Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.04.2015, 15:35   #1
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Hallo,

mein Rechner läuft seit einigen Tagen ziemlich unrund.
Wie oben beschrieben sind alle Windows-Updates grundsätzlich
"fehlgeschlagen", einige Programme haben seltsame Startmanieren
(Adobe Illustrator, InDesign, etc.) und nicht nachvollziehbare Abstürze etc.

Ich liess den Eset-Online-Scanner mal alles absuchen und er fand eben
im Thread-Namen genannte Variante....nun weiss ich nicht, ob das alles
ist und würde mich sehr freuen, wenn sich mir jemand annimmt.

cheers

FRST LOG:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-04-2015 02
Ran by Dizzy (administrator) on SKYNET on 24-04-2015 16:11:32
Running from D:\Downloads
Loaded Profiles: Dizzy (Available profiles: Dizzy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Akamai Technologies, Inc.) C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe InDesign CC 2014\InDesign.exe
() C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() D:\Downloads\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2584240 2015-04-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [867488 2015-03-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: H - H:\MAXON-Start.exe
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: {9c36a470-0b2c-11e3-bcbc-a531233bc614} - E:\pushinst.exe
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: {aac4a5a1-1e97-11e3-b6bf-806e6f6e6963} - H:\MAXON-Start.exe
HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\MountPoints2: {d3af642f-5424-11e4-987c-00040ecc8efb} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-23] (Microsoft Corporation)
Startup: C:\Users\Dizzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-10-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-04-16] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1277190080-726137398-56086049-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1277190080-726137398-56086049-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKU\.DEFAULT -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1277190080-726137398-56086049-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default
FF NewTab: 
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de/
FF NetworkProxy: "socks_version", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-04-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-04-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1277190080-726137398-56086049-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-17] ()
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-12-05]
FF Extension: Stoiberfy me - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\jid0-ZAEPExfZFY30nV7SWBrSfc03iuQ@jetpack.xpi [2013-12-11]
FF Extension: Black Youtube Theme - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{2c93446d-612b-416d-9af0-b7355797b611}.xpi [2014-04-18]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-08-22]
FF Extension: Adblock Plus - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-23]
FF Extension: DownThemAll! - C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Profiles\fnz2aqc4.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-09-22]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-04-07]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [603312 2015-04-20] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-16] (Duplex Secure Ltd.)
U3 azu1374d; C:\Windows\System32\Drivers\azu1374d.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-24 16:11 - 2015-04-24 16:11 - 00000000 ____D () C:\FRST
2015-04-24 16:08 - 2015-04-24 16:08 - 00000020 _____ () C:\Users\Dizzy\defogger_reenable
2015-04-24 11:40 - 2015-04-24 11:40 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-23 11:05 - 2015-04-23 11:05 - 00000000 ____D () C:\Users\Dizzy\Desktop\Elster
2015-04-23 10:18 - 2015-04-23 10:19 - 00000000 ___RD () C:\Users\Dizzy\Desktop\DT
2015-04-22 17:35 - 2015-04-22 17:35 - 00005798 _____ () C:\Windows\system32\lvcoinst.log
2015-04-22 17:02 - 2015-04-22 17:02 - 00000000 ____D () C:\ProgramData\.pixartokens
2015-04-21 08:16 - 2015-04-21 08:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 11:10 - 2015-04-19 17:47 - 00000000 ____D () C:\Users\Dizzy\Desktop\003_ornament
2015-04-18 14:28 - 2015-04-18 14:28 - 05950841 _____ () C:\Users\Dizzy\Desktop\Opel Meriva.c4d
2015-04-18 11:11 - 2011-10-15 01:50 - 01772448 _____ () C:\Users\Dizzy\Desktop\Opel Meriva.lwo
2015-04-17 13:03 - 2015-04-17 13:07 - 00000000 ____D () C:\Users\Dizzy\Desktop\Unbenannter Export
2015-04-17 12:58 - 2015-04-17 12:58 - 00000000 ____D () C:\Users\Dizzy\Desktop\2015
2015-04-17 12:58 - 2015-04-17 12:58 - 00000000 ____D () C:\Users\Dizzy\Desktop\2014
2015-04-17 10:55 - 2015-04-17 11:06 - 464240640 _____ () C:\Users\Dizzy\Downloads\RenderManProServer-19.0_1468883-windows7_vc10icc121.x86_64.msi
2015-04-17 10:53 - 2015-04-17 11:07 - 00006600 _____ () C:\Users\Dizzy\Downloads\ncr.Hp2948.txt
2015-04-17 10:53 - 2015-04-17 11:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixar
2015-04-17 10:53 - 2015-04-17 11:06 - 00000000 ____D () C:\Program Files\Pixar
2015-04-10 10:44 - 2015-04-10 10:44 - 01270077 _____ () C:\Users\Dizzy\Desktop\future.wrl
2015-04-08 11:51 - 2015-04-08 14:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-08 08:43 - 2015-04-08 08:43 - 00000000 ____D () C:\Users\Dizzy\Tracing
2015-04-07 08:47 - 2015-04-07 08:47 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-04-07 08:47 - 2015-04-07 08:47 - 00002037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2015-04-07 08:47 - 2015-04-07 08:47 - 00002014 _____ () C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2015-03-31 19:35 - 2015-03-31 19:35 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Skynet-Dizzy
2015-03-31 11:21 - 2015-03-31 11:21 - 00003563 _____ () C:\Users\Dizzy\Desktop\NetworkInfo.txt
2015-03-31 11:12 - 2015-03-31 11:13 - 00000891 _____ () C:\Users\Dizzy\Desktop\Tracert.txt
2015-03-30 07:24 - 2015-03-30 07:24 - 00000000 ____D () C:\Users\Dizzy\Desktop\BIlder 2007-2015
2015-03-27 11:14 - 2015-03-27 13:25 - 00001704 _____ () C:\Users\Dizzy\Desktop\PingPtracer.txt
2015-03-27 09:47 - 2015-03-27 09:47 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-27 09:14 - 2015-03-27 09:25 - 00001107 _____ () C:\Users\Dizzy\Desktop\CINEMA 4D.lnk
2015-03-27 09:14 - 2015-03-27 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2015-03-27 00:53 - 2015-03-27 01:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-27 00:53 - 2015-03-27 00:53 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 00:53 - 2015-03-27 00:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-27 00:52 - 2015-03-27 00:52 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-26 23:05 - 2015-03-26 23:05 - 00000000 ____D () C:\ProgramData\ATI
2015-03-26 22:47 - 2015-03-26 23:20 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Raptr
2015-03-26 22:47 - 2015-03-26 22:47 - 00000000 ____D () C:\ProgramData\AMD
2015-03-26 20:28 - 2015-04-22 17:35 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-03-26 13:05 - 2015-03-26 13:05 - 00000000 ____D () C:\Program Files\MAXON
2015-03-26 12:30 - 2015-03-26 12:30 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\chc
2015-03-25 15:58 - 2015-03-25 15:58 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2014.lnk
2015-03-25 11:20 - 2015-03-25 11:20 - 00001337 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CC.lnk
2015-03-25 11:11 - 2015-03-25 11:11 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk
2015-03-25 10:53 - 2015-03-25 10:53 - 00002085 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7.1 64-Bit.lnk
2015-03-25 10:53 - 2015-03-25 10:53 - 00002065 _____ () C:\Users\Public\Desktop\Lightroom 5.7.1 64-Bit.lnk
2015-03-25 08:23 - 2015-04-07 15:24 - 00001088 _____ () C:\Windows\PFRO.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-24 16:08 - 2013-08-22 15:15 - 00000000 ____D () C:\Users\Dizzy
2015-04-24 15:58 - 2013-09-13 17:22 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Skype
2015-04-24 12:11 - 2013-08-22 15:15 - 01687574 _____ () C:\Windows\WindowsUpdate.log
2015-04-24 10:36 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:36 - 2009-07-14 06:45 - 00015344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:34 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-24 10:34 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-24 10:34 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-24 10:30 - 2014-09-01 08:10 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\Adobe
2015-04-24 10:30 - 2014-05-02 15:11 - 00000000 ___RD () C:\Users\Dizzy\Dropbox
2015-04-24 10:30 - 2014-05-02 15:09 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Dropbox
2015-04-24 10:29 - 2015-02-17 17:18 - 00018531 _____ () C:\Windows\setupact.log
2015-04-24 10:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-24 08:30 - 2013-09-01 15:34 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\vlc
2015-04-23 13:38 - 2014-05-29 08:44 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\Battle.net
2015-04-23 12:55 - 2014-05-10 11:45 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\JDownloader v2.0
2015-04-22 17:22 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-22 17:17 - 2014-10-21 10:54 - 00001456 _____ () C:\Users\Dizzy\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-04-22 13:53 - 2013-08-23 07:37 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-22 12:07 - 2013-09-12 07:56 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-22 12:04 - 2014-01-08 08:38 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 12:01 - 2015-03-24 12:47 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-04-22 12:01 - 2015-03-24 12:47 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-04-22 12:01 - 2013-09-12 07:56 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-22 07:56 - 2013-08-22 16:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-19 11:11 - 2015-03-24 15:00 - 00000034 _____ () C:\Users\Dizzy\AppData\Roaming\AdobeWLCMCache.dat
2015-04-17 12:58 - 2015-02-17 13:58 - 00000000 ____D () C:\Users\Dizzy\Desktop\Portfolio 2015
2015-04-16 10:32 - 2014-05-29 08:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-15 13:08 - 2013-08-22 17:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 13:06 - 2013-08-22 17:08 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 12:12 - 2014-07-30 13:12 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\dxhr
2015-04-11 11:27 - 2014-09-19 08:33 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\.minecraft
2015-04-10 07:52 - 2014-05-02 15:11 - 00001015 _____ () C:\Users\Dizzy\Desktop\Dropbox.lnk
2015-04-10 07:52 - 2014-05-02 15:10 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-08 08:43 - 2014-09-16 18:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-08 08:28 - 2013-09-13 17:22 - 00000000 ____D () C:\ProgramData\Skype
2015-04-07 15:25 - 2013-08-23 09:54 - 00065544 _____ () C:\Users\Dizzy\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-07 15:24 - 2009-07-14 06:45 - 04995896 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-07 08:48 - 2014-12-23 17:10 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-07 08:47 - 2013-09-16 16:39 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-27 09:25 - 2014-04-30 09:11 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\MAXON
2015-03-26 23:20 - 2015-03-02 19:49 - 00000000 ___RD () C:\Users\Dizzy\Documents\Notes
2015-03-26 23:20 - 2015-01-21 17:00 - 00000000 ____D () C:\Users\Dizzy\Documents\Heroes of the Storm
2015-03-26 23:20 - 2014-12-30 17:49 - 00000000 ____D () C:\Users\Dizzy\Documents\FLiNGTrainer
2015-03-26 23:20 - 2014-12-15 08:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-03-26 23:20 - 2014-03-06 13:59 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-03-26 23:20 - 2013-09-07 09:05 - 00000000 ____D () C:\Users\Dizzy\AppData\Local\Akamai
2015-03-26 23:20 - 2013-08-22 16:20 - 00000000 ____D () C:\AMD
2015-03-26 23:20 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-26 23:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-26 23:19 - 2014-12-15 08:05 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-03-26 23:19 - 2014-11-13 09:48 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-03-26 23:19 - 2014-01-26 10:15 - 00000000 ____D () C:\Users\Dizzy\Documents\BioWare
2015-03-26 23:19 - 2013-08-24 07:21 - 00000000 ____D () C:\Users\Dizzy\Documents\my games
2015-03-26 23:19 - 2013-08-22 16:25 - 00000000 ____D () C:\Program Files\AMD
2015-03-26 12:23 - 2014-09-02 18:25 - 00000000 ____D () C:\Users\Dizzy\Documents\Adobe
2015-03-26 12:23 - 2013-08-22 16:22 - 00000000 ____D () C:\Users\Dizzy\AppData\Roaming\Adobe
2015-03-25 15:58 - 2014-09-02 16:29 - 00000000 ____D () C:\Program Files\Adobe
2015-03-25 15:58 - 2013-09-16 16:25 - 00000000 ____D () C:\Program Files\Common Files\Adobe

==================== Files in the root of some directories =======

2013-12-17 14:54 - 2013-12-17 15:09 - 0000132 _____ () C:\Users\Dizzy\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-03-24 15:00 - 2015-04-19 11:11 - 0000034 _____ () C:\Users\Dizzy\AppData\Roaming\AdobeWLCMCache.dat
2014-09-29 19:48 - 2014-09-29 19:48 - 0000037 ___SH () C:\Users\Dizzy\AppData\Local\69ff07055291669bb2b218.72821112
2014-10-21 10:54 - 2015-04-22 17:17 - 0001456 _____ () C:\Users\Dizzy\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-02 20:26 - 2014-07-29 11:39 - 0001456 _____ () C:\Users\Dizzy\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-12-05 19:29 - 2014-10-24 09:07 - 0007600 _____ () C:\Users\Dizzy\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Dizzy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppva4ih.dll
C:\Users\Dizzy\AppData\Local\Temp\proxy_vole4219066933589844200.dll
C:\Users\Dizzy\AppData\Local\Temp\raptrpatch.exe
C:\Users\Dizzy\AppData\Local\Temp\raptr_stub.exe
C:\Users\Dizzy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dizzy\AppData\Local\Temp\Uninstall.exe
C:\Users\Dizzy\AppData\Local\Temp\{144E8A71-A155-4D5D-9363-A9B18463713D}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2015-04-15 09:49

