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0264 0x05e4 Force sending object to P2P due to detect: i8042prt
06:48:52.0264 0x05e4 Object send P2P result: false
06:48:52.0264 0x05e4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
06:48:52.0280 0x05e4 iaStorV - ok
06:48:52.0311 0x05e4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:48:52.0326 0x05e4 idsvc - ok
06:48:52.0342 0x05e4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
06:48:52.0342 0x05e4 iirsp - ok
06:48:52.0373 0x05e4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
06:48:52.0389 0x05e4 IKEEXT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0389 0x05e4 Object is SCO, delete is not allowed
06:48:52.0389 0x05e4 IKEEXT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0482 0x05e4 [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:48:52.0592 0x05e4 IntcAzAudAddService - ok
06:48:52.0592 0x05e4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
06:48:52.0607 0x05e4 intelide - ok
06:48:52.0607 0x05e4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:48:52.0607 0x05e4 intelppm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0607 0x05e4 Object is SCO, delete is not allowed
06:48:52.0607 0x05e4 intelppm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0607 0x05e4 Force sending object to P2P due to detect: intelppm
06:48:52.0607 0x05e4 Object send P2P result: false
06:48:52.0607 0x05e4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:48:52.0623 0x05e4 IPBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4 Object is SCO, delete is not allowed
06:48:52.0623 0x05e4 IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4 Force sending object to P2P due to detect: IPBusEnum
06:48:52.0623 0x05e4 Object send P2P result: false
06:48:52.0623 0x05e4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:48:52.0623 0x05e4 IpFilterDriver - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4 Object is SCO, delete is not allowed
06:48:52.0623 0x05e4 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4 Force sending object to P2P due to detect: IpFilterDriver
06:48:52.0623 0x05e4 Object send P2P result: false
06:48:52.0638 0x05e4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:48:52.0654 0x05e4 iphlpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0654 0x05e4 Object is SCO, delete is not allowed
06:48:52.0654 0x05e4 iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
06:48:52.0670 0x05e4 IPMIDRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0670 0x05e4 Object is SCO, delete is not allowed
06:48:52.0670 0x05e4 IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
06:48:52.0685 0x05e4 IPNAT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4 Object is SCO, delete is not allowed
06:48:52.0685 0x05e4 IPNAT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:48:52.0685 0x05e4 IRENUM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4 Object is SCO, delete is not allowed
06:48:52.0685 0x05e4 IRENUM ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4 Force sending object to P2P due to detect: IRENUM
06:48:52.0685 0x05e4 Object send P2P result: false
06:48:52.0685 0x05e4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:48:52.0701 0x05e4 isapnp - ok
06:48:52.0701 0x05e4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
06:48:52.0716 0x05e4 iScsiPrt - ok
06:48:52.0716 0x05e4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
06:48:52.0732 0x05e4 kbdclass - ok
06:48:52.0732 0x05e4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
06:48:52.0732 0x05e4 kbdhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0732 0x05e4 Object is SCO, delete is not allowed
06:48:52.0732 0x05e4 kbdhid ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0732 0x05e4 Force sending object to P2P due to detect: kbdhid
06:48:52.0732 0x05e4 Object send P2P result: false
06:48:52.0732 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\Windows\system32\lsass.exe
06:48:52.0748 0x05e4 KeyIso - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0748 0x05e4 Object is SCO, delete is not allowed
06:48:52.0748 0x05e4 KeyIso ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0748 0x05e4 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:48:52.0748 0x05e4 KSecDD - ok
06:48:52.0763 0x05e4 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
06:48:52.0763 0x05e4 KSecPkg - ok
06:48:52.0779 0x05e4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
06:48:52.0779 0x05e4 ksthunk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0779 0x05e4 ksthunk ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0794 0x05e4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
06:48:52.0794 0x05e4 KtmRm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0794 0x05e4 Object is SCO, delete is not allowed
06:48:52.0794 0x05e4 KtmRm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
06:48:52.0810 0x05e4 LanmanServer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0810 0x05e4 Object is SCO, delete is not allowed
06:48:52.0810 0x05e4 LanmanServer ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4 Force sending object to P2P due to detect: LanmanServer
06:48:52.0810 0x05e4 Object send P2P result: false
06:48:52.0826 0x05e4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:48:52.0826 0x05e4 LanmanWorkstation - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0826 0x05e4 Object is SCO, delete is not allowed
06:48:52.0826 0x05e4 LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0826 0x05e4 Force sending object to P2P due to detect: LanmanWorkstation
06:48:52.0826 0x05e4 Object send P2P result: false
06:48:52.0826 0x05e4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:48:52.0841 0x05e4 lltdio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0841 0x05e4 Object is SCO, delete is not allowed
06:48:52.0841 0x05e4 lltdio ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0841 0x05e4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:48:52.0857 0x05e4 lltdsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4 Object is SCO, delete is not allowed
06:48:52.0857 0x05e4 lltdsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0857 0x05e4 Force sending object to P2P due to detect: lltdsvc
06:48:52.0857 0x05e4 Object send P2P result: false
06:48:52.0857 0x05e4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:48:52.0857 0x05e4 lmhosts - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4 Object is SCO, delete is not allowed
06:48:52.0857 0x05e4 lmhosts ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0872 0x05e4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
06:48:52.0872 0x05e4 LSI_FC - ok
06:48:52.0888 0x05e4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
06:48:52.0888 0x05e4 LSI_SAS - ok
06:48:52.0904 0x05e4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:48:52.0904 0x05e4 LSI_SAS2 - ok
06:48:52.0904 0x05e4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:48:52.0919 0x05e4 LSI_SCSI - ok
06:48:52.0919 0x05e4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
06:48:52.0919 0x05e4 luafv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0935 0x05e4 Object is SCO, delete is not allowed
06:48:52.0935 0x05e4 luafv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0935 0x05e4 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
06:48:52.0950 0x05e4 LVRS64 - ok
06:48:52.0950 0x05e4 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
06:48:52.0966 0x05e4 MBfilt - ok
06:48:52.0966 0x05e4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:48:52.0982 0x05e4 Mcx2Svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0982 0x05e4 Object is SCO, delete is not allowed
06:48:52.0982 0x05e4 Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0982 0x05e4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
06:48:52.0982 0x05e4 megasas - ok
06:48:52.0997 0x05e4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
06:48:53.0013 0x05e4 MegaSR - ok
06:48:53.0013 0x05e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
06:48:53.0013 0x05e4 MMCSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0013 0x05e4 Object is SCO, delete is not allowed
06:48:53.0013 0x05e4 MMCSS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0013 0x05e4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
06:48:53.0028 0x05e4 Modem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4 Object is SCO, delete is not allowed
06:48:53.0028 0x05e4 Modem ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:48:53.0028 0x05e4 monitor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4 Object is SCO, delete is not allowed
06:48:53.0028 0x05e4 monitor ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4 Force sending object to P2P due to detect: monitor
06:48:53.0028 0x05e4 Object send P2P result: false
06:48:53.0028 0x05e4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
06:48:53.0044 0x05e4 mouclass - ok
06:48:53.0044 0x05e4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
06:48:53.0044 0x05e4 mouhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0044 0x05e4 Object is SCO, delete is not allowed
06:48:53.0044 0x05e4 mouhid ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0044 0x05e4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
06:48:53.0060 0x05e4 mountmgr - ok
06:48:53.0060 0x05e4 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:48:53.0075 0x05e4 MozillaMaintenance - ok
06:48:53.0091 0x05e4 [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
06:48:53.0091 0x05e4 MpFilter - ok
06:48:53.0106 0x05e4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
06:48:53.0106 0x05e4 mpio - ok
06:48:53.0122 0x05e4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:48:53.0122 0x05e4 mpsdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0122 0x05e4 Object is SCO, delete is not allowed
06:48:53.0122 0x05e4 mpsdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0138 0x05e4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
06:48:53.0169 0x05e4 MpsSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0169 0x05e4 Object is SCO, delete is not allowed