==================== End Of Log ============================
         
--- --- ---



ADDITION.TXT:

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2015 02
Ran by Dizzy at 2015-04-24 16:11:59
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1277190080-726137398-56086049-500 - Administrator - Disabled)
Dizzy (S-1-5-21-1277190080-726137398-56086049-1000 - Administrator - Enabled) => C:\Users\Dizzy
Gast (S-1-5-21-1277190080-726137398-56086049-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1277190080-726137398-56086049-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.0.0.74 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.2.0.069 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Akamai NetSession Interface (HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CINEMA 4D 16.038 (HKLM\...\MAXON8B6F11F9) (Version: 16.038 - MAXON Computer GmbH)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-1277190080-726137398-56086049-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MeshLab_64b 1.3.3 (HKLM-x32\...\MeshLab_64b) (Version: 1.3.3 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
PDFTK Builder 3.5.3 (HKLM-x32\...\PDFTK Builder_is1) (Version:  - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pixar RenderMan Pro Server 19.0 (HKLM\...\{7EA92811-DDBD-11E4-A753-001CC4171F87}) (Version: 19.0.1468883 - Pixar)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RenderManNC-Installer (HKLM\...\{DAB7A2E1-D380-11E4-BBF3-001CC4171F87}) (Version: 1.0.0 - Pixar)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1277190080-726137398-56086049-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

22-04-2015 13:22:51 Windows Update
22-04-2015 17:01:39 Windows Update
22-04-2015 17:34:48 Windows Update
22-04-2015 18:25:31 Windows Update
22-04-2015 18:58:47 Windows Update
22-04-2015 20:32:05 Windows Update
23-04-2015 09:13:03 Windows Update
23-04-2015 13:43:23 Windows Update
24-04-2015 09:58:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-03-25 10:08 - 00001297 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 crl.verisign.net
127.0.0.1 ood.opsource.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 ocsp.spo1.verisign.com
127.0.0.1 192.168.112.2o7.net
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 199.7.52.190
127.0.0.1 199.7.54.72
127.0.0.1 209.34.83.67
127.0.0.1 209.34.83.73
127.0.0.1 2o7.net
127.0.0.1 tss-geotrust-crl.thawte.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1EBD3B3D-1FAE-4585-9E4C-E803225AE6EF} - System32\Tasks\AdobeAAMUpdater-1.0-Skynet-Dizzy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30] (Adobe Systems Incorporated)
Task: {499EFA2E-B3B9-49B0-964B-D8CEA97591EA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13] (Adobe Systems Incorporated)
Task: {886CE8B9-7CC2-411C-8E15-5D23FBAA2AD9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {C34DFF0A-C7EF-466A-862A-C8640CCDA84F} - System32\Tasks\{0709E55C-9BC3-41A1-A357-86B121504C79} => pcalua.exe -a "C:\Users\Dizzy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LONCHF84\Firefox%20Setup%20Stub%2023.0.1[1].exe" -d C:\Users\Dizzy\Desktop
Task: {F4CDE599-A6DA-43D3-BC48-6D869CD60B0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-20 22:23 - 2014-11-20 22:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-11-20 22:23 - 2014-11-20 22:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-04-16 17:42 - 2015-04-16 17:42 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-11-22 02:03 - 2014-11-22 02:03 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-20 22:23 - 2014-11-20 22:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-04-16 17:41 - 2015-04-16 17:41 - 05842080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-04-24 11:40 - 2014-06-26 07:44 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-05-02 14:12 - 2015-02-07 11:16 - 00095424 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASLSupport.dll
2014-05-02 14:12 - 2014-05-02 14:12 - 00266432 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASKLib.dll
2015-02-07 11:16 - 2015-02-07 11:16 - 01276608 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\typekitC4.dll
2014-05-02 14:12 - 2015-02-07 11:16 - 00263360 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\AdamLib.dll
2014-05-02 14:12 - 2014-05-02 14:12 - 00073408 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\unihan.dll
2014-09-03 13:55 - 2014-09-03 13:55 - 00815104 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
2015-04-24 16:08 - 2015-04-24 16:08 - 00050477 _____ () D:\Downloads\Defogger.exe
2015-04-20 07:16 - 2015-04-20 07:16 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2015-04-24 10:30 - 2015-04-24 10:30 - 00043008 _____ () c:\users\dizzy\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppva4ih.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 00746672 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-04-20 07:16 - 2015-04-20 07:16 - 00136368 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\System:9F4ymvjw6kabpdQTgg2x18V
AlternateDataStreams: C:\ProgramData\Microsoft:C6jucDp0bZuZqJ9c14hb
AlternateDataStreams: C:\ProgramData\Microsoft:jAYCD1Iae9sKQ2xnSpzTMve
AlternateDataStreams: C:\ProgramData\Microsoft:r38uJZGn1tmWt6PkZN

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68825310.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68825310.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1277190080-726137398-56086049-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dizzy\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dizzy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dizzy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zenimax Launcher.lnk => C:\Windows\pss\Zenimax Launcher.lnk.Startup
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Google Update => "C:\Users\Dizzy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB-Videogerät
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.

Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3

Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x11d0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3

Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.

Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3

Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x10cc
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3

Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.

Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3

Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x124c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3

Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.

Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3

Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x12a0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3

Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.

Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.cat

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C000009C
Datenträgertyp: 3

Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_CryptSvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c4f0
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000080bf
ID des fehlerhaften Prozesses: 0x5e0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_CryptSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_CryptSvc1
Pfad des fehlerhaften Moduls: svchost.exe_CryptSvc2
Berichtskennung: svchost.exe_CryptSvc3


System errors:
=============
Error: (04/24/2015 04:11:41 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 04:11:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 01:00:46 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (04/24/2015 01:00:46 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.


Microsoft Office Sessions:
=========================
Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3

Error: (04/24/2015 11:41:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf11d001d07e72d9df8cf9C:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll17f6f8d3-ea66-11e4-874e-00040ecc8efb

Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3

Error: (04/24/2015 11:41:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf10cc01d07e72d6e18402C:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll150aca6f-ea66-11e4-874e-00040ecc8efb

Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3

Error: (04/24/2015 11:41:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf124c01d07e72d3e43e5dC:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll11f9fc81-ea66-11e4-874e-00040ecc8efb

Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3

Error: (04/24/2015 11:41:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf12a001d07e72d0dbadefC:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll0f11ecdc-ea66-11e4-874e-00040ecc8efb

Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Win8IP-Microsoft-Windows-DownlevelApisets-Shell-WinIP-Package~31bf3856ad364e35~amd64~bg-BG~7.1.7601.16492.catHostprozess für Windows-DiensteC000009C3

Error: (04/24/2015 11:41:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_CryptSvc6.1.7600.163854a5bc3c1bcryptprimitives.dll6.1.7601.175144ce7c4f0c000000600000000000080bf5e001d07e72cdeb87dbC:\Windows\system32\svchost.exeC:\Windows\system32\bcryptprimitives.dll0c136eb2-ea66-11e4-874e-00040ecc8efb


CodeIntegrity Errors:
===================================
  Date: 2015-03-26 22:10:05.251
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 22:10:05.126
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 22:03:34.314
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 22:03:34.189
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 21:28:10.844
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 21:28:10.672
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 18:00:29.329
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 18:00:29.158
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 17:43:52.360
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-26 17:43:52.220
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD FX(tm)-8320 Eight-Core Processor 
Percentage of memory in use: 30%
Total physical RAM: 16356.88 MB
Available physical RAM: 11346.13 MB
Total Pagefile: 47711.94 MB
Available Pagefile: 42544.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:17.51 GB) NTFS
Drive d: (Skynet) (Fixed) (Total:931.41 GB) (Free:573.47 GB) NTFS
Drive f: (Volume) (Fixed) (Total:153.38 GB) (Free:153.29 GB) NTFS
Drive g: (Volume) (Fixed) (Total:232.88 GB) (Free:232.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 7C2F6DC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D766D766)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 97458EC1)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 153.4 GB) (Disk ID: E891E891)
Partition 1: (Not Active) - (Size=153.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


GMER-Copy:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-24 16:33:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 Corsair_Performance_Pro rev.1.0 119,24GB
Running: j39pjdsw.exe; Driver: C:\Users\Dizzy\AppData\Local\Temp\ugldypog.sys

---- Processes - GMER 2.1 ----

Library  c:\users\dizzy\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwmldoi.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-04-24 14:28:50)                                       0000000003180000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)           000000006e000000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (ICU I18N DLL/The ICU Project)(2015-03-04 21:45:30)                                                           000000004a900000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (ICU Common DLL/The ICU Project)(2015-03-04 21:45:30)                                                         0000000005e80000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (ICU Data DLL/The ICU Project)(2015-03-04 21:45:30)                                                           000000004ad00000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)        000000006c420000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000006c130000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30)                                                                                        000000006da70000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)        000000006d2d0000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)         000000006aa00000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)          000000006a7e0000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000006a360000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000006d1e0000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30)                                                                                           000000006d1b0000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)  000000006d180000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)         000000006c860000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)   00000000692e0000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30)                                                                       0000000069c20000
Library  C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Dizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [3532](2015-03-04 21:45:30)                                                                       0000000069aa0000

---- EOF - GMER 2.1 ----
         

p.s. entschuldige, ich hatte nach diesem "CODE" gesucht, es aber nicht gefunden...hoffe das nun alles besser lesbar ist

Geändert von Oronwe (24.04.2015 um 15:50 Uhr)

Alt 24.04.2015, 15:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 24.04.2015, 21:46   #3
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Hier schon einmal das mbar Log:

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.17267

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 3.492000 GHz
Memory total: 17151426560, free: 14426759168

Downloaded database version: v2015.04.24.03
Downloaded database version: v2015.04.21.01
Downloaded database version: v2015.04.22.01
=======================================
Initializing...
------------ Kernel report ------------
     04/24/2015 16:46:46
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\fwlanusb.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\lvrs64.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Users\Dizzy\AppData\Local\Temp\ugldypog.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\user32.dll
\Windows\System32\sechost.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\imm32.dll
\Windows\System32\msctf.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\shlwapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\kernel32.dll
\Windows\System32\shell32.dll
\Windows\System32\urlmon.dll
\Windows\System32\usp10.dll
\Windows\System32\comdlg32.dll
\Windows\System32\psapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\advapi32.dll
\Windows\System32\ole32.dll
\Windows\System32\lpk.dll
\Windows\System32\wininet.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.04.24.03
  rootkit: v2015.04.21.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d5dd790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d5dd1e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5dd790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d3d0580, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d3cf060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7C2F6DC8

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 249860096

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 128035676160 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d5fc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d4d5980, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5fc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d132e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d3d3060, DeviceName: \Device\Ide\IdeDeviceP3T1L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D766D766

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 488384512

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250055122432 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800d5fd060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d5fc970, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5fd060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d0a9670, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d3df680, DeviceName: \Device\Ide\IdeDeviceP2T1L0-7\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E891E891

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 321667072

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 164696555520 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xfffffa800d5fe060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d5fda30, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d5fe060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d328520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800d32a060, DeviceName: \Device\Ide\IdeDeviceP4T1L0-8\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 97458EC1

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 1953304576

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 1000200658432 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
Removal finished
         
p.s. der TDSSKILLER hat seit ca. 21 Minuten nur 1 "processed File" im Task...ist das normal?

Kleines Update,

Der TSSKILLER läuft nun seit 3h42min und hängt noch immer (wieder)
bei der Datei 1394ohci.sys.

Was könnte ich nun machen?
__________________

Geändert von Oronwe (24.04.2015 um 17:43 Uhr)

Alt 25.04.2015, 15:07   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Beende TDSSKiller.


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.04.2015, 11:06   #5
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Hallo,

ComboFix geht bis Step 50, danach erscheint
folgende Meldung :

System FIle is infected !! Attempting to restore
"C:Windoews-system32-Services.exe"

Danach passiert nichts weiter (kein Log oder sonstiges)


Alt 26.04.2015, 18:22   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Jetzt wirds witzig

TDSSKiller bitte mal im abgesicherten Modus starten.
__________________
--> Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.

Alt 27.04.2015, 06:08   #7
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Guten Morgen,

wenn der ABgesicherte Modus das witzige war,
kommt hier nun die Pointe.

175 gefundene Objekte und hier das Log:
Code:
ATTFilter
06:48:14.0762 0x05ac  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
06:48:23.0669 0x05ac  ============================================================
06:48:23.0669 0x05ac  Current date / time: 2015/04/27 06:48:23.0669
06:48:23.0669 0x05ac  SystemInfo:
06:48:23.0669 0x05ac  
06:48:23.0669 0x05ac  OS Version: 6.1.7601 ServicePack: 1.0
06:48:23.0669 0x05ac  Product type: Workstation
06:48:23.0669 0x05ac  ComputerName: SKYNET
06:48:23.0669 0x05ac  UserName: Dizzy
06:48:23.0669 0x05ac  Windows directory: C:\Windows
06:48:23.0669 0x05ac  System windows directory: C:\Windows
06:48:23.0669 0x05ac  Running under WOW64
06:48:23.0669 0x05ac  Processor architecture: Intel x64
06:48:23.0669 0x05ac  Number of processors: 8
06:48:23.0669 0x05ac  Page size: 0x1000
06:48:23.0669 0x05ac  Boot type: Safe boot
06:48:23.0669 0x05ac  ============================================================
06:48:23.0903 0x05ac  KLMD registered as C:\Windows\system32\drivers\44355286.sys
06:48:23.0934 0x05ac  System UUID: {F21FE57E-0EA1-9F60-8D2A-C64ABB18169C}
06:48:24.0262 0x05ac  Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 ( 153.39 Gb ), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac  Drive \Device\Harddisk2\DR2 - Size: 0x3A38725E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x76C0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac  Drive \Device\Harddisk3\DR3 - Size: 0xE8E09ADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac  ============================================================
06:48:24.0278 0x05ac  \Device\Harddisk0\DR0:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x132C4000
06:48:24.0278 0x05ac  \Device\Harddisk1\DR1:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:48:24.0278 0x05ac  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
06:48:24.0278 0x05ac  \Device\Harddisk2\DR2:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C2800
06:48:24.0278 0x05ac  \Device\Harddisk3\DR3:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D1000
06:48:24.0278 0x05ac  ============================================================
06:48:24.0278 0x05ac  C: <-> \Device\Harddisk1\DR1\Partition2
06:48:24.0309 0x05ac  D: <-> \Device\Harddisk3\DR3\Partition1
06:48:24.0324 0x05ac  F: <-> \Device\Harddisk0\DR0\Partition1
06:48:24.0340 0x05ac  G: <-> \Device\Harddisk2\DR2\Partition1
06:48:24.0340 0x05ac  ============================================================
06:48:24.0340 0x05ac  Initialize success
06:48:24.0340 0x05ac  ============================================================
06:48:32.0780 0x05e4  ============================================================
06:48:32.0780 0x05e4  Scan started
06:48:32.0780 0x05e4  Mode: Manual; SigCheck; TDLFS; 
06:48:32.0780 0x05e4  ============================================================
06:48:32.0780 0x05e4  KSN ping started
06:48:32.0795 0x05e4  KSN ping finished: false
06:48:32.0873 0x05e4  ================ Scan system memory ========================
06:48:32.0873 0x05e4  System memory - ok
06:48:32.0873 0x05e4  ================ Scan services =============================
06:48:32.0904 0x05e4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:48:49.0160 0x05e4  1394ohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0222 0x05e4  1394ohci ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0238 0x05e4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:48:49.0269 0x05e4  ACPI - ok
06:48:49.0269 0x05e4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
06:48:49.0269 0x05e4  AcpiPmi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0269 0x05e4  AcpiPmi ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0269 0x05e4  Force sending object to P2P due to detect: AcpiPmi
06:48:49.0269 0x05e4  Object send P2P result: false
06:48:49.0284 0x05e4  [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:48:49.0284 0x05e4  AdobeARMservice - ok
06:48:49.0316 0x05e4  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:48:49.0316 0x05e4  AdobeFlashPlayerUpdateSvc - ok
06:48:49.0331 0x05e4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
06:48:49.0362 0x05e4  adp94xx - ok
06:48:49.0362 0x05e4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
06:48:49.0378 0x05e4  adpahci - ok
06:48:49.0394 0x05e4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
06:48:49.0394 0x05e4  adpu320 - ok
06:48:49.0409 0x05e4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:48:49.0409 0x05e4  AeLookupSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0409 0x05e4  Object is SCO, delete is not allowed
06:48:49.0409 0x05e4  AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0425 0x05e4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
06:48:49.0440 0x05e4  AFD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0440 0x05e4  Object is SCO, delete is not allowed
06:48:49.0440 0x05e4  AFD ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0440 0x05e4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
06:48:49.0440 0x05e4  agp440 - ok
06:48:49.0456 0x05e4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
06:48:49.0456 0x05e4  ALG - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0456 0x05e4  ALG ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0456 0x05e4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:48:49.0472 0x05e4  aliide - ok
06:48:49.0472 0x05e4  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:48:49.0487 0x05e4  AMD External Events Utility - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0487 0x05e4  AMD External Events Utility ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0487 0x05e4  Force sending object to P2P due to detect: AMD External Events Utility
06:48:49.0487 0x05e4  Object send P2P result: false
06:48:49.0503 0x05e4  AMD FUEL Service - ok
06:48:49.0503 0x05e4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
06:48:49.0503 0x05e4  amdide - ok
06:48:49.0518 0x05e4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
06:48:49.0518 0x05e4  AmdK8 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0518 0x05e4  Object is SCO, delete is not allowed
06:48:49.0518 0x05e4  AmdK8 ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0924 0x05e4  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
06:48:50.0423 0x05e4  amdkmdag - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0423 0x05e4  amdkmdag ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0454 0x05e4  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
06:48:50.0470 0x05e4  amdkmdap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0470 0x05e4  amdkmdap ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0470 0x05e4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
06:48:50.0486 0x05e4  AmdPPM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0486 0x05e4  AmdPPM ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0486 0x05e4  Force sending object to P2P due to detect: AmdPPM
06:48:50.0486 0x05e4  Object send P2P result: false
06:48:50.0486 0x05e4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:48:50.0501 0x05e4  amdsata - ok
06:48:50.0501 0x05e4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
06:48:50.0517 0x05e4  amdsbs - ok
06:48:50.0517 0x05e4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:48:50.0517 0x05e4  amdxata - ok
06:48:50.0532 0x05e4  AODDriver4.2.0 - ok
06:48:50.0532 0x05e4  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
06:48:50.0548 0x05e4  AODDriver4.3 - ok
06:48:50.0548 0x05e4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
06:48:50.0548 0x05e4  AppID - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0548 0x05e4  AppID ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0548 0x05e4  Force sending object to P2P due to detect: AppID
06:48:50.0548 0x05e4  Object send P2P result: false
06:48:50.0564 0x05e4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:48:50.0564 0x05e4  AppIDSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4  AppIDSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0564 0x05e4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
06:48:50.0564 0x05e4  Appinfo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4  Object is SCO, delete is not allowed
06:48:50.0564 0x05e4  Appinfo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0579 0x05e4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
06:48:50.0579 0x05e4  arc - ok
06:48:50.0595 0x05e4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
06:48:50.0595 0x05e4  arcsas - ok
06:48:50.0610 0x05e4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:48:50.0626 0x05e4  aspnet_state - ok
06:48:50.0626 0x05e4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:48:50.0626 0x05e4  AsyncMac - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0626 0x05e4  Object is SCO, delete is not allowed
06:48:50.0626 0x05e4  AsyncMac ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0626 0x05e4  Force sending object to P2P due to detect: AsyncMac
06:48:50.0626 0x05e4  Object send P2P result: false
06:48:50.0642 0x05e4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
06:48:50.0642 0x05e4  atapi - ok
06:48:50.0642 0x05e4  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
06:48:50.0657 0x05e4  AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0657 0x05e4  AtiHDAudioService ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0673 0x05e4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:48:50.0688 0x05e4  AudioEndpointBuilder - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0688 0x05e4  Object is SCO, delete is not allowed
06:48:50.0688 0x05e4  AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0704 0x05e4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
06:48:50.0720 0x05e4  AudioSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0720 0x05e4  Object is SCO, delete is not allowed
06:48:50.0720 0x05e4  AudioSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0735 0x05e4  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
06:48:50.0735 0x05e4  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0735 0x05e4  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0751 0x05e4  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
06:48:50.0751 0x05e4  avmeject - ok
06:48:50.0751 0x05e4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:48:50.0766 0x05e4  AxInstSV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0766 0x05e4  AxInstSV ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0766 0x05e4  Force sending object to P2P due to detect: AxInstSV
06:48:50.0766 0x05e4  Object send P2P result: false
06:48:50.0766 0x05e4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
06:48:50.0782 0x05e4  b06bdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0782 0x05e4  b06bdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0782 0x05e4  Force sending object to P2P due to detect: b06bdrv
06:48:50.0782 0x05e4  Object send P2P result: false
06:48:50.0798 0x05e4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
06:48:50.0813 0x05e4  b57nd60a - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4  b57nd60a ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:48:50.0813 0x05e4  BDESVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4  BDESVC ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:48:50.0829 0x05e4  Beep - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0829 0x05e4  Beep ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0844 0x05e4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
06:48:50.0860 0x05e4  BFE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0860 0x05e4  Object is SCO, delete is not allowed
06:48:50.0860 0x05e4  BFE ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0876 0x05e4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
06:48:50.0907 0x05e4  BITS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4  BITS ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0907 0x05e4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
06:48:50.0907 0x05e4  blbdrive - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4  Object is SCO, delete is not allowed
06:48:50.0907 0x05e4  blbdrive ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:48:50.0922 0x05e4  bowser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4  Object is SCO, delete is not allowed
06:48:50.0922 0x05e4  bowser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4  Force sending object to P2P due to detect: bowser
06:48:50.0922 0x05e4  Object send P2P result: false
06:48:50.0922 0x05e4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:48:50.0922 0x05e4  BrFiltLo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4  Object is SCO, delete is not allowed
06:48:50.0922 0x05e4  BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:48:50.0938 0x05e4  BrFiltUp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4  Object is SCO, delete is not allowed
06:48:50.0938 0x05e4  BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
06:48:50.0938 0x05e4  BridgeMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4  Object is SCO, delete is not allowed
06:48:50.0938 0x05e4  BridgeMP ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4  Force sending object to P2P due to detect: BridgeMP
06:48:50.0938 0x05e4  Object send P2P result: false
06:48:50.0954 0x05e4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
06:48:50.0954 0x05e4  Browser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0954 0x05e4  Browser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
06:48:50.0969 0x05e4  Brserid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0969 0x05e4  Object is SCO, delete is not allowed
06:48:50.0969 0x05e4  Brserid ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4  Force sending object to P2P due to detect: Brserid
06:48:50.0969 0x05e4  Object send P2P result: false
06:48:50.0969 0x05e4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:48:50.0985 0x05e4  BrSerWdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4  Object is SCO, delete is not allowed
06:48:50.0985 0x05e4  BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:48:50.0985 0x05e4  BrUsbMdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4  Object is SCO, delete is not allowed
06:48:50.0985 0x05e4  BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4  Force sending object to P2P due to detect: BrUsbMdm
06:48:50.0985 0x05e4  Object send P2P result: false
06:48:50.0985 0x05e4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:48:50.0985 0x05e4  BrUsbSer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4  Object is SCO, delete is not allowed
06:48:50.0985 0x05e4  BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
06:48:51.0000 0x05e4  BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4  Object is SCO, delete is not allowed
06:48:51.0000 0x05e4  BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
06:48:51.0000 0x05e4  bthserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4  Object is SCO, delete is not allowed
06:48:51.0000 0x05e4  bthserv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:48:51.0016 0x05e4  cdfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0016 0x05e4  Object is SCO, delete is not allowed
06:48:51.0016 0x05e4  cdfs ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
06:48:51.0032 0x05e4  cdrom - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4  Object is SCO, delete is not allowed
06:48:51.0032 0x05e4  cdrom ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0032 0x05e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
06:48:51.0032 0x05e4  CertPropSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4  Object is SCO, delete is not allowed
06:48:51.0032 0x05e4  CertPropSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
06:48:51.0047 0x05e4  circlass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0047 0x05e4  Object is SCO, delete is not allowed
06:48:51.0047 0x05e4  circlass ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
06:48:51.0063 0x05e4  CLFS - ok
06:48:51.0078 0x05e4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:48:51.0078 0x05e4  clr_optimization_v2.0.50727_32 - ok
06:48:51.0094 0x05e4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:48:51.0094 0x05e4  clr_optimization_v2.0.50727_64 - ok
06:48:51.0110 0x05e4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:48:51.0141 0x05e4  clr_optimization_v4.0.30319_32 - ok
06:48:51.0141 0x05e4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:48:51.0156 0x05e4  clr_optimization_v4.0.30319_64 - ok
06:48:51.0156 0x05e4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
06:48:51.0156 0x05e4  CmBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0156 0x05e4  Object is SCO, delete is not allowed
06:48:51.0156 0x05e4  CmBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0156 0x05e4  Force sending object to P2P due to detect: CmBatt
06:48:51.0172 0x05e4  Object send P2P result: false
06:48:51.0172 0x05e4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:48:51.0172 0x05e4  cmdide - ok