06:48:53.0169 0x05e4 MpsSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0169 0x05e4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:48:53.0169 0x05e4 MRxDAV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4 Object is SCO, delete is not allowed
06:48:53.0184 0x05e4 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0184 0x05e4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:48:53.0184 0x05e4 mrxsmb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4 Object is SCO, delete is not allowed
06:48:53.0184 0x05e4 mrxsmb ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0200 0x05e4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:48:53.0200 0x05e4 mrxsmb10 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0200 0x05e4 Object is SCO, delete is not allowed
06:48:53.0200 0x05e4 mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:48:53.0216 0x05e4 mrxsmb20 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0216 0x05e4 Object is SCO, delete is not allowed
06:48:53.0216 0x05e4 mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4 Force sending object to P2P due to detect: mrxsmb20
06:48:53.0216 0x05e4 Object send P2P result: false
06:48:53.0216 0x05e4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
06:48:53.0231 0x05e4 msahci - ok
06:48:53.0231 0x05e4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:48:53.0247 0x05e4 msdsm - ok
06:48:53.0247 0x05e4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
06:48:53.0262 0x05e4 MSDTC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4 Object is SCO, delete is not allowed
06:48:53.0262 0x05e4 MSDTC ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:48:53.0262 0x05e4 Msfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4 Object is SCO, delete is not allowed
06:48:53.0262 0x05e4 Msfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4 Force sending object to P2P due to detect: Msfs
06:48:53.0262 0x05e4 Object send P2P result: false
06:48:53.0262 0x05e4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
06:48:53.0262 0x05e4 mshidkmdf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4 mshidkmdf ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0278 0x05e4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:48:53.0278 0x05e4 msisadrv - ok
06:48:53.0294 0x05e4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:48:53.0294 0x05e4 MSiSCSI - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4 Object is SCO, delete is not allowed
06:48:53.0294 0x05e4 MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
|
|
27.04.2015, 06:11
| #9 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. 3ter Teil: Code:
ATTFilter 06:48:53.0294 0x05e4 msiserver - ok
06:48:53.0294 0x05e4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:48:53.0294 0x05e4 MSKSSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4 Object is SCO, delete is not allowed
06:48:53.0294 0x05e4 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0294 0x05e4 Force sending object to P2P due to detect: MSKSSRV
06:48:53.0309 0x05e4 Object send P2P result: false
06:48:53.0309 0x05e4 [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
06:48:53.0309 0x05e4 MsMpSvc - ok
06:48:53.0309 0x05e4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:48:53.0325 0x05e4 MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4 Object is SCO, delete is not allowed
06:48:53.0325 0x05e4 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4 Force sending object to P2P due to detect: MSPCLOCK
06:48:53.0325 0x05e4 Object send P2P result: false
06:48:53.0325 0x05e4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:48:53.0325 0x05e4 MSPQM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4 Object is SCO, delete is not allowed
06:48:53.0325 0x05e4 MSPQM ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4 Force sending object to P2P due to detect: MSPQM
06:48:53.0325 0x05e4 Object send P2P result: false
06:48:53.0340 0x05e4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:48:53.0356 0x05e4 MsRPC - ok
06:48:53.0356 0x05e4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
06:48:53.0356 0x05e4 mssmbios - ok
06:48:53.0356 0x05e4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:48:53.0372 0x05e4 MSTEE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4 Object is SCO, delete is not allowed
06:48:53.0372 0x05e4 MSTEE ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
06:48:53.0372 0x05e4 MTConfig - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4 MTConfig ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
06:48:53.0387 0x05e4 Mup - ok
06:48:53.0403 0x05e4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
06:48:53.0418 0x05e4 napagent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0418 0x05e4 Object is SCO, delete is not allowed
06:48:53.0418 0x05e4 napagent ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0418 0x05e4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:48:53.0434 0x05e4 NativeWifiP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0434 0x05e4 Object is SCO, delete is not allowed
06:48:53.0434 0x05e4 NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0450 0x05e4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
06:48:53.0481 0x05e4 NDIS - ok
06:48:53.0481 0x05e4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
06:48:53.0496 0x05e4 NdisCap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4 NdisCap ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4 Force sending object to P2P due to detect: NdisCap
06:48:53.0496 0x05e4 Object send P2P result: false
06:48:53.0496 0x05e4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:48:53.0496 0x05e4 NdisTapi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4 Object is SCO, delete is not allowed
06:48:53.0496 0x05e4 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:48:53.0512 0x05e4 Ndisuio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4 Object is SCO, delete is not allowed
06:48:53.0512 0x05e4 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0512 0x05e4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:48:53.0512 0x05e4 NdisWan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4 Object is SCO, delete is not allowed
06:48:53.0512 0x05e4 NdisWan ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:48:53.0528 0x05e4 NDProxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4 Object is SCO, delete is not allowed
06:48:53.0528 0x05e4 NDProxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:48:53.0528 0x05e4 NetBIOS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4 Object is SCO, delete is not allowed
06:48:53.0528 0x05e4 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0543 0x05e4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
06:48:53.0543 0x05e4 NetBT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0543 0x05e4 Object is SCO, delete is not allowed
06:48:53.0543 0x05e4 NetBT ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\Windows\system32\lsass.exe
06:48:53.0559 0x05e4 Netlogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0559 0x05e4 Object is SCO, delete is not allowed
06:48:53.0559 0x05e4 Netlogon ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4 Force sending object to P2P due to detect: Netlogon
06:48:53.0559 0x05e4 Object send P2P result: false
06:48:53.0559 0x05e4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
06:48:53.0574 0x05e4 Netman - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0574 0x05e4 Netman ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0590 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0590 0x05e4 NetMsmqActivator - ok
06:48:53.0606 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0606 0x05e4 NetPipeActivator - ok
06:48:53.0621 0x05e4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
06:48:53.0637 0x05e4 netprofm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0637 0x05e4 Object is SCO, delete is not allowed
06:48:53.0637 0x05e4 netprofm ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0637 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0652 0x05e4 NetTcpActivator - ok
06:48:53.0652 0x05e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0668 0x05e4 NetTcpPortSharing - ok
06:48:53.0668 0x05e4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
06:48:53.0684 0x05e4 nfrd960 - ok
06:48:53.0684 0x05e4 [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
06:48:53.0699 0x05e4 NisDrv - ok
06:48:53.0699 0x05e4 [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
06:48:53.0730 0x05e4 NisSrv - ok
06:48:53.0730 0x05e4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
06:48:53.0746 0x05e4 NlaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4 Object is SCO, delete is not allowed
06:48:53.0746 0x05e4 NlaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0746 0x05e4 Force sending object to P2P due to detect: NlaSvc
06:48:53.0746 0x05e4 Object send P2P result: false
06:48:53.0746 0x05e4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:48:53.0746 0x05e4 Npfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4 Object is SCO, delete is not allowed
06:48:53.0746 0x05e4 Npfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
06:48:53.0762 0x05e4 nsi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4 Object is SCO, delete is not allowed
06:48:53.0762 0x05e4 nsi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:48:53.0762 0x05e4 nsiproxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4 Object is SCO, delete is not allowed
06:48:53.0762 0x05e4 nsiproxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0808 0x05e4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:48:53.0855 0x05e4 Ntfs - ok
06:48:53.0855 0x05e4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
06:48:53.0855 0x05e4 Null - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0855 0x05e4 Object is SCO, delete is not allowed
06:48:53.0855 0x05e4 Null ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0855 0x05e4 Force sending object to P2P due to detect: Null
06:48:53.0855 0x05e4 Object send P2P result: false
06:48:53.0855 0x05e4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:48:53.0871 0x05e4 nvraid - ok