06:48:51.0188 0x05e4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
06:48:51.0203 0x05e4  CNG - ok
06:48:51.0219 0x05e4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
06:48:51.0219 0x05e4  Compbatt - ok
06:48:51.0219 0x05e4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
06:48:51.0219 0x05e4  CompositeBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0219 0x05e4  CompositeBus ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0219 0x05e4  Force sending object to P2P due to detect: CompositeBus
06:48:51.0234 0x05e4  Object send P2P result: false
06:48:51.0234 0x05e4  COMSysApp - ok
06:48:51.0234 0x05e4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
06:48:51.0234 0x05e4  crcdisk - ok
06:48:51.0250 0x05e4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:48:51.0250 0x05e4  CryptSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0250 0x05e4  CryptSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0266 0x05e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:48:51.0281 0x05e4  DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0281 0x05e4  Object is SCO, delete is not allowed
06:48:51.0281 0x05e4  DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0281 0x05e4  Force sending object to P2P due to detect: DcomLaunch
06:48:51.0281 0x05e4  Object send P2P result: false
06:48:51.0297 0x05e4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
06:48:51.0297 0x05e4  defragsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0297 0x05e4  defragsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0312 0x05e4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:48:51.0312 0x05e4  DfsC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0312 0x05e4  Object is SCO, delete is not allowed
06:48:51.0312 0x05e4  DfsC ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0328 0x05e4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:48:51.0328 0x05e4  Dhcp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0328 0x05e4  Dhcp ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
06:48:51.0344 0x05e4  discache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0344 0x05e4  discache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
06:48:51.0359 0x05e4  Disk - ok
06:48:51.0359 0x05e4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:48:51.0375 0x05e4  Dnscache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0375 0x05e4  Object is SCO, delete is not allowed
06:48:51.0375 0x05e4  Dnscache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0375 0x05e4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:48:51.0390 0x05e4  dot3svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4  Object is SCO, delete is not allowed
06:48:51.0390 0x05e4  dot3svc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0390 0x05e4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
06:48:51.0390 0x05e4  DPS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4  Object is SCO, delete is not allowed
06:48:51.0390 0x05e4  DPS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0406 0x05e4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:48:51.0406 0x05e4  drmkaud - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0406 0x05e4  drmkaud ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0422 0x05e4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:48:51.0453 0x05e4  DXGKrnl - ok
06:48:51.0453 0x05e4  EagleX64 - ok
06:48:51.0468 0x05e4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
06:48:51.0468 0x05e4  EapHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0468 0x05e4  Object is SCO, delete is not allowed
06:48:51.0468 0x05e4  EapHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0593 0x05e4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
06:48:51.0671 0x05e4  ebdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0671 0x05e4  ebdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0687 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
06:48:51.0687 0x05e4  EFS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0687 0x05e4  Object is SCO, delete is not allowed
06:48:51.0687 0x05e4  EFS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0702 0x05e4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
06:48:51.0718 0x05e4  ehRecvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0718 0x05e4  Object is SCO, delete is not allowed
06:48:51.0718 0x05e4  ehRecvr ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0734 0x05e4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
06:48:51.0734 0x05e4  ehSched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0734 0x05e4  Object is SCO, delete is not allowed
06:48:51.0734 0x05e4  ehSched ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0749 0x05e4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
06:48:51.0765 0x05e4  elxstor - ok
06:48:51.0765 0x05e4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:48:51.0765 0x05e4  ErrDev - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0765 0x05e4  Object is SCO, delete is not allowed
06:48:51.0765 0x05e4  ErrDev ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0780 0x05e4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
06:48:51.0796 0x05e4  EventSystem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0796 0x05e4  EventSystem ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
06:48:51.0812 0x05e4  exfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0812 0x05e4  Object is SCO, delete is not allowed
06:48:51.0812 0x05e4  exfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4  Force sending object to P2P due to detect: exfat
06:48:51.0812 0x05e4  Object send P2P result: false
06:48:51.0827 0x05e4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:48:51.0827 0x05e4  fastfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0827 0x05e4  Object is SCO, delete is not allowed
06:48:51.0827 0x05e4  fastfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0827 0x05e4  Force sending object to P2P due to detect: fastfat
06:48:51.0827 0x05e4  Object send P2P result: false
06:48:51.0843 0x05e4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
06:48:51.0858 0x05e4  Fax - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0858 0x05e4  Object is SCO, delete is not allowed
06:48:51.0858 0x05e4  Fax ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
06:48:51.0874 0x05e4  fdc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4  Object is SCO, delete is not allowed
06:48:51.0874 0x05e4  fdc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
06:48:51.0874 0x05e4  fdPHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4  Object is SCO, delete is not allowed
06:48:51.0874 0x05e4  fdPHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
06:48:51.0890 0x05e4  FDResPub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0890 0x05e4  Object is SCO, delete is not allowed
06:48:51.0890 0x05e4  FDResPub ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0890 0x05e4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:48:51.0890 0x05e4  FileInfo - ok
06:48:51.0905 0x05e4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:48:51.0905 0x05e4  Filetrace - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4  Object is SCO, delete is not allowed
06:48:51.0905 0x05e4  Filetrace ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
06:48:51.0905 0x05e4  flpydisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4  Object is SCO, delete is not allowed
06:48:51.0905 0x05e4  flpydisk ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4  Force sending object to P2P due to detect: flpydisk
06:48:51.0905 0x05e4  Object send P2P result: false
06:48:51.0921 0x05e4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:48:51.0936 0x05e4  FltMgr - ok
06:48:51.0936 0x05e4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:48:51.0936 0x05e4  FontCache3.0.0.0 - ok
06:48:51.0952 0x05e4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:48:51.0952 0x05e4  FsDepends - ok
06:48:51.0952 0x05e4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:48:51.0968 0x05e4  Fs_Rec - ok
06:48:51.0968 0x05e4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:48:51.0983 0x05e4  fvevol - ok
06:48:51.0999 0x05e4  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
06:48:52.0014 0x05e4  FWLANUSB - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0014 0x05e4  FWLANUSB ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0014 0x05e4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
06:48:52.0014 0x05e4  gagp30kx - ok
06:48:52.0046 0x05e4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
06:48:52.0061 0x05e4  gpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0061 0x05e4  Object is SCO, delete is not allowed
06:48:52.0061 0x05e4  gpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0061 0x05e4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:48:52.0077 0x05e4  hcw85cir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0077 0x05e4  hcw85cir ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0077 0x05e4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:48:52.0092 0x05e4  HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0092 0x05e4  HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0092 0x05e4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
06:48:52.0108 0x05e4  HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4  Object is SCO, delete is not allowed
06:48:52.0108 0x05e4  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
06:48:52.0108 0x05e4  HidBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4  HidBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
06:48:52.0124 0x05e4  HidBth - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4  Object is SCO, delete is not allowed
06:48:52.0124 0x05e4  HidBth ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
06:48:52.0124 0x05e4  HidIr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4  Object is SCO, delete is not allowed
06:48:52.0124 0x05e4  HidIr ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
06:48:52.0124 0x05e4  hidserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4  Object is SCO, delete is not allowed
06:48:52.0124 0x05e4  hidserv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
06:48:52.0139 0x05e4  HidUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0139 0x05e4  Object is SCO, delete is not allowed
06:48:52.0139 0x05e4  HidUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4  Force sending object to P2P due to detect: HidUsb
06:48:52.0139 0x05e4  Object send P2P result: false
06:48:52.0139 0x05e4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:48:52.0155 0x05e4  hkmsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0155 0x05e4  Object is SCO, delete is not allowed
06:48:52.0155 0x05e4  hkmsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0155 0x05e4  Force sending object to P2P due to detect: hkmsvc
06:48:52.0155 0x05e4  Object send P2P result: false
06:48:52.0155 0x05e4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:48:52.0170 0x05e4  HomeGroupListener - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0170 0x05e4  HomeGroupListener ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0170 0x05e4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:48:52.0170 0x05e4  HomeGroupProvider - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0186 0x05e4  HomeGroupProvider ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0186 0x05e4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:48:52.0186 0x05e4  HpSAMD - ok
06:48:52.0202 0x05e4  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
06:48:52.0202 0x05e4  HTCAND64 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0202 0x05e4  HTCAND64 ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0217 0x05e4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:48:52.0233 0x05e4  HTTP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0233 0x05e4  Object is SCO, delete is not allowed
06:48:52.0233 0x05e4  HTTP ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0248 0x05e4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:48:52.0248 0x05e4  hwpolicy - ok
06:48:52.0248 0x05e4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
06:48:52.0264 0x05e4  i8042prt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0264 0x05e4  Object is SCO, delete is not allowed
06:48:52.0264 0x05e4  i8042prt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0264 0x05e4  Force sending object to P2P due to detect: i8042prt
06:48:52.0264 0x05e4  Object send P2P result: false
06:48:52.0264 0x05e4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:48:52.0280 0x05e4  iaStorV - ok
06:48:52.0311 0x05e4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:48:52.0326 0x05e4  idsvc - ok
06:48:52.0342 0x05e4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
06:48:52.0342 0x05e4  iirsp - ok
06:48:52.0373 0x05e4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
06:48:52.0389 0x05e4  IKEEXT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0389 0x05e4  Object is SCO, delete is not allowed
06:48:52.0389 0x05e4  IKEEXT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0482 0x05e4  [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:48:52.0592 0x05e4  IntcAzAudAddService - ok
06:48:52.0592 0x05e4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
06:48:52.0607 0x05e4  intelide - ok
06:48:52.0607 0x05e4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:48:52.0607 0x05e4  intelppm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0607 0x05e4  Object is SCO, delete is not allowed
06:48:52.0607 0x05e4  intelppm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0607 0x05e4  Force sending object to P2P due to detect: intelppm
06:48:52.0607 0x05e4  Object send P2P result: false
06:48:52.0607 0x05e4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
06:48:52.0623 0x05e4  IPBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4  Object is SCO, delete is not allowed
06:48:52.0623 0x05e4  IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4  Force sending object to P2P due to detect: IPBusEnum
06:48:52.0623 0x05e4  Object send P2P result: false
06:48:52.0623 0x05e4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:48:52.0623 0x05e4  IpFilterDriver - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4  Object is SCO, delete is not allowed
06:48:52.0623 0x05e4  IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4  Force sending object to P2P due to detect: IpFilterDriver
06:48:52.0623 0x05e4  Object send P2P result: false
06:48:52.0638 0x05e4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:48:52.0654 0x05e4  iphlpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0654 0x05e4  Object is SCO, delete is not allowed
06:48:52.0654 0x05e4  iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
06:48:52.0670 0x05e4  IPMIDRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0670 0x05e4  Object is SCO, delete is not allowed
06:48:52.0670 0x05e4  IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:48:52.0685 0x05e4  IPNAT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4  Object is SCO, delete is not allowed
06:48:52.0685 0x05e4  IPNAT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:48:52.0685 0x05e4  IRENUM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4  Object is SCO, delete is not allowed
06:48:52.0685 0x05e4  IRENUM ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4  Force sending object to P2P due to detect: IRENUM
06:48:52.0685 0x05e4  Object send P2P result: false
06:48:52.0685 0x05e4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:48:52.0701 0x05e4  isapnp - ok
06:48:52.0701 0x05e4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:48:52.0716 0x05e4  iScsiPrt - ok
06:48:52.0716 0x05e4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
06:48:52.0732 0x05e4  kbdclass - ok
06:48:52.0732 0x05e4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
06:48:52.0732 0x05e4  kbdhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0732 0x05e4  Object is SCO, delete is not allowed
06:48:52.0732 0x05e4  kbdhid ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0732 0x05e4  Force sending object to P2P due to detect: kbdhid
06:48:52.0732 0x05e4  Object send P2P result: false
06:48:52.0732 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
06:48:52.0748 0x05e4  KeyIso - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0748 0x05e4  Object is SCO, delete is not allowed
06:48:52.0748 0x05e4  KeyIso ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0748 0x05e4  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:48:52.0748 0x05e4  KSecDD - ok
06:48:52.0763 0x05e4  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:48:52.0763 0x05e4  KSecPkg - ok
06:48:52.0779 0x05e4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
06:48:52.0779 0x05e4  ksthunk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0779 0x05e4  ksthunk ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0794 0x05e4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:48:52.0794 0x05e4  KtmRm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0794 0x05e4  Object is SCO, delete is not allowed