06:48:53.0886 0x05e4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:48:53.0886 0x05e4 nvstor - ok
06:48:53.0902 0x05e4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:48:53.0902 0x05e4 nv_agp - ok
06:48:53.0902 0x05e4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
06:48:53.0918 0x05e4 ohci1394 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0918 0x05e4 Object is SCO, delete is not allowed
06:48:53.0918 0x05e4 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0918 0x05e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
06:48:53.0933 0x05e4 p2pimsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0933 0x05e4 p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0949 0x05e4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
06:48:53.0964 0x05e4 p2psvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4 Object is SCO, delete is not allowed
06:48:53.0964 0x05e4 p2psvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
06:48:53.0964 0x05e4 Parport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4 Object is SCO, delete is not allowed
06:48:53.0964 0x05e4 Parport ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:48:53.0980 0x05e4 partmgr - ok
06:48:53.0980 0x05e4 [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
06:48:53.0996 0x05e4 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0996 0x05e4 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0996 0x05e4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
06:48:54.0011 0x05e4 PcaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0011 0x05e4 Object is SCO, delete is not allowed
06:48:54.0011 0x05e4 PcaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0011 0x05e4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
06:48:54.0027 0x05e4 pci - ok
06:48:54.0027 0x05e4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
06:48:54.0027 0x05e4 pciide - ok
06:48:54.0042 0x05e4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
06:48:54.0058 0x05e4 pcmcia - ok
06:48:54.0058 0x05e4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
06:48:54.0074 0x05e4 pcw - ok
06:48:54.0089 0x05e4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:48:54.0105 0x05e4 PEAUTH - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0105 0x05e4 Object is SCO, delete is not allowed
06:48:54.0105 0x05e4 PEAUTH ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0105 0x05e4 Force sending object to P2P due to detect: PEAUTH
06:48:54.0105 0x05e4 Object send P2P result: false
06:48:54.0120 0x05e4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
06:48:54.0136 0x05e4 PerfHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0136 0x05e4 PerfHost ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0167 0x05e4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
06:48:54.0198 0x05e4 pla - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0198 0x05e4 Object is SCO, delete is not allowed
06:48:54.0198 0x05e4 pla ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0198 0x05e4 Force sending object to P2P due to detect: pla
06:48:54.0214 0x05e4 Object send P2P result: false
06:48:54.0230 0x05e4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:48:54.0230 0x05e4 PlugPlay - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0230 0x05e4 Object is SCO, delete is not allowed
06:48:54.0230 0x05e4 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
06:48:54.0245 0x05e4 PNRPAutoReg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0245 0x05e4 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
06:48:54.0261 0x05e4 PNRPsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0261 0x05e4 PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0276 0x05e4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:48:54.0292 0x05e4 PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0292 0x05e4 Object is SCO, delete is not allowed
06:48:54.0292 0x05e4 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0292 0x05e4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
06:48:54.0308 0x05e4 Power - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4 Power ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0308 0x05e4 Force sending object to P2P due to detect: Power
06:48:54.0308 0x05e4 Object send P2P result: false
06:48:54.0308 0x05e4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:48:54.0308 0x05e4 PptpMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4 Object is SCO, delete is not allowed
06:48:54.0308 0x05e4 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
06:48:54.0323 0x05e4 Processor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0323 0x05e4 Object is SCO, delete is not allowed
06:48:54.0323 0x05e4 Processor ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4 Force sending object to P2P due to detect: Processor
06:48:54.0323 0x05e4 Object send P2P result: false
06:48:54.0323 0x05e4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
06:48:54.0339 0x05e4 ProfSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4 Object is SCO, delete is not allowed
06:48:54.0339 0x05e4 ProfSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0339 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:48:54.0339 0x05e4 ProtectedStorage - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4 Object is SCO, delete is not allowed
06:48:54.0339 0x05e4 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
06:48:54.0354 0x05e4 Psched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0354 0x05e4 Object is SCO, delete is not allowed
06:48:54.0354 0x05e4 Psched ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
06:48:54.0370 0x05e4 PxHlpa64 - ok
06:48:54.0401 0x05e4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
06:48:54.0448 0x05e4 ql2300 - ok
06:48:54.0448 0x05e4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
06:48:54.0464 0x05e4 ql40xx - ok
06:48:54.0464 0x05e4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
06:48:54.0479 0x05e4 QWAVE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4 Object is SCO, delete is not allowed
06:48:54.0479 0x05e4 QWAVE ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:48:54.0479 0x05e4 QWAVEdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4 Object is SCO, delete is not allowed
06:48:54.0479 0x05e4 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:48:54.0495 0x05e4 RasAcd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4 Object is SCO, delete is not allowed
06:48:54.0495 0x05e4 RasAcd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
06:48:54.0495 0x05e4 RasAgileVpn - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4 RasAgileVpn ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
06:48:54.0510 0x05e4 RasAuto - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4 Object is SCO, delete is not allowed
06:48:54.0510 0x05e4 RasAuto ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0510 0x05e4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:48:54.0510 0x05e4 Rasl2tp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4 Object is SCO, delete is not allowed
06:48:54.0510 0x05e4 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0526 0x05e4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
06:48:54.0542 0x05e4 RasMan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4 Object is SCO, delete is not allowed
06:48:54.0542 0x05e4 RasMan ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0542 0x05e4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:48:54.0542 0x05e4 RasPppoe - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4 Object is SCO, delete is not allowed
06:48:54.0542 0x05e4 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:48:54.0557 0x05e4 RasSstp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0557 0x05e4 Object is SCO, delete is not allowed
06:48:54.0557 0x05e4 RasSstp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:48:54.0573 0x05e4 rdbss - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0573 0x05e4 Object is SCO, delete is not allowed
06:48:54.0573 0x05e4 rdbss ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0573 0x05e4 Force sending object to P2P due to detect: rdbss
06:48:54.0573 0x05e4 Object send P2P result: false
06:48:54.0573 0x05e4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
06:48:54.0588 0x05e4 rdpbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4 rdpbus ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:48:54.0588 0x05e4 RDPCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4 Object is SCO, delete is not allowed
06:48:54.0588 0x05e4 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:48:54.0588 0x05e4 RDPENCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4 Object is SCO, delete is not allowed
06:48:54.0588 0x05e4 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
06:48:54.0604 0x05e4 RDPREFMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4 RDPREFMP ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:48:54.0604 0x05e4 RdpVideoMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4 RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0620 0x05e4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:48:54.0620 0x05e4 RDPWD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0620 0x05e4 Object is SCO, delete is not allowed
06:48:54.0620 0x05e4 RDPWD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0635 0x05e4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
06:48:54.0635 0x05e4 rdyboost - ok
06:48:54.0651 0x05e4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:48:54.0651 0x05e4 RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0651 0x05e4 Object is SCO, delete is not allowed
06:48:54.0651 0x05e4 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0651 0x05e4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:48:54.0666 0x05e4 RemoteRegistry - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
06:48:54.0666 0x05e4 RpcEptMapper - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4 RpcEptMapper ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4 Force sending object to P2P due to detect: RpcEptMapper
06:48:54.0666 0x05e4 Object send P2P result: false
06:48:54.0682 0x05e4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