06:48:52.0794 0x05e4  KtmRm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
06:48:52.0810 0x05e4  LanmanServer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0810 0x05e4  Object is SCO, delete is not allowed
06:48:52.0810 0x05e4  LanmanServer ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4  Force sending object to P2P due to detect: LanmanServer
06:48:52.0810 0x05e4  Object send P2P result: false
06:48:52.0826 0x05e4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:48:52.0826 0x05e4  LanmanWorkstation - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0826 0x05e4  Object is SCO, delete is not allowed
06:48:52.0826 0x05e4  LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0826 0x05e4  Force sending object to P2P due to detect: LanmanWorkstation
06:48:52.0826 0x05e4  Object send P2P result: false
06:48:52.0826 0x05e4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:48:52.0841 0x05e4  lltdio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0841 0x05e4  Object is SCO, delete is not allowed
06:48:52.0841 0x05e4  lltdio ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0841 0x05e4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:48:52.0857 0x05e4  lltdsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4  Object is SCO, delete is not allowed
06:48:52.0857 0x05e4  lltdsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0857 0x05e4  Force sending object to P2P due to detect: lltdsvc
06:48:52.0857 0x05e4  Object send P2P result: false
06:48:52.0857 0x05e4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:48:52.0857 0x05e4  lmhosts - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4  Object is SCO, delete is not allowed
06:48:52.0857 0x05e4  lmhosts ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0872 0x05e4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
06:48:52.0872 0x05e4  LSI_FC - ok
06:48:52.0888 0x05e4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
06:48:52.0888 0x05e4  LSI_SAS - ok
06:48:52.0904 0x05e4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:48:52.0904 0x05e4  LSI_SAS2 - ok
06:48:52.0904 0x05e4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:48:52.0919 0x05e4  LSI_SCSI - ok
06:48:52.0919 0x05e4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
06:48:52.0919 0x05e4  luafv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0935 0x05e4  Object is SCO, delete is not allowed
06:48:52.0935 0x05e4  luafv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0935 0x05e4  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
06:48:52.0950 0x05e4  LVRS64 - ok
06:48:52.0950 0x05e4  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
06:48:52.0966 0x05e4  MBfilt - ok
06:48:52.0966 0x05e4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
06:48:52.0982 0x05e4  Mcx2Svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0982 0x05e4  Object is SCO, delete is not allowed
06:48:52.0982 0x05e4  Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0982 0x05e4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
06:48:52.0982 0x05e4  megasas - ok
06:48:52.0997 0x05e4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
06:48:53.0013 0x05e4  MegaSR - ok
06:48:53.0013 0x05e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
06:48:53.0013 0x05e4  MMCSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0013 0x05e4  Object is SCO, delete is not allowed
06:48:53.0013 0x05e4  MMCSS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0013 0x05e4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
06:48:53.0028 0x05e4  Modem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4  Object is SCO, delete is not allowed
06:48:53.0028 0x05e4  Modem ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
06:48:53.0028 0x05e4  monitor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4  Object is SCO, delete is not allowed
06:48:53.0028 0x05e4  monitor ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4  Force sending object to P2P due to detect: monitor
06:48:53.0028 0x05e4  Object send P2P result: false
06:48:53.0028 0x05e4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
06:48:53.0044 0x05e4  mouclass - ok
06:48:53.0044 0x05e4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:48:53.0044 0x05e4  mouhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0044 0x05e4  Object is SCO, delete is not allowed
06:48:53.0044 0x05e4  mouhid ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0044 0x05e4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:48:53.0060 0x05e4  mountmgr - ok
06:48:53.0060 0x05e4  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:48:53.0075 0x05e4  MozillaMaintenance - ok
06:48:53.0091 0x05e4  [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
06:48:53.0091 0x05e4  MpFilter - ok
06:48:53.0106 0x05e4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
06:48:53.0106 0x05e4  mpio - ok
06:48:53.0122 0x05e4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:48:53.0122 0x05e4  mpsdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0122 0x05e4  Object is SCO, delete is not allowed
06:48:53.0122 0x05e4  mpsdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0138 0x05e4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:48:53.0169 0x05e4  MpsSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0169 0x05e4  Object is SCO, delete is not allowed
06:48:53.0169 0x05e4  MpsSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0169 0x05e4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:48:53.0169 0x05e4  MRxDAV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4  Object is SCO, delete is not allowed
06:48:53.0184 0x05e4  MRxDAV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0184 0x05e4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:48:53.0184 0x05e4  mrxsmb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4  Object is SCO, delete is not allowed
06:48:53.0184 0x05e4  mrxsmb ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0200 0x05e4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:48:53.0200 0x05e4  mrxsmb10 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0200 0x05e4  Object is SCO, delete is not allowed
06:48:53.0200 0x05e4  mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:48:53.0216 0x05e4  mrxsmb20 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0216 0x05e4  Object is SCO, delete is not allowed
06:48:53.0216 0x05e4  mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4  Force sending object to P2P due to detect: mrxsmb20
06:48:53.0216 0x05e4  Object send P2P result: false
06:48:53.0216 0x05e4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
06:48:53.0231 0x05e4  msahci - ok
06:48:53.0231 0x05e4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
06:48:53.0247 0x05e4  msdsm - ok
06:48:53.0247 0x05e4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
06:48:53.0262 0x05e4  MSDTC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4  Object is SCO, delete is not allowed
06:48:53.0262 0x05e4  MSDTC ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:48:53.0262 0x05e4  Msfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4  Object is SCO, delete is not allowed
06:48:53.0262 0x05e4  Msfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4  Force sending object to P2P due to detect: Msfs
06:48:53.0262 0x05e4  Object send P2P result: false
06:48:53.0262 0x05e4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:48:53.0262 0x05e4  mshidkmdf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4  mshidkmdf ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0278 0x05e4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:48:53.0278 0x05e4  msisadrv - ok
06:48:53.0294 0x05e4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:48:53.0294 0x05e4  MSiSCSI - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4  Object is SCO, delete is not allowed
06:48:53.0294 0x05e4  MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0294 0x05e4  msiserver - ok
06:48:53.0294 0x05e4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:48:53.0294 0x05e4  MSKSSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4  Object is SCO, delete is not allowed
06:48:53.0294 0x05e4  MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0294 0x05e4  Force sending object to P2P due to detect: MSKSSRV
06:48:53.0309 0x05e4  Object send P2P result: false
06:48:53.0309 0x05e4  [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
06:48:53.0309 0x05e4  MsMpSvc - ok
06:48:53.0309 0x05e4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:48:53.0325 0x05e4  MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4  Object is SCO, delete is not allowed
06:48:53.0325 0x05e4  MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4  Force sending object to P2P due to detect: MSPCLOCK
06:48:53.0325 0x05e4  Object send P2P result: false
06:48:53.0325 0x05e4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:48:53.0325 0x05e4  MSPQM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4  Object is SCO, delete is not allowed
06:48:53.0325 0x05e4  MSPQM ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4  Force sending object to P2P due to detect: MSPQM
06:48:53.0325 0x05e4  Object send P2P result: false
06:48:53.0340 0x05e4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:48:53.0356 0x05e4  MsRPC - ok
06:48:53.0356 0x05e4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
06:48:53.0356 0x05e4  mssmbios - ok
06:48:53.0356 0x05e4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:48:53.0372 0x05e4  MSTEE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4  Object is SCO, delete is not allowed
06:48:53.0372 0x05e4  MSTEE ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
06:48:53.0372 0x05e4  MTConfig - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4  MTConfig ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
06:48:53.0387 0x05e4  Mup - ok
06:48:53.0403 0x05e4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
06:48:53.0418 0x05e4  napagent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0418 0x05e4  Object is SCO, delete is not allowed
06:48:53.0418 0x05e4  napagent ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0418 0x05e4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:48:53.0434 0x05e4  NativeWifiP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0434 0x05e4  Object is SCO, delete is not allowed
06:48:53.0434 0x05e4  NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0450 0x05e4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:48:53.0481 0x05e4  NDIS - ok
06:48:53.0481 0x05e4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:48:53.0496 0x05e4  NdisCap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4  NdisCap ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4  Force sending object to P2P due to detect: NdisCap
06:48:53.0496 0x05e4  Object send P2P result: false
06:48:53.0496 0x05e4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:48:53.0496 0x05e4  NdisTapi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4  Object is SCO, delete is not allowed
06:48:53.0496 0x05e4  NdisTapi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:48:53.0512 0x05e4  Ndisuio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4  Object is SCO, delete is not allowed
06:48:53.0512 0x05e4  Ndisuio ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0512 0x05e4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:48:53.0512 0x05e4  NdisWan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4  Object is SCO, delete is not allowed
06:48:53.0512 0x05e4  NdisWan ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:48:53.0528 0x05e4  NDProxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4  Object is SCO, delete is not allowed
06:48:53.0528 0x05e4  NDProxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:48:53.0528 0x05e4  NetBIOS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4  Object is SCO, delete is not allowed
06:48:53.0528 0x05e4  NetBIOS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0543 0x05e4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:48:53.0543 0x05e4  NetBT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0543 0x05e4  Object is SCO, delete is not allowed
06:48:53.0543 0x05e4  NetBT ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
06:48:53.0559 0x05e4  Netlogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0559 0x05e4  Object is SCO, delete is not allowed
06:48:53.0559 0x05e4  Netlogon ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4  Force sending object to P2P due to detect: Netlogon
06:48:53.0559 0x05e4  Object send P2P result: false
06:48:53.0559 0x05e4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
06:48:53.0574 0x05e4  Netman - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0574 0x05e4  Netman ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0590 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0590 0x05e4  NetMsmqActivator - ok
06:48:53.0606 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0606 0x05e4  NetPipeActivator - ok
06:48:53.0621 0x05e4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
06:48:53.0637 0x05e4  netprofm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0637 0x05e4  Object is SCO, delete is not allowed
06:48:53.0637 0x05e4  netprofm ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0637 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0652 0x05e4  NetTcpActivator - ok
06:48:53.0652 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0668 0x05e4  NetTcpPortSharing - ok
06:48:53.0668 0x05e4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
06:48:53.0684 0x05e4  nfrd960 - ok
06:48:53.0684 0x05e4  [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
06:48:53.0699 0x05e4  NisDrv - ok
06:48:53.0699 0x05e4  [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
06:48:53.0730 0x05e4  NisSrv - ok
06:48:53.0730 0x05e4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:48:53.0746 0x05e4  NlaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4  Object is SCO, delete is not allowed
06:48:53.0746 0x05e4  NlaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0746 0x05e4  Force sending object to P2P due to detect: NlaSvc
06:48:53.0746 0x05e4  Object send P2P result: false
06:48:53.0746 0x05e4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:48:53.0746 0x05e4  Npfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4  Object is SCO, delete is not allowed
06:48:53.0746 0x05e4  Npfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
06:48:53.0762 0x05e4  nsi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4  Object is SCO, delete is not allowed
06:48:53.0762 0x05e4  nsi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:48:53.0762 0x05e4  nsiproxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4  Object is SCO, delete is not allowed
06:48:53.0762 0x05e4  nsiproxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0808 0x05e4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:48:53.0855 0x05e4  Ntfs - ok
06:48:53.0855 0x05e4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
06:48:53.0855 0x05e4  Null - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0855 0x05e4  Object is SCO, delete is not allowed
06:48:53.0855 0x05e4  Null ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0855 0x05e4  Force sending object to P2P due to detect: Null
06:48:53.0855 0x05e4  Object send P2P result: false
06:48:53.0855 0x05e4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:48:53.0871 0x05e4  nvraid - ok
06:48:53.0886 0x05e4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:48:53.0886 0x05e4  nvstor - ok
06:48:53.0902 0x05e4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:48:53.0902 0x05e4  nv_agp - ok
06:48:53.0902 0x05e4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:48:53.0918 0x05e4  ohci1394 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0918 0x05e4  Object is SCO, delete is not allowed
06:48:53.0918 0x05e4  ohci1394 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0918 0x05e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:48:53.0933 0x05e4  p2pimsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0933 0x05e4  p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0949 0x05e4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
06:48:53.0964 0x05e4  p2psvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4  Object is SCO, delete is not allowed
06:48:53.0964 0x05e4  p2psvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
06:48:53.0964 0x05e4  Parport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4  Object is SCO, delete is not allowed
06:48:53.0964 0x05e4  Parport ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:48:53.0980 0x05e4  partmgr - ok
06:48:53.0980 0x05e4  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