06:48:54.0682 0x05e4 RpcLocator - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0682 0x05e4 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0682 0x05e4 Force sending object to P2P due to detect: RpcLocator
06:48:54.0682 0x05e4 Object send P2P result: false
06:48:54.0698 0x05e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
06:48:54.0698 0x05e4 RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0698 0x05e4 Object is SCO, delete is not allowed
06:48:54.0698 0x05e4 RpcSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:48:54.0713 0x05e4 rspndr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4 Object is SCO, delete is not allowed
06:48:54.0713 0x05e4 rspndr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\Windows\system32\lsass.exe
06:48:54.0713 0x05e4 SamSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4 Object is SCO, delete is not allowed
06:48:54.0713 0x05e4 SamSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4 Force sending object to P2P due to detect: SamSs
06:48:54.0713 0x05e4 Object send P2P result: false
06:48:54.0729 0x05e4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:48:54.0729 0x05e4 sbp2port - ok
06:48:54.0744 0x05e4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:48:54.0744 0x05e4 SCardSvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0744 0x05e4 Object is SCO, delete is not allowed
06:48:54.0744 0x05e4 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0760 0x05e4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
06:48:54.0760 0x05e4 scfilter - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0760 0x05e4 scfilter ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0791 0x05e4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
06:48:54.0822 0x05e4 Schedule - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4 Schedule ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0822 0x05e4 Force sending object to P2P due to detect: Schedule
06:48:54.0822 0x05e4 Object send P2P result: false
06:48:54.0822 0x05e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
06:48:54.0822 0x05e4 SCPolicySvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4 Object is SCO, delete is not allowed
06:48:54.0822 0x05e4 SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:48:54.0838 0x05e4 SDRSVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0838 0x05e4 Object is SCO, delete is not allowed
06:48:54.0838 0x05e4 SDRSVC ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:48:54.0838 0x05e4 secdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4 secdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
06:48:54.0854 0x05e4 seclogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4 Object is SCO, delete is not allowed
06:48:54.0854 0x05e4 seclogon ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
06:48:54.0854 0x05e4 SENS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4 Object is SCO, delete is not allowed
06:48:54.0854 0x05e4 SENS ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
06:48:54.0869 0x05e4 SensrSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4 SensrSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
06:48:54.0869 0x05e4 Serenum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4 Object is SCO, delete is not allowed
06:48:54.0869 0x05e4 Serenum ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
06:48:54.0885 0x05e4 Serial - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4 Object is SCO, delete is not allowed
06:48:54.0885 0x05e4 Serial ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
06:48:54.0885 0x05e4 sermouse - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4 Object is SCO, delete is not allowed
06:48:54.0885 0x05e4 sermouse ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4 Force sending object to P2P due to detect: sermouse
06:48:54.0885 0x05e4 Object send P2P result: false
06:48:54.0900 0x05e4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
06:48:54.0900 0x05e4 SessionEnv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0900 0x05e4 Object is SCO, delete is not allowed
06:48:54.0900 0x05e4 SessionEnv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0900 0x05e4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:48:54.0900 0x05e4 sffdisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4 Object is SCO, delete is not allowed
06:48:54.0916 0x05e4 sffdisk ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:48:54.0916 0x05e4 sffp_mmc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4 Object is SCO, delete is not allowed
06:48:54.0916 0x05e4 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:48:54.0916 0x05e4 sffp_sd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4 Object is SCO, delete is not allowed
06:48:54.0916 0x05e4 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
06:48:54.0932 0x05e4 sfloppy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0932 0x05e4 Object is SCO, delete is not allowed
06:48:54.0932 0x05e4 sfloppy ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0932 0x05e4 Force sending object to P2P due to detect: sfloppy
06:48:54.0932 0x05e4 Object send P2P result: false
06:48:54.0932 0x05e4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:48:54.0947 0x05e4 SharedAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0947 0x05e4 Object is SCO, delete is not allowed
06:48:54.0947 0x05e4 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0963 0x05e4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:48:54.0963 0x05e4 ShellHWDetection - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0963 0x05e4 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0978 0x05e4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:48:54.0978 0x05e4 SiSRaid2 - ok
06:48:54.0978 0x05e4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
06:48:54.0994 0x05e4 SiSRaid4 - ok
06:48:55.0056 0x05e4 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
06:48:55.0072 0x05e4 SkypeUpdate - ok
06:48:55.0072 0x05e4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:48:55.0072 0x05e4 Smb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0072 0x05e4 Object is SCO, delete is not allowed
06:48:55.0072 0x05e4 Smb ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0072 0x05e4 Force sending object to P2P due to detect: Smb
06:48:55.0072 0x05e4 Object send P2P result: false
06:48:55.0088 0x05e4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:48:55.0088 0x05e4 SNMPTRAP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0088 0x05e4 Object is SCO, delete is not allowed
06:48:55.0088 0x05e4 SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0088 0x05e4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
06:48:55.0088 0x05e4 spldr - ok
06:48:55.0103 0x05e4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
06:48:55.0119 0x05e4 Spooler - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0119 0x05e4 Spooler ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0197 0x05e4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
06:48:55.0290 0x05e4 sppsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0290 0x05e4 sppsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0290 0x05e4 Force sending object to P2P due to detect: sppsvc
06:48:55.0306 0x05e4 Object send P2P result: false
06:48:55.0306 0x05e4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
06:48:55.0306 0x05e4 sppuinotify - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0306 0x05e4 sppuinotify ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0306 0x05e4 Force sending object to P2P due to detect: sppuinotify
06:48:55.0306 0x05e4 Object send P2P result: false
06:48:55.0306 0x05e4 sptd - ok
06:48:55.0322 0x05e4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
06:48:55.0337 0x05e4 srv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0337 0x05e4 Object is SCO, delete is not allowed
06:48:55.0337 0x05e4 srv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0353 0x05e4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:48:55.0368 0x05e4 srv2 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0368 0x05e4 Object is SCO, delete is not allowed
06:48:55.0368 0x05e4 srv2 ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0368 0x05e4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:48:55.0384 0x05e4 srvnet - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0384 0x05e4 Object is SCO, delete is not allowed
06:48:55.0384 0x05e4 srvnet ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0384 0x05e4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:48:55.0400 0x05e4 SSDPSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0400 0x05e4 Force sending object to P2P due to detect: SSDPSRV
06:48:55.0400 0x05e4 Object send P2P result: false
06:48:55.0400 0x05e4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:48:55.0400 0x05e4 SstpSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4 Object is SCO, delete is not allowed
06:48:55.0400 0x05e4 SstpSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0415 0x05e4 [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
06:48:55.0431 0x05e4 Steam Client Service - ok
06:48:55.0446 0x05e4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
06:48:55.0446 0x05e4 stexstor - ok
06:48:55.0462 0x05e4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
06:48:55.0478 0x05e4 stisvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0478 0x05e4 Object is SCO, delete is not allowed
06:48:55.0478 0x05e4 stisvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0478 0x05e4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
06:48:55.0493 0x05e4 swenum - ok
06:48:55.0509 0x05e4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
06:48:55.0524 0x05e4 swprv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0524 0x05e4 Object is SCO, delete is not allowed
06:48:55.0524 0x05e4 swprv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0524 0x05e4 Force sending object to P2P due to detect: swprv
06:48:55.0524 0x05e4 Object send P2P result: false
06:48:55.0556 0x05e4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
06:48:55.0602 0x05e4 SysMain - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0602 0x05e4 Object is SCO, delete is not allowed
06:48:55.0602 0x05e4 SysMain ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:48:55.0618 0x05e4 TabletInputService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0618 0x05e4 Object is SCO, delete is not allowed
06:48:55.0618 0x05e4 TabletInputService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
06:48:55.0634 0x05e4 TapiSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0634 0x05e4 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0634 0x05e4 Force sending object to P2P due to detect: TapiSrv
06:48:55.0634 0x05e4 Object send P2P result: false
06:48:55.0634 0x05e4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
06:48:55.0649 0x05e4 TBS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0649 0x05e4 Object is SCO, delete is not allowed
06:48:55.0649 0x05e4 TBS ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0696 0x05e4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:48:55.0743 0x05e4 Tcpip - ok
06:48:55.0774 0x05e4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
06:48:55.0821 0x05e4 TCPIP6 - ok
06:48:55.0836 0x05e4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:48:55.0836 0x05e4 tcpipreg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4 Object is SCO, delete is not allowed
06:48:55.0836 0x05e4 tcpipreg ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0836 0x05e4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:48:55.0836 0x05e4 TDPIPE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4 Object is SCO, delete is not allowed
06:48:55.0836 0x05e4 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:48:55.0852 0x05e4 TDTCP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4 Object is SCO, delete is not allowed
06:48:55.0852 0x05e4 TDTCP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4 Force sending object to P2P due to detect: TDTCP
06:48:55.0852 0x05e4 Object send P2P result: false
06:48:55.0852 0x05e4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:48:55.0852 0x05e4 tdx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4 Object is SCO, delete is not allowed
06:48:55.0852 0x05e4 tdx ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0868 0x05e4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
06:48:55.0868 0x05e4 TermDD - ok
06:48:55.0883 0x05e4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
06:48:55.0899 0x05e4 TermService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0899 0x05e4 Object is SCO, delete is not allowed
06:48:55.0899 0x05e4 TermService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
06:48:55.0914 0x05e4 Themes - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0914 0x05e4 Themes ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
06:48:55.0930 0x05e4 THREADORDER - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4 Object is SCO, delete is not allowed
06:48:55.0930 0x05e4 THREADORDER ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0930 0x05e4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
06:48:55.0930 0x05e4 TrkWks - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4 Object is SCO, delete is not allowed
06:48:55.0930 0x05e4 TrkWks ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:48:55.0946 0x05e4 TrustedInstaller - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0946 0x05e4 Object is SCO, delete is not allowed
06:48:55.0946 0x05e4 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4 Force sending object to P2P due to detect: TrustedInstaller
06:48:55.0946 0x05e4 Object send P2P result: false
06:48:55.0946 0x05e4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:48:55.0961 0x05e4 tssecsrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4 Object is SCO, delete is not allowed
06:48:55.0961 0x05e4 tssecsrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
06:48:55.0961 0x05e4 TsUsbFlt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4 TsUsbFlt ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:48:55.0977 0x05e4 tunnel - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0977 0x05e4 Object is SCO, delete is not allowed
06:48:55.0977 0x05e4 tunnel ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0977 0x05e4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
06:48:55.0977 0x05e4 uagp35 - ok
06:48:55.0992 0x05e4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:48:56.0008 0x05e4 udfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4 Object is SCO, delete is not allowed
06:48:56.0008 0x05e4 udfs ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0008 0x05e4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:48:56.0008 0x05e4 UI0Detect - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4 Object is SCO, delete is not allowed
06:48:56.0008 0x05e4 UI0Detect ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0024 0x05e4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:48:56.0024 0x05e4 uliagpkx - ok
06:48:56.0024 0x05e4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
06:48:56.0039 0x05e4 umbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4 Object is SCO, delete is not allowed
06:48:56.0039 0x05e4 umbus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0039 0x05e4 Force sending object to P2P due to detect: umbus
06:48:56.0039 0x05e4 Object send P2P result: false
06:48:56.0039 0x05e4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
06:48:56.0039 0x05e4 UmPass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4 Object is SCO, delete is not allowed
06:48:56.0039 0x05e4 UmPass ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0055 0x05e4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
06:48:56.0055 0x05e4 upnphost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0055 0x05e4 upnphost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
06:48:56.0070 0x05e4 usbaudio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0070 0x05e4 usbaudio ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4 Force sending object to P2P due to detect: usbaudio
06:48:56.0070 0x05e4 Object send P2P result: false
06:48:56.0070 0x05e4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
06:48:56.0086 0x05e4 usbccgp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4 Object is SCO, delete is not allowed
06:48:56.0086 0x05e4 usbccgp ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0086 0x05e4 Force sending object to P2P due to detect: usbccgp
06:48:56.0086 0x05e4 Object send P2P result: false
06:48:56.0086 0x05e4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:48:56.0086 0x05e4 usbcir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4 Object is SCO, delete is not allowed
06:48:56.0086 0x05e4 usbcir ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0102 0x05e4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
06:48:56.0102 0x05e4 usbehci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0102 0x05e4 Object is SCO, delete is not allowed
06:48:56.0102 0x05e4 usbehci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:48:56.0117 0x05e4 usbhub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0117 0x05e4 Object is SCO, delete is not allowed
06:48:56.0117 0x05e4 usbhub ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
06:48:56.0133 0x05e4 usbohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4 Object is SCO, delete is not allowed
06:48:56.0133 0x05e4 usbohci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4 Force sending object to P2P due to detect: usbohci
06:48:56.0133 0x05e4 Object send P2P result: false
06:48:56.0133 0x05e4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
06:48:56.0133 0x05e4 usbprint - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4 Object is SCO, delete is not allowed
06:48:56.0133 0x05e4 usbprint ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:48:56.0148 0x05e4 USBSTOR - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
06:48:56.0148 0x05e4 usbuhci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4 Object is SCO, delete is not allowed
06:48:56.0148 0x05e4 usbuhci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4 Force sending object to P2P due to detect: usbuhci
06:48:56.0148 0x05e4 Object send P2P result: false
06:48:56.0148 0x05e4 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
06:48:56.0148 0x05e4 usb_rndisx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4 usb_rndisx ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
06:48:56.0164 0x05e4 UxSms - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4 Object is SCO, delete is not allowed
06:48:56.0164 0x05e4 UxSms ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\Windows\system32\lsass.exe
06:48:56.0164 0x05e4 VaultSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4 Object is SCO, delete is not allowed
06:48:56.0164 0x05e4 VaultSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
06:48:56.0180 0x05e4 vdrvroot - ok
06:48:56.0195 0x05e4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
06:48:56.0211 0x05e4 vds - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4 Object is SCO, delete is not allowed
06:48:56.0211 0x05e4 vds ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:48:56.0211 0x05e4 vga - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4 Object is SCO, delete is not allowed
06:48:56.0211 0x05e4 vga ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4 Force sending object to P2P due to detect: vga
06:48:56.0211 0x05e4 Object send P2P result: false
06:48:56.0226 0x05e4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
06:48:56.0226 0x05e4 VgaSave - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0226 0x05e4 Object is SCO, delete is not allowed
06:48:56.0226 0x05e4 VgaSave ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0226 0x05e4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
06:48:56.0242 0x05e4 vhdmp - ok
06:48:56.0242 0x05e4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
06:48:56.0258 0x05e4 viaide - ok
06:48:56.0258 0x05e4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:48:56.0258 0x05e4 volmgr - ok