06:48:53.0996 0x05e4  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0996 0x05e4  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0996 0x05e4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:48:54.0011 0x05e4  PcaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0011 0x05e4  Object is SCO, delete is not allowed
06:48:54.0011 0x05e4  PcaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0011 0x05e4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
06:48:54.0027 0x05e4  pci - ok
06:48:54.0027 0x05e4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
06:48:54.0027 0x05e4  pciide - ok
06:48:54.0042 0x05e4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
06:48:54.0058 0x05e4  pcmcia - ok
06:48:54.0058 0x05e4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
06:48:54.0074 0x05e4  pcw - ok
06:48:54.0089 0x05e4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:48:54.0105 0x05e4  PEAUTH - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0105 0x05e4  Object is SCO, delete is not allowed
06:48:54.0105 0x05e4  PEAUTH ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0105 0x05e4  Force sending object to P2P due to detect: PEAUTH
06:48:54.0105 0x05e4  Object send P2P result: false
06:48:54.0120 0x05e4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
06:48:54.0136 0x05e4  PerfHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0136 0x05e4  PerfHost ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0167 0x05e4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
06:48:54.0198 0x05e4  pla - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0198 0x05e4  Object is SCO, delete is not allowed
06:48:54.0198 0x05e4  pla ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0198 0x05e4  Force sending object to P2P due to detect: pla
06:48:54.0214 0x05e4  Object send P2P result: false
06:48:54.0230 0x05e4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:48:54.0230 0x05e4  PlugPlay - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0230 0x05e4  Object is SCO, delete is not allowed
06:48:54.0230 0x05e4  PlugPlay ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:48:54.0245 0x05e4  PNRPAutoReg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0245 0x05e4  PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:48:54.0261 0x05e4  PNRPsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0261 0x05e4  PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0276 0x05e4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:48:54.0292 0x05e4  PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0292 0x05e4  Object is SCO, delete is not allowed
06:48:54.0292 0x05e4  PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0292 0x05e4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
06:48:54.0308 0x05e4  Power - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4  Power ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0308 0x05e4  Force sending object to P2P due to detect: Power
06:48:54.0308 0x05e4  Object send P2P result: false
06:48:54.0308 0x05e4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:48:54.0308 0x05e4  PptpMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4  Object is SCO, delete is not allowed
06:48:54.0308 0x05e4  PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
06:48:54.0323 0x05e4  Processor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0323 0x05e4  Object is SCO, delete is not allowed
06:48:54.0323 0x05e4  Processor ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4  Force sending object to P2P due to detect: Processor
06:48:54.0323 0x05e4  Object send P2P result: false
06:48:54.0323 0x05e4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
06:48:54.0339 0x05e4  ProfSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4  Object is SCO, delete is not allowed
06:48:54.0339 0x05e4  ProfSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0339 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:48:54.0339 0x05e4  ProtectedStorage - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4  Object is SCO, delete is not allowed
06:48:54.0339 0x05e4  ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:48:54.0354 0x05e4  Psched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0354 0x05e4  Object is SCO, delete is not allowed
06:48:54.0354 0x05e4  Psched ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
06:48:54.0370 0x05e4  PxHlpa64 - ok
06:48:54.0401 0x05e4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
06:48:54.0448 0x05e4  ql2300 - ok
06:48:54.0448 0x05e4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
06:48:54.0464 0x05e4  ql40xx - ok
06:48:54.0464 0x05e4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
06:48:54.0479 0x05e4  QWAVE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4  Object is SCO, delete is not allowed
06:48:54.0479 0x05e4  QWAVE ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:48:54.0479 0x05e4  QWAVEdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4  Object is SCO, delete is not allowed
06:48:54.0479 0x05e4  QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:48:54.0495 0x05e4  RasAcd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4  Object is SCO, delete is not allowed
06:48:54.0495 0x05e4  RasAcd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
06:48:54.0495 0x05e4  RasAgileVpn - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4  RasAgileVpn ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
06:48:54.0510 0x05e4  RasAuto - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4  Object is SCO, delete is not allowed
06:48:54.0510 0x05e4  RasAuto ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0510 0x05e4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
06:48:54.0510 0x05e4  Rasl2tp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4  Object is SCO, delete is not allowed
06:48:54.0510 0x05e4  Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0526 0x05e4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
06:48:54.0542 0x05e4  RasMan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4  Object is SCO, delete is not allowed
06:48:54.0542 0x05e4  RasMan ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0542 0x05e4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:48:54.0542 0x05e4  RasPppoe - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4  Object is SCO, delete is not allowed
06:48:54.0542 0x05e4  RasPppoe ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
06:48:54.0557 0x05e4  RasSstp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0557 0x05e4  Object is SCO, delete is not allowed
06:48:54.0557 0x05e4  RasSstp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:48:54.0573 0x05e4  rdbss - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0573 0x05e4  Object is SCO, delete is not allowed
06:48:54.0573 0x05e4  rdbss ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0573 0x05e4  Force sending object to P2P due to detect: rdbss
06:48:54.0573 0x05e4  Object send P2P result: false
06:48:54.0573 0x05e4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
06:48:54.0588 0x05e4  rdpbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4  rdpbus ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:48:54.0588 0x05e4  RDPCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4  Object is SCO, delete is not allowed
06:48:54.0588 0x05e4  RDPCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:48:54.0588 0x05e4  RDPENCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4  Object is SCO, delete is not allowed
06:48:54.0588 0x05e4  RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:48:54.0604 0x05e4  RDPREFMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4  RDPREFMP ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:48:54.0604 0x05e4  RdpVideoMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4  RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0620 0x05e4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
06:48:54.0620 0x05e4  RDPWD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0620 0x05e4  Object is SCO, delete is not allowed
06:48:54.0620 0x05e4  RDPWD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0635 0x05e4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:48:54.0635 0x05e4  rdyboost - ok
06:48:54.0651 0x05e4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:48:54.0651 0x05e4  RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0651 0x05e4  Object is SCO, delete is not allowed
06:48:54.0651 0x05e4  RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0651 0x05e4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:48:54.0666 0x05e4  RemoteRegistry - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4  RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:48:54.0666 0x05e4  RpcEptMapper - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4  RpcEptMapper ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4  Force sending object to P2P due to detect: RpcEptMapper
06:48:54.0666 0x05e4  Object send P2P result: false
06:48:54.0682 0x05e4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
06:48:54.0682 0x05e4  RpcLocator - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0682 0x05e4  RpcLocator ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0682 0x05e4  Force sending object to P2P due to detect: RpcLocator
06:48:54.0682 0x05e4  Object send P2P result: false
06:48:54.0698 0x05e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
06:48:54.0698 0x05e4  RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0698 0x05e4  Object is SCO, delete is not allowed
06:48:54.0698 0x05e4  RpcSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:48:54.0713 0x05e4  rspndr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4  Object is SCO, delete is not allowed
06:48:54.0713 0x05e4  rspndr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
06:48:54.0713 0x05e4  SamSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4  Object is SCO, delete is not allowed
06:48:54.0713 0x05e4  SamSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4  Force sending object to P2P due to detect: SamSs
06:48:54.0713 0x05e4  Object send P2P result: false
06:48:54.0729 0x05e4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:48:54.0729 0x05e4  sbp2port - ok
06:48:54.0744 0x05e4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:48:54.0744 0x05e4  SCardSvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0744 0x05e4  Object is SCO, delete is not allowed
06:48:54.0744 0x05e4  SCardSvr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0760 0x05e4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:48:54.0760 0x05e4  scfilter - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0760 0x05e4  scfilter ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0791 0x05e4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
06:48:54.0822 0x05e4  Schedule - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4  Schedule ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0822 0x05e4  Force sending object to P2P due to detect: Schedule
06:48:54.0822 0x05e4  Object send P2P result: false
06:48:54.0822 0x05e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:48:54.0822 0x05e4  SCPolicySvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4  Object is SCO, delete is not allowed
06:48:54.0822 0x05e4  SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:48:54.0838 0x05e4  SDRSVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0838 0x05e4  Object is SCO, delete is not allowed
06:48:54.0838 0x05e4  SDRSVC ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:48:54.0838 0x05e4  secdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4  secdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
06:48:54.0854 0x05e4  seclogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4  Object is SCO, delete is not allowed
06:48:54.0854 0x05e4  seclogon ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
06:48:54.0854 0x05e4  SENS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4  Object is SCO, delete is not allowed
06:48:54.0854 0x05e4  SENS ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:48:54.0869 0x05e4  SensrSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4  SensrSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
06:48:54.0869 0x05e4  Serenum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4  Object is SCO, delete is not allowed
06:48:54.0869 0x05e4  Serenum ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
06:48:54.0885 0x05e4  Serial - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4  Object is SCO, delete is not allowed
06:48:54.0885 0x05e4  Serial ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
06:48:54.0885 0x05e4  sermouse - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4  Object is SCO, delete is not allowed
06:48:54.0885 0x05e4  sermouse ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4  Force sending object to P2P due to detect: sermouse
06:48:54.0885 0x05e4  Object send P2P result: false
06:48:54.0900 0x05e4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
06:48:54.0900 0x05e4  SessionEnv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0900 0x05e4  Object is SCO, delete is not allowed
06:48:54.0900 0x05e4  SessionEnv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0900 0x05e4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
06:48:54.0900 0x05e4  sffdisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4  Object is SCO, delete is not allowed
06:48:54.0916 0x05e4  sffdisk ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:48:54.0916 0x05e4  sffp_mmc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4  Object is SCO, delete is not allowed
06:48:54.0916 0x05e4  sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
06:48:54.0916 0x05e4  sffp_sd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4  Object is SCO, delete is not allowed
06:48:54.0916 0x05e4  sffp_sd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
06:48:54.0932 0x05e4  sfloppy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0932 0x05e4  Object is SCO, delete is not allowed
06:48:54.0932 0x05e4  sfloppy ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0932 0x05e4  Force sending object to P2P due to detect: sfloppy
06:48:54.0932 0x05e4  Object send P2P result: false
06:48:54.0932 0x05e4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:48:54.0947 0x05e4  SharedAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0947 0x05e4  Object is SCO, delete is not allowed
06:48:54.0947 0x05e4  SharedAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0963 0x05e4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:48:54.0963 0x05e4  ShellHWDetection - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0963 0x05e4  ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0978 0x05e4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:48:54.0978 0x05e4  SiSRaid2 - ok
06:48:54.0978 0x05e4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
06:48:54.0994 0x05e4  SiSRaid4 - ok
06:48:55.0056 0x05e4  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
06:48:55.0072 0x05e4  SkypeUpdate - ok
06:48:55.0072 0x05e4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
06:48:55.0072 0x05e4  Smb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0072 0x05e4  Object is SCO, delete is not allowed
06:48:55.0072 0x05e4  Smb ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0072 0x05e4  Force sending object to P2P due to detect: Smb
06:48:55.0072 0x05e4  Object send P2P result: false
06:48:55.0088 0x05e4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:48:55.0088 0x05e4  SNMPTRAP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0088 0x05e4  Object is SCO, delete is not allowed
06:48:55.0088 0x05e4  SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0088 0x05e4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
06:48:55.0088 0x05e4  spldr - ok
06:48:55.0103 0x05e4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
06:48:55.0119 0x05e4  Spooler - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0119 0x05e4  Spooler ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0197 0x05e4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
06:48:55.0290 0x05e4  sppsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0290 0x05e4  sppsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0290 0x05e4  Force sending object to P2P due to detect: sppsvc
06:48:55.0306 0x05e4  Object send P2P result: false
06:48:55.0306 0x05e4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
06:48:55.0306 0x05e4  sppuinotify - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0306 0x05e4  sppuinotify ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0306 0x05e4  Force sending object to P2P due to detect: sppuinotify
06:48:55.0306 0x05e4  Object send P2P result: false
06:48:55.0306 0x05e4  sptd - ok
06:48:55.0322 0x05e4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:48:55.0337 0x05e4  srv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0337 0x05e4  Object is SCO, delete is not allowed
06:48:55.0337 0x05e4  srv ( UnsignedFile.Multi.Generic ) - warning
         