06:48:56.0273 0x05e4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:48:56.0289 0x05e4 volmgrx - ok
06:48:56.0304 0x05e4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:48:56.0304 0x05e4 volsnap - ok
06:48:56.0320 0x05e4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
06:48:56.0320 0x05e4 vsmraid - ok
06:48:56.0367 0x05e4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
06:48:56.0398 0x05e4 VSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0398 0x05e4 Object is SCO, delete is not allowed
06:48:56.0398 0x05e4 VSS ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0414 0x05e4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
06:48:56.0414 0x05e4 vwifibus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0414 0x05e4 vwifibus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0429 0x05e4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
06:48:56.0429 0x05e4 W32Time - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0429 0x05e4 Object is SCO, delete is not allowed
06:48:56.0429 0x05e4 W32Time ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
06:48:56.0445 0x05e4 WacomPen - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4 Object is SCO, delete is not allowed
06:48:56.0445 0x05e4 WacomPen ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0445 0x05e4 WANARP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4 Object is SCO, delete is not allowed
06:48:56.0445 0x05e4 WANARP ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0460 0x05e4 Wanarpv6 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0460 0x05e4 Object is SCO, delete is not allowed
06:48:56.0460 0x05e4 Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4 Force sending object to P2P due to detect: Wanarpv6
06:48:56.0460 0x05e4 Object send P2P result: false
06:48:56.0492 0x05e4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
06:48:56.0523 0x05e4 WatAdminSvc - ok
06:48:56.0570 0x05e4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
06:48:56.0601 0x05e4 wbengine - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0601 0x05e4 Object is SCO, delete is not allowed
06:48:56.0601 0x05e4 wbengine ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0616 0x05e4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
06:48:56.0616 0x05e4 WbioSrvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0616 0x05e4 WbioSrvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0632 0x05e4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:48:56.0632 0x05e4 wcncsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0632 0x05e4 Object is SCO, delete is not allowed
06:48:56.0632 0x05e4 wcncsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:48:56.0648 0x05e4 WcsPlugInService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0648 0x05e4 Object is SCO, delete is not allowed
06:48:56.0648 0x05e4 WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
06:48:56.0663 0x05e4 Wd - ok
06:48:56.0679 0x05e4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:48:56.0694 0x05e4 Wdf01000 - ok
06:48:56.0710 0x05e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:48:56.0710 0x05e4 WdiServiceHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0710 0x05e4 Object is SCO, delete is not allowed
06:48:56.0710 0x05e4 WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:48:56.0726 0x05e4 WdiSystemHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0726 0x05e4 Object is SCO, delete is not allowed
06:48:56.0726 0x05e4 WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
06:48:56.0741 0x05e4 WebClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0741 0x05e4 Object is SCO, delete is not allowed
06:48:56.0741 0x05e4 WebClient ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:48:56.0757 0x05e4 Wecsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0757 0x05e4 Object is SCO, delete is not allowed
06:48:56.0757 0x05e4 Wecsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:48:56.0772 0x05e4 wercplsupport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4 Object is SCO, delete is not allowed
06:48:56.0772 0x05e4 wercplsupport ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
06:48:56.0772 0x05e4 WerSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4 Object is SCO, delete is not allowed
06:48:56.0772 0x05e4 WerSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
06:48:56.0788 0x05e4 WfpLwf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0788 0x05e4 WfpLwf ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0788 0x05e4 Force sending object to P2P due to detect: WfpLwf
06:48:56.0788 0x05e4 Object send P2P result: false
06:48:56.0788 0x05e4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
06:48:56.0788 0x05e4 WIMMount - ok
06:48:56.0788 0x05e4 WinDefend - ok
06:48:56.0804 0x05e4 WinHttpAutoProxySvc - ok
06:48:56.0804 0x05e4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:48:56.0819 0x05e4 Winmgmt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0819 0x05e4 Object is SCO, delete is not allowed
06:48:56.0819 0x05e4 Winmgmt ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0866 0x05e4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
06:48:56.0913 0x05e4 WinRM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0913 0x05e4 Object is SCO, delete is not allowed
06:48:56.0913 0x05e4 WinRM ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0928 0x05e4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
06:48:56.0928 0x05e4 WinUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0928 0x05e4 WinUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0944 0x05e4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
06:48:56.0975 0x05e4 Wlansvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0975 0x05e4 Object is SCO, delete is not allowed
06:48:56.0975 0x05e4 Wlansvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0022 0x05e4 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:48:57.0084 0x05e4 wlidsvc - ok
06:48:57.0084 0x05e4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
06:48:57.0084 0x05e4 WmiAcpi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0084 0x05e4 Object is SCO, delete is not allowed
06:48:57.0084 0x05e4 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0100 0x05e4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:48:57.0100 0x05e4 wmiApSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0100 0x05e4 Object is SCO, delete is not allowed
06:48:57.0100 0x05e4 wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4 WMPNetworkSvc - ok
06:48:57.0116 0x05e4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:48:57.0116 0x05e4 WPCSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0116 0x05e4 Object is SCO, delete is not allowed
06:48:57.0116 0x05e4 WPCSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4 Force sending object to P2P due to detect: WPCSvc
06:48:57.0116 0x05e4 Object send P2P result: false
06:48:57.0116 0x05e4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:48:57.0131 0x05e4 WPDBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4 Object is SCO, delete is not allowed
06:48:57.0131 0x05e4 WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:48:57.0131 0x05e4 ws2ifsl - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4 Object is SCO, delete is not allowed
06:48:57.0131 0x05e4 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
06:48:57.0147 0x05e4 wscsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0147 0x05e4 Object is SCO, delete is not allowed
06:48:57.0147 0x05e4 wscsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0147 0x05e4 Force sending object to P2P due to detect: wscsvc
06:48:57.0147 0x05e4 Object send P2P result: false
06:48:57.0147 0x05e4 WSearch - ok
06:48:57.0209 0x05e4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
06:48:57.0272 0x05e4 wuauserv - ok
06:48:57.0272 0x05e4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
06:48:57.0287 0x05e4 WudfPf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4 Object is SCO, delete is not allowed
06:48:57.0287 0x05e4 WudfPf ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:48:57.0287 0x05e4 WUDFRd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4 Object is SCO, delete is not allowed
06:48:57.0287 0x05e4 WUDFRd ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4 Force sending object to P2P due to detect: WUDFRd
06:48:57.0303 0x05e4 Object send P2P result: false
06:48:57.0303 0x05e4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:48:57.0303 0x05e4 wudfsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0303 0x05e4 Object is SCO, delete is not allowed
06:48:57.0303 0x05e4 wudfsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
06:48:57.0318 0x05e4 WwanSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0318 0x05e4 WwanSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4 Force sending object to P2P due to detect: WwanSvc
06:48:57.0318 0x05e4 Object send P2P result: false
06:48:57.0318 0x05e4 ================ Scan global ===============================
06:48:57.0334 0x05e4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
06:48:57.0334 0x05e4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
06:48:57.0365 0x05e4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
06:48:57.0365 0x05e4 [ Global ] - ok
06:48:57.0365 0x05e4 ================ Scan MBR ==================================
06:48:57.0365 0x05e4 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
06:48:57.0412 0x05e4 \Device\Harddisk0\DR0 - ok
06:48:57.0412 0x05e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
06:48:57.0521 0x05e4 \Device\Harddisk1\DR1 - ok
06:48:57.0521 0x05e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
06:48:57.0568 0x05e4 \Device\Harddisk2\DR2 - ok
06:48:57.0584 0x05e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
06:48:57.0630 0x05e4 \Device\Harddisk3\DR3 - ok
06:48:57.0630 0x05e4 ================ Scan VBR ==================================
06:48:57.0630 0x05e4 [ 0EE2DD8428A12145BDEE66378AE92E26 ] \Device\Harddisk0\DR0\Partition1
06:48:57.0630 0x05e4 \Device\Harddisk0\DR0\Partition1 - ok
06:48:57.0630 0x05e4 [ 9C9C8B45E21AD77EA6D5035C53019B6A ] \Device\Harddisk1\DR1\Partition1
06:48:57.0630 0x05e4 \Device\Harddisk1\DR1\Partition1 - ok
06:48:57.0646 0x05e4 [ 1CF7C9E0C2891AADCDBA1FC14C9B93BF ] \Device\Harddisk1\DR1\Partition2
06:48:57.0646 0x05e4 \Device\Harddisk1\DR1\Partition2 - ok
06:48:57.0646 0x05e4 [ 803961758AD5EF82D9A740EB838293FE ] \Device\Harddisk2\DR2\Partition1
06:48:57.0662 0x05e4 \Device\Harddisk2\DR2\Partition1 - ok
06:48:57.0662 0x05e4 [ 543BE68A69DD2EEAF6271B5357D6D96A ] \Device\Harddisk3\DR3\Partition1
06:48:57.0693 0x05e4 \Device\Harddisk3\DR3\Partition1 - ok
06:48:57.0693 0x05e4 ================ Scan generic autorun ======================
06:48:57.0974 0x05e4 [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
06:48:58.0301 0x05e4 RTHDVCPL - ok
06:48:58.0348 0x05e4 [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
06:48:58.0395 0x05e4 MSC - ok
06:48:58.0410 0x05e4 [ 51B634D617073986FA73417318F7C121, CAB64175383F501FA515D335167334D7F2147F0889E5052484AA1FF866C6F8CF ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
06:48:58.0426 0x05e4 AdobeAAMUpdater-1.0 - ok
06:48:58.0473 0x05e4 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
06:48:58.0520 0x05e4 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:58.0520 0x05e4 AVMWlanClient ( UnsignedFile.Multi.Generic ) - warning
06:48:58.0520 0x05e4 [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
06:48:58.0535 0x05e4 NUSB3MON - ok
06:48:58.0566 0x05e4 [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
06:48:58.0582 0x05e4 StartCCC - ok
06:48:58.0644 0x05e4 [ 87EE3EF42CF8257F6B14BAD6F77DFF04, 8E64B1BD89C322753D0E1BBBFD61D5FFE202CA3C07298BC613E3D7E303479E23 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
06:48:58.0707 0x05e4 Adobe Creative Cloud - ok
06:48:58.0738 0x05e4 [ 2E156FEA6FA4F462F39F6AA86E03A269, E99343353781DBD5B300D6B887D8CC91DB019922CA7E494500CC2604685287FD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
06:48:58.0785 0x05e4 Acrobat Assistant 8.0 - ok
06:48:58.0894 0x05e4 [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
06:48:59.0019 0x05e4 Akamai NetSession Interface - ok
06:48:59.0175 0x05e4 [ 18EE6C694976C4D205AF24D6CCE3B660, 262F8B929CBBC8BFDD465826A27625ED9508A7C325C45F1964A4EFAC36D60056 ] C:\Program Files\CCleaner\CCleaner64.exe
06:48:59.0362 0x05e4 CCleaner Monitoring - ok
06:48:59.0393 0x05e4 [ D3D72615EA99E9B4D83101A4006595EA, E6ED416D75B9A7C573F68DBEB5E58D771D6D0D46415C373466EDC4E266C100D7 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
06:48:59.0409 0x05e4 Adobe Acrobat Synchronizer - ok
06:48:59.0440 0x05e4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x60000 ( disabled : updated )
06:48:59.0456 0x05e4 Win FW state via NFP2: enabled
06:48:59.0456 0x05e4 ============================================================
06:48:59.0456 0x05e4 Scan finished
06:48:59.0456 0x05e4 ============================================================
|
|
28.04.2015, 13:21
| #10 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Skip-Teil: Code:
ATTFilter 06:48:59.0456 0x05dc Detected object count: 280
06:48:59.0456 0x05dc Actual detected object count: 280
06:58:08.0296 0x05dc 1394ohci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0296 0x05dc 1394ohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0296 0x05dc AcpiPmi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0296 0x05dc AcpiPmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AeLookupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AeLookupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AFD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc ALG ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AMD External Events Utility ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AMD External Events Utility ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc amdkmdag ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc amdkmdag ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc amdkmdap ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc amdkmdap ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AmdPPM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AmdPPM ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AppID ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AppID ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AppIDSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AppIDSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc Appinfo ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc Appinfo ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AtiHDAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AtiHDAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc AxInstSV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc AxInstSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0311 0x05dc b06bdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc b06bdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc b57nd60a ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc b57nd60a ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BDESVC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BDESVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc Beep ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BFE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BFE ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BITS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc bowser ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BridgeMP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BridgeMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc Browser ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc bthserv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc bthserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0327 0x05dc cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc CertPropSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc CertPropSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc circlass ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc CompositeBus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc CompositeBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc defragsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc defragsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc discache ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc discache ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc DPS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc DPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc ebdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc ebdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc EFS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc EFS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc ehRecvr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc ehRecvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0343 0x05dc ehSched ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc ehSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc exfat ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc Fax ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc Fax ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc fdc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc fdPHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc fdPHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc FDResPub ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc FDResPub ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc FWLANUSB ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc FWLANUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc gpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc gpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc hcw85cir ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc hcw85cir ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc HidBatt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc HidBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc hidserv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc hidserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0358 0x05dc HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc HomeGroupListener ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc HomeGroupListener ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc HomeGroupProvider ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc HomeGroupProvider ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc IKEEXT ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc IKEEXT ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc IPBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc IPBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc iphlpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc iphlpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc KeyIso ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc KeyIso ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc KtmRm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc KtmRm ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0374 0x05dc LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc LanmanWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc LanmanWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc lltdsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc lltdsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc lmhosts ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc lmhosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc luafv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc Mcx2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc Mcx2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc MMCSS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc MMCSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc Modem ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc monitor ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc MpsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc MpsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0389 0x05dc mshidkmdf ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc mshidkmdf ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc MSiSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc MTConfig ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc MTConfig ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc napagent ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc NdisCap ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc NdisCap ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0405 0x05dc Netman ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc netprofm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc netprofm ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc nsi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc nsi ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc Null ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc p2pimsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc p2pimsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc p2psvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc p2psvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc Parport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PcaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PerfHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PerfHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc pla ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc pla ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PNRPAutoReg ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PNRPAutoReg ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PNRPsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PNRPsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0421 0x05dc Power ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc Power ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc Processor ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc ProfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc Psched ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc Psched ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RasAgileVpn ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RasAgileVpn ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc rdpbus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc rdpbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0436 0x05dc RDPREFMP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc RDPREFMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc RpcEptMapper ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc RpcEptMapper ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc scfilter ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc scfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc SCPolicySvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc SCPolicySvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc SDRSVC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc SDRSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc SENS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc SensrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc SensrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0452 0x05dc Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc Serial ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc SessionEnv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc Smb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc SNMPTRAP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc sppsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc sppsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc sppuinotify ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc sppuinotify ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc srv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc srv2 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc srvnet ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0467 0x05dc SstpSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc swprv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc swprv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc SysMain ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc SysMain ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TabletInputService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TabletInputService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TBS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TBS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc tdx ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TermService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc Themes ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc THREADORDER ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc THREADORDER ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc TsUsbFlt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc TsUsbFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc tunnel ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc udfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0483 0x05dc UI0Detect ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc umbus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc UmPass ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc UmPass ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc usb_rndisx ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc usb_rndisx ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc UxSms ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc UxSms ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc VaultSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc VaultSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc vds ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc vds ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc vga ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc vga ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc VSS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0499 0x05dc vwifibus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc vwifibus ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WANARP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WANARP ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc wbengine ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc wbengine ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WbioSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WbioSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc wcncsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc wcncsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WcsPlugInService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WcsPlugInService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WdiServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WdiSystemHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc Wecsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc wercplsupport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc wercplsupport ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WfpLwf ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WfpLwf ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc Winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0514 0x05dc WinRM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc WinUsb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc WinUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc Wlansvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc Wlansvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc wmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc WPCSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc WPCSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc WPDBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc WPDBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc WUDFRd ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc wudfsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc WwanSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc WwanSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:58:08.0530 0x05dc AVMWlanClient ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc AVMWlanClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
abgesicherten Modus laufen lassen? Oder kommt jetzt was komplett Neues? Hab heute nochmals Windows-Updates ausprobiert...ohne Änderung... lässt sich nicht updaten. Wieder kleines Update: Einige Programme haben in der Autostart-Phase wohl Probleme ("funktioniert nicht mehr"-Erneuter Start des Programmes) Und ich werd noch ratloser... Die Combofix bleibt wie im normalen Modus als auch im Abgesicherten Modus bei der "Services"-File hängen und macht nichts mehr... Ich hoffe mal, dass du aus den obigen Logs schlau wirst, was da los ist.  |
|
29.04.2015, 07:43
| #11 |
| /// the machine /// TB-Ausbilder | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Ok, angeblich ist keine einzige Systemdatei korrekt.... 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.04.2015, 09:04
| #12 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Hab die Repair wie oben angezeigt durchgeführt. PC fuhr herunter, nun hab ich Ihn wieder angeschaltet. Was nun? |
|
30.04.2015, 06:57
| #13 |
| /// the machine /// TB-Ausbilder | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. Dann bitte nochmal TDSSKiller und Combofix.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.05.2015, 18:28
| #14 |
| | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. wird gemacht. Der TDSSKiller hat das exakt selbe Log wie vorher (mit 280 gefundenen) files und die COMBOFIX bleibt wieder bei dem Versuch, die "Services.exe" zu reparieren, hängen.... Ergo alles wie vor dem Repair. Leider. p.s. alles im abgesicherten Modus mit deaktiviertem Echtzeitschutz. Geändert von Oronwe (02.05.2015 um 19:07 Uhr) |
|
03.05.2015, 13:39
| #15 |
| /// the machine /// TB-Ausbilder | Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. |
| adware, akamai, browser, computer, defender, desktop, error, festplatte, firefox, flash player, format, home, homepage, mozilla, newtab, prozess, realtek, refresh, registry, security, services.exe, software, stick, svchost.exe, system, teredo, updates, usb |
Linear-Darstellung