Alt 27.04.2015, 06:10   #8
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



2ter Teil:
Code:
ATTFilter
06:48:55.0353 0x05e4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:48:55.0368 0x05e4  srv2 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0368 0x05e4  Object is SCO, delete is not allowed
06:48:55.0368 0x05e4  srv2 ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0368 0x05e4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:48:55.0384 0x05e4  srvnet - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0384 0x05e4  Object is SCO, delete is not allowed
06:48:55.0384 0x05e4  srvnet ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0384 0x05e4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:48:55.0400 0x05e4  SSDPSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4  SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0400 0x05e4  Force sending object to P2P due to detect: SSDPSRV
06:48:55.0400 0x05e4  Object send P2P result: false
06:48:55.0400 0x05e4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:48:55.0400 0x05e4  SstpSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4  Object is SCO, delete is not allowed
06:48:55.0400 0x05e4  SstpSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0415 0x05e4  [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
06:48:55.0431 0x05e4  Steam Client Service - ok
06:48:55.0446 0x05e4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
06:48:55.0446 0x05e4  stexstor - ok
06:48:55.0462 0x05e4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
06:48:55.0478 0x05e4  stisvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0478 0x05e4  Object is SCO, delete is not allowed
06:48:55.0478 0x05e4  stisvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0478 0x05e4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
06:48:55.0493 0x05e4  swenum - ok
06:48:55.0509 0x05e4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
06:48:55.0524 0x05e4  swprv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0524 0x05e4  Object is SCO, delete is not allowed
06:48:55.0524 0x05e4  swprv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0524 0x05e4  Force sending object to P2P due to detect: swprv
06:48:55.0524 0x05e4  Object send P2P result: false
06:48:55.0556 0x05e4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
06:48:55.0602 0x05e4  SysMain - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0602 0x05e4  Object is SCO, delete is not allowed
06:48:55.0602 0x05e4  SysMain ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:48:55.0618 0x05e4  TabletInputService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0618 0x05e4  Object is SCO, delete is not allowed
06:48:55.0618 0x05e4  TabletInputService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:48:55.0634 0x05e4  TapiSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0634 0x05e4  TapiSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0634 0x05e4  Force sending object to P2P due to detect: TapiSrv
06:48:55.0634 0x05e4  Object send P2P result: false
06:48:55.0634 0x05e4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
06:48:55.0649 0x05e4  TBS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0649 0x05e4  Object is SCO, delete is not allowed
06:48:55.0649 0x05e4  TBS ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0696 0x05e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:48:55.0743 0x05e4  Tcpip - ok
06:48:55.0774 0x05e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:48:55.0821 0x05e4  TCPIP6 - ok
06:48:55.0836 0x05e4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:48:55.0836 0x05e4  tcpipreg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4  Object is SCO, delete is not allowed
06:48:55.0836 0x05e4  tcpipreg ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0836 0x05e4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:48:55.0836 0x05e4  TDPIPE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4  Object is SCO, delete is not allowed
06:48:55.0836 0x05e4  TDPIPE ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
06:48:55.0852 0x05e4  TDTCP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4  Object is SCO, delete is not allowed
06:48:55.0852 0x05e4  TDTCP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4  Force sending object to P2P due to detect: TDTCP
06:48:55.0852 0x05e4  Object send P2P result: false
06:48:55.0852 0x05e4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:48:55.0852 0x05e4  tdx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4  Object is SCO, delete is not allowed
06:48:55.0852 0x05e4  tdx ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0868 0x05e4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
06:48:55.0868 0x05e4  TermDD - ok
06:48:55.0883 0x05e4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
06:48:55.0899 0x05e4  TermService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0899 0x05e4  Object is SCO, delete is not allowed
06:48:55.0899 0x05e4  TermService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
06:48:55.0914 0x05e4  Themes - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0914 0x05e4  Themes ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
06:48:55.0930 0x05e4  THREADORDER - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4  Object is SCO, delete is not allowed
06:48:55.0930 0x05e4  THREADORDER ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0930 0x05e4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
06:48:55.0930 0x05e4  TrkWks - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4  Object is SCO, delete is not allowed
06:48:55.0930 0x05e4  TrkWks ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:48:55.0946 0x05e4  TrustedInstaller - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0946 0x05e4  Object is SCO, delete is not allowed
06:48:55.0946 0x05e4  TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4  Force sending object to P2P due to detect: TrustedInstaller
06:48:55.0946 0x05e4  Object send P2P result: false
06:48:55.0946 0x05e4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:48:55.0961 0x05e4  tssecsrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4  Object is SCO, delete is not allowed
06:48:55.0961 0x05e4  tssecsrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:48:55.0961 0x05e4  TsUsbFlt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4  TsUsbFlt ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:48:55.0977 0x05e4  tunnel - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0977 0x05e4  Object is SCO, delete is not allowed
06:48:55.0977 0x05e4  tunnel ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0977 0x05e4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
06:48:55.0977 0x05e4  uagp35 - ok
06:48:55.0992 0x05e4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:48:56.0008 0x05e4  udfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4  Object is SCO, delete is not allowed
06:48:56.0008 0x05e4  udfs ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0008 0x05e4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:48:56.0008 0x05e4  UI0Detect - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4  Object is SCO, delete is not allowed
06:48:56.0008 0x05e4  UI0Detect ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0024 0x05e4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:48:56.0024 0x05e4  uliagpkx - ok
06:48:56.0024 0x05e4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
06:48:56.0039 0x05e4  umbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4  Object is SCO, delete is not allowed
06:48:56.0039 0x05e4  umbus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0039 0x05e4  Force sending object to P2P due to detect: umbus
06:48:56.0039 0x05e4  Object send P2P result: false
06:48:56.0039 0x05e4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
06:48:56.0039 0x05e4  UmPass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4  Object is SCO, delete is not allowed
06:48:56.0039 0x05e4  UmPass ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0055 0x05e4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
06:48:56.0055 0x05e4  upnphost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0055 0x05e4  upnphost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
06:48:56.0070 0x05e4  usbaudio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0070 0x05e4  usbaudio ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4  Force sending object to P2P due to detect: usbaudio
06:48:56.0070 0x05e4  Object send P2P result: false
06:48:56.0070 0x05e4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
06:48:56.0086 0x05e4  usbccgp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4  Object is SCO, delete is not allowed
06:48:56.0086 0x05e4  usbccgp ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0086 0x05e4  Force sending object to P2P due to detect: usbccgp
06:48:56.0086 0x05e4  Object send P2P result: false
06:48:56.0086 0x05e4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:48:56.0086 0x05e4  usbcir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4  Object is SCO, delete is not allowed
06:48:56.0086 0x05e4  usbcir ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0102 0x05e4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
06:48:56.0102 0x05e4  usbehci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0102 0x05e4  Object is SCO, delete is not allowed
06:48:56.0102 0x05e4  usbehci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
06:48:56.0117 0x05e4  usbhub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0117 0x05e4  Object is SCO, delete is not allowed
06:48:56.0117 0x05e4  usbhub ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
06:48:56.0133 0x05e4  usbohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4  Object is SCO, delete is not allowed
06:48:56.0133 0x05e4  usbohci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4  Force sending object to P2P due to detect: usbohci
06:48:56.0133 0x05e4  Object send P2P result: false
06:48:56.0133 0x05e4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
06:48:56.0133 0x05e4  usbprint - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4  Object is SCO, delete is not allowed
06:48:56.0133 0x05e4  usbprint ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:48:56.0148 0x05e4  USBSTOR - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4  USBSTOR ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
06:48:56.0148 0x05e4  usbuhci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4  Object is SCO, delete is not allowed
06:48:56.0148 0x05e4  usbuhci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4  Force sending object to P2P due to detect: usbuhci
06:48:56.0148 0x05e4  Object send P2P result: false
06:48:56.0148 0x05e4  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
06:48:56.0148 0x05e4  usb_rndisx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4  usb_rndisx ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
06:48:56.0164 0x05e4  UxSms - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4  Object is SCO, delete is not allowed
06:48:56.0164 0x05e4  UxSms ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
06:48:56.0164 0x05e4  VaultSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4  Object is SCO, delete is not allowed
06:48:56.0164 0x05e4  VaultSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:48:56.0180 0x05e4  vdrvroot - ok
06:48:56.0195 0x05e4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
06:48:56.0211 0x05e4  vds - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4  Object is SCO, delete is not allowed
06:48:56.0211 0x05e4  vds ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
06:48:56.0211 0x05e4  vga - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4  Object is SCO, delete is not allowed
06:48:56.0211 0x05e4  vga ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4  Force sending object to P2P due to detect: vga
06:48:56.0211 0x05e4  Object send P2P result: false
06:48:56.0226 0x05e4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
06:48:56.0226 0x05e4  VgaSave - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0226 0x05e4  Object is SCO, delete is not allowed
06:48:56.0226 0x05e4  VgaSave ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0226 0x05e4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
06:48:56.0242 0x05e4  vhdmp - ok
06:48:56.0242 0x05e4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
06:48:56.0258 0x05e4  viaide - ok
06:48:56.0258 0x05e4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:48:56.0258 0x05e4  volmgr - ok
06:48:56.0273 0x05e4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:48:56.0289 0x05e4  volmgrx - ok
06:48:56.0304 0x05e4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:48:56.0304 0x05e4  volsnap - ok
06:48:56.0320 0x05e4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
06:48:56.0320 0x05e4  vsmraid - ok
06:48:56.0367 0x05e4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
06:48:56.0398 0x05e4  VSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0398 0x05e4  Object is SCO, delete is not allowed
06:48:56.0398 0x05e4  VSS ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0414 0x05e4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
06:48:56.0414 0x05e4  vwifibus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0414 0x05e4  vwifibus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0429 0x05e4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
06:48:56.0429 0x05e4  W32Time - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0429 0x05e4  Object is SCO, delete is not allowed
06:48:56.0429 0x05e4  W32Time ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
06:48:56.0445 0x05e4  WacomPen - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4  Object is SCO, delete is not allowed
06:48:56.0445 0x05e4  WacomPen ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0445 0x05e4  WANARP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4  Object is SCO, delete is not allowed
06:48:56.0445 0x05e4  WANARP ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0460 0x05e4  Wanarpv6 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0460 0x05e4  Object is SCO, delete is not allowed
06:48:56.0460 0x05e4  Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4  Force sending object to P2P due to detect: Wanarpv6
06:48:56.0460 0x05e4  Object send P2P result: false
06:48:56.0492 0x05e4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
06:48:56.0523 0x05e4  WatAdminSvc - ok
06:48:56.0570 0x05e4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
06:48:56.0601 0x05e4  wbengine - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0601 0x05e4  Object is SCO, delete is not allowed
06:48:56.0601 0x05e4  wbengine ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0616 0x05e4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:48:56.0616 0x05e4  WbioSrvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0616 0x05e4  WbioSrvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0632 0x05e4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:48:56.0632 0x05e4  wcncsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0632 0x05e4  Object is SCO, delete is not allowed
06:48:56.0632 0x05e4  wcncsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:48:56.0648 0x05e4  WcsPlugInService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0648 0x05e4  Object is SCO, delete is not allowed
06:48:56.0648 0x05e4  WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
06:48:56.0663 0x05e4  Wd - ok
06:48:56.0679 0x05e4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:48:56.0694 0x05e4  Wdf01000 - ok
06:48:56.0710 0x05e4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:48:56.0710 0x05e4  WdiServiceHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0710 0x05e4  Object is SCO, delete is not allowed
06:48:56.0710 0x05e4  WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:48:56.0726 0x05e4  WdiSystemHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0726 0x05e4  Object is SCO, delete is not allowed
06:48:56.0726 0x05e4  WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
06:48:56.0741 0x05e4  WebClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0741 0x05e4  Object is SCO, delete is not allowed
06:48:56.0741 0x05e4  WebClient ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:48:56.0757 0x05e4  Wecsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0757 0x05e4  Object is SCO, delete is not allowed
06:48:56.0757 0x05e4  Wecsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:48:56.0772 0x05e4  wercplsupport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4  Object is SCO, delete is not allowed
06:48:56.0772 0x05e4  wercplsupport ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:48:56.0772 0x05e4  WerSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4  Object is SCO, delete is not allowed
06:48:56.0772 0x05e4  WerSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:48:56.0788 0x05e4  WfpLwf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0788 0x05e4  WfpLwf ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0788 0x05e4  Force sending object to P2P due to detect: WfpLwf
06:48:56.0788 0x05e4  Object send P2P result: false
06:48:56.0788 0x05e4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:48:56.0788 0x05e4  WIMMount - ok
06:48:56.0788 0x05e4  WinDefend - ok
06:48:56.0804 0x05e4  WinHttpAutoProxySvc - ok
06:48:56.0804 0x05e4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:48:56.0819 0x05e4  Winmgmt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0819 0x05e4  Object is SCO, delete is not allowed
06:48:56.0819 0x05e4  Winmgmt ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0866 0x05e4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
06:48:56.0913 0x05e4  WinRM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0913 0x05e4  Object is SCO, delete is not allowed
06:48:56.0913 0x05e4  WinRM ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0928 0x05e4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
06:48:56.0928 0x05e4  WinUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0928 0x05e4  WinUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0944 0x05e4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
06:48:56.0975 0x05e4  Wlansvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0975 0x05e4  Object is SCO, delete is not allowed
06:48:56.0975 0x05e4  Wlansvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0022 0x05e4  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:48:57.0084 0x05e4  wlidsvc - ok
06:48:57.0084 0x05e4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
06:48:57.0084 0x05e4  WmiAcpi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0084 0x05e4  Object is SCO, delete is not allowed
06:48:57.0084 0x05e4  WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0100 0x05e4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:48:57.0100 0x05e4  wmiApSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0100 0x05e4  Object is SCO, delete is not allowed
06:48:57.0100 0x05e4  wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4  WMPNetworkSvc - ok
06:48:57.0116 0x05e4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:48:57.0116 0x05e4  WPCSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0116 0x05e4  Object is SCO, delete is not allowed
06:48:57.0116 0x05e4  WPCSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4  Force sending object to P2P due to detect: WPCSvc
06:48:57.0116 0x05e4  Object send P2P result: false
06:48:57.0116 0x05e4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:48:57.0131 0x05e4  WPDBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4  Object is SCO, delete is not allowed
06:48:57.0131 0x05e4  WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:48:57.0131 0x05e4  ws2ifsl - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4  Object is SCO, delete is not allowed
06:48:57.0131 0x05e4  ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
06:48:57.0147 0x05e4  wscsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0147 0x05e4  Object is SCO, delete is not allowed
06:48:57.0147 0x05e4  wscsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0147 0x05e4  Force sending object to P2P due to detect: wscsvc
06:48:57.0147 0x05e4  Object send P2P result: false
06:48:57.0147 0x05e4  WSearch - ok
06:48:57.0209 0x05e4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
06:48:57.0272 0x05e4  wuauserv - ok
06:48:57.0272 0x05e4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:48:57.0287 0x05e4  WudfPf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4  Object is SCO, delete is not allowed
06:48:57.0287 0x05e4  WudfPf ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
06:48:57.0287 0x05e4  WUDFRd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4  Object is SCO, delete is not allowed
06:48:57.0287 0x05e4  WUDFRd ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4  Force sending object to P2P due to detect: WUDFRd
06:48:57.0303 0x05e4  Object send P2P result: false
06:48:57.0303 0x05e4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:48:57.0303 0x05e4  wudfsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0303 0x05e4  Object is SCO, delete is not allowed
06:48:57.0303 0x05e4  wudfsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:48:57.0318 0x05e4  WwanSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0318 0x05e4  WwanSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4  Force sending object to P2P due to detect: WwanSvc
06:48:57.0318 0x05e4  Object send P2P result: false
06:48:57.0318 0x05e4  ================ Scan global ===============================
06:48:57.0334 0x05e4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
06:48:57.0334 0x05e4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
06:48:57.0365 0x05e4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
06:48:57.0365 0x05e4  [ Global ] - ok
06:48:57.0365 0x05e4  ================ Scan MBR ==================================
06:48:57.0365 0x05e4  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
06:48:57.0412 0x05e4  \Device\Harddisk0\DR0 - ok
06:48:57.0412 0x05e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
06:48:57.0521 0x05e4  \Device\Harddisk1\DR1 - ok
06:48:57.0521 0x05e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
06:48:57.0568 0x05e4  \Device\Harddisk2\DR2 - ok
06:48:57.0584 0x05e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
06:48:57.0630 0x05e4  \Device\Harddisk3\DR3 - ok
06:48:57.0630 0x05e4  ================ Scan VBR ==================================
06:48:57.0630 0x05e4  [ 0EE2DD8428A12145BDEE66378AE92E26 ] \Device\Harddisk0\DR0\Partition1
06:48:57.0630 0x05e4  \Device\Harddisk0\DR0\Partition1 - ok
06:48:57.0630 0x05e4  [ 9C9C8B45E21AD77EA6D5035C53019B6A ] \Device\Harddisk1\DR1\Partition1
06:48:57.0630 0x05e4  \Device\Harddisk1\DR1\Partition1 - ok
06:48:57.0646 0x05e4  [ 1CF7C9E0C2891AADCDBA1FC14C9B93BF ] \Device\Harddisk1\DR1\Partition2
06:48:57.0646 0x05e4  \Device\Harddisk1\DR1\Partition2 - ok
06:48:57.0646 0x05e4  [ 803961758AD5EF82D9A740EB838293FE ] \Device\Harddisk2\DR2\Partition1
06:48:57.0662 0x05e4  \Device\Harddisk2\DR2\Partition1 - ok
06:48:57.0662 0x05e4  [ 543BE68A69DD2EEAF6271B5357D6D96A ] \Device\Harddisk3\DR3\Partition1
06:48:57.0693 0x05e4  \Device\Harddisk3\DR3\Partition1 - ok
06:48:57.0693 0x05e4  ================ Scan generic autorun ======================
06:48:57.0974 0x05e4  [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
06:48:58.0301 0x05e4  RTHDVCPL - ok
06:48:58.0348 0x05e4  [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
06:48:58.0395 0x05e4  MSC - ok
06:48:58.0410 0x05e4  [ 51B634D617073986FA73417318F7C121, CAB64175383F501FA515D335167334D7F2147F0889E5052484AA1FF866C6F8CF ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
06:48:58.0426 0x05e4  AdobeAAMUpdater-1.0 - ok
06:48:58.0473 0x05e4  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
06:48:58.0520 0x05e4  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:58.0520 0x05e4  AVMWlanClient ( UnsignedFile.Multi.Generic ) - warning
06:48:58.0520 0x05e4  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
06:48:58.0535 0x05e4  NUSB3MON - ok
06:48:58.0566 0x05e4  [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
06:48:58.0582 0x05e4  StartCCC - ok
06:48:58.0644 0x05e4  [ 87EE3EF42CF8257F6B14BAD6F77DFF04, 8E64B1BD89C322753D0E1BBBFD61D5FFE202CA3C07298BC613E3D7E303479E23 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
06:48:58.0707 0x05e4  Adobe Creative Cloud - ok
06:48:58.0738 0x05e4  [ 2E156FEA6FA4F462F39F6AA86E03A269, E99343353781DBD5B300D6B887D8CC91DB019922CA7E494500CC2604685287FD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
06:48:58.0785 0x05e4  Acrobat Assistant 8.0 - ok
06:48:58.0894 0x05e4  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
06:48:59.0019 0x05e4  Akamai NetSession Interface - ok
06:48:59.0175 0x05e4  [ 18EE6C694976C4D205AF24D6CCE3B660, 262F8B929CBBC8BFDD465826A27625ED9508A7C325C45F1964A4EFAC36D60056 ] C:\Program Files\CCleaner\CCleaner64.exe
06:48:59.0362 0x05e4  CCleaner Monitoring - ok
06:48:59.0393 0x05e4  [ D3D72615EA99E9B4D83101A4006595EA, E6ED416D75B9A7C573F68DBEB5E58D771D6D0D46415C373466EDC4E266C100D7 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
06:48:59.0409 0x05e4  Adobe Acrobat Synchronizer - ok
06:48:59.0440 0x05e4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x60000 ( disabled : updated )
06:48:59.0456 0x05e4  Win FW state via NFP2: enabled
06:48:59.0456 0x05e4  ============================================================
06:48:59.0456 0x05e4  Scan finished
06:48:59.0456 0x05e4  ============================================================

06:48:14.0762 0x05ac  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
06:48:23.0669 0x05ac  ============================================================
06:48:23.0669 0x05ac  Current date / time: 2015/04/27 06:48:23.0669
06:48:23.0669 0x05ac  SystemInfo:
06:48:23.0669 0x05ac  
06:48:23.0669 0x05ac  OS Version: 6.1.7601 ServicePack: 1.0
06:48:23.0669 0x05ac  Product type: Workstation
06:48:23.0669 0x05ac  ComputerName: SKYNET
06:48:23.0669 0x05ac  UserName: Dizzy
06:48:23.0669 0x05ac  Windows directory: C:\Windows
06:48:23.0669 0x05ac  System windows directory: C:\Windows
06:48:23.0669 0x05ac  Running under WOW64
06:48:23.0669 0x05ac  Processor architecture: Intel x64
06:48:23.0669 0x05ac  Number of processors: 8
06:48:23.0669 0x05ac  Page size: 0x1000
06:48:23.0669 0x05ac  Boot type: Safe boot
06:48:23.0669 0x05ac  ============================================================
06:48:23.0903 0x05ac  KLMD registered as C:\Windows\system32\drivers\44355286.sys
06:48:23.0934 0x05ac  System UUID: {F21FE57E-0EA1-9F60-8D2A-C64ABB18169C}
06:48:24.0262 0x05ac  Drive \Device\Harddisk0\DR0 - Size: 0x2658AE0000 ( 153.39 Gb ), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0262 0x05ac  Drive \Device\Harddisk2\DR2 - Size: 0x3A38725E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x76C0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac  Drive \Device\Harddisk3\DR3 - Size: 0xE8E09ADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
06:48:24.0278 0x05ac  ============================================================
06:48:24.0278 0x05ac  \Device\Harddisk0\DR0:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x132C4000
06:48:24.0278 0x05ac  \Device\Harddisk1\DR1:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:48:24.0278 0x05ac  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
06:48:24.0278 0x05ac  \Device\Harddisk2\DR2:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C2800
06:48:24.0278 0x05ac  \Device\Harddisk3\DR3:
06:48:24.0278 0x05ac  MBR partitions:
06:48:24.0278 0x05ac  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D1000
06:48:24.0278 0x05ac  ============================================================
06:48:24.0278 0x05ac  C: <-> \Device\Harddisk1\DR1\Partition2
06:48:24.0309 0x05ac  D: <-> \Device\Harddisk3\DR3\Partition1
06:48:24.0324 0x05ac  F: <-> \Device\Harddisk0\DR0\Partition1
06:48:24.0340 0x05ac  G: <-> \Device\Harddisk2\DR2\Partition1
06:48:24.0340 0x05ac  ============================================================
06:48:24.0340 0x05ac  Initialize success
06:48:24.0340 0x05ac  ============================================================
06:48:32.0780 0x05e4  ============================================================
06:48:32.0780 0x05e4  Scan started
06:48:32.0780 0x05e4  Mode: Manual; SigCheck; TDLFS; 
06:48:32.0780 0x05e4  ============================================================
06:48:32.0780 0x05e4  KSN ping started
06:48:32.0795 0x05e4  KSN ping finished: false
06:48:32.0873 0x05e4  ================ Scan system memory ========================
06:48:32.0873 0x05e4  System memory - ok
06:48:32.0873 0x05e4  ================ Scan services =============================
06:48:32.0904 0x05e4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:48:49.0160 0x05e4  1394ohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0222 0x05e4  1394ohci ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0238 0x05e4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:48:49.0269 0x05e4  ACPI - ok
06:48:49.0269 0x05e4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
06:48:49.0269 0x05e4  AcpiPmi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0269 0x05e4  AcpiPmi ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0269 0x05e4  Force sending object to P2P due to detect: AcpiPmi
06:48:49.0269 0x05e4  Object send P2P result: false
06:48:49.0284 0x05e4  [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:48:49.0284 0x05e4  AdobeARMservice - ok
06:48:49.0316 0x05e4  [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:48:49.0316 0x05e4  AdobeFlashPlayerUpdateSvc - ok
06:48:49.0331 0x05e4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
06:48:49.0362 0x05e4  adp94xx - ok
06:48:49.0362 0x05e4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
06:48:49.0378 0x05e4  adpahci - ok
06:48:49.0394 0x05e4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
06:48:49.0394 0x05e4  adpu320 - ok
06:48:49.0409 0x05e4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:48:49.0409 0x05e4  AeLookupSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0409 0x05e4  Object is SCO, delete is not allowed
06:48:49.0409 0x05e4  AeLookupSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0425 0x05e4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
06:48:49.0440 0x05e4  AFD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0440 0x05e4  Object is SCO, delete is not allowed
06:48:49.0440 0x05e4  AFD ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0440 0x05e4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
06:48:49.0440 0x05e4  agp440 - ok
06:48:49.0456 0x05e4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
06:48:49.0456 0x05e4  ALG - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0456 0x05e4  ALG ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0456 0x05e4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:48:49.0472 0x05e4  aliide - ok
06:48:49.0472 0x05e4  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:48:49.0487 0x05e4  AMD External Events Utility - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0487 0x05e4  AMD External Events Utility ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0487 0x05e4  Force sending object to P2P due to detect: AMD External Events Utility
06:48:49.0487 0x05e4  Object send P2P result: false
06:48:49.0503 0x05e4  AMD FUEL Service - ok
06:48:49.0503 0x05e4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
06:48:49.0503 0x05e4  amdide - ok
06:48:49.0518 0x05e4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
06:48:49.0518 0x05e4  AmdK8 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:49.0518 0x05e4  Object is SCO, delete is not allowed
06:48:49.0518 0x05e4  AmdK8 ( UnsignedFile.Multi.Generic ) - warning
06:48:49.0924 0x05e4  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
06:48:50.0423 0x05e4  amdkmdag - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0423 0x05e4  amdkmdag ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0454 0x05e4  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
06:48:50.0470 0x05e4  amdkmdap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0470 0x05e4  amdkmdap ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0470 0x05e4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
06:48:50.0486 0x05e4  AmdPPM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0486 0x05e4  AmdPPM ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0486 0x05e4  Force sending object to P2P due to detect: AmdPPM
06:48:50.0486 0x05e4  Object send P2P result: false
06:48:50.0486 0x05e4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:48:50.0501 0x05e4  amdsata - ok
06:48:50.0501 0x05e4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
06:48:50.0517 0x05e4  amdsbs - ok
06:48:50.0517 0x05e4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:48:50.0517 0x05e4  amdxata - ok
06:48:50.0532 0x05e4  AODDriver4.2.0 - ok
06:48:50.0532 0x05e4  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
06:48:50.0548 0x05e4  AODDriver4.3 - ok
06:48:50.0548 0x05e4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
06:48:50.0548 0x05e4  AppID - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0548 0x05e4  AppID ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0548 0x05e4  Force sending object to P2P due to detect: AppID
06:48:50.0548 0x05e4  Object send P2P result: false
06:48:50.0564 0x05e4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:48:50.0564 0x05e4  AppIDSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4  AppIDSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0564 0x05e4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
06:48:50.0564 0x05e4  Appinfo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0564 0x05e4  Object is SCO, delete is not allowed
06:48:50.0564 0x05e4  Appinfo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0579 0x05e4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
06:48:50.0579 0x05e4  arc - ok
06:48:50.0595 0x05e4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
06:48:50.0595 0x05e4  arcsas - ok
06:48:50.0610 0x05e4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:48:50.0626 0x05e4  aspnet_state - ok
06:48:50.0626 0x05e4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:48:50.0626 0x05e4  AsyncMac - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0626 0x05e4  Object is SCO, delete is not allowed
06:48:50.0626 0x05e4  AsyncMac ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0626 0x05e4  Force sending object to P2P due to detect: AsyncMac
06:48:50.0626 0x05e4  Object send P2P result: false
06:48:50.0642 0x05e4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
06:48:50.0642 0x05e4  atapi - ok
06:48:50.0642 0x05e4  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
06:48:50.0657 0x05e4  AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0657 0x05e4  AtiHDAudioService ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0673 0x05e4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:48:50.0688 0x05e4  AudioEndpointBuilder - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0688 0x05e4  Object is SCO, delete is not allowed
06:48:50.0688 0x05e4  AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0704 0x05e4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
06:48:50.0720 0x05e4  AudioSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0720 0x05e4  Object is SCO, delete is not allowed
06:48:50.0720 0x05e4  AudioSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0735 0x05e4  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
06:48:50.0735 0x05e4  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0735 0x05e4  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0751 0x05e4  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
06:48:50.0751 0x05e4  avmeject - ok
06:48:50.0751 0x05e4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:48:50.0766 0x05e4  AxInstSV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0766 0x05e4  AxInstSV ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0766 0x05e4  Force sending object to P2P due to detect: AxInstSV
06:48:50.0766 0x05e4  Object send P2P result: false
06:48:50.0766 0x05e4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
06:48:50.0782 0x05e4  b06bdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0782 0x05e4  b06bdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0782 0x05e4  Force sending object to P2P due to detect: b06bdrv
06:48:50.0782 0x05e4  Object send P2P result: false
06:48:50.0798 0x05e4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
06:48:50.0813 0x05e4  b57nd60a - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4  b57nd60a ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:48:50.0813 0x05e4  BDESVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0813 0x05e4  BDESVC ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0813 0x05e4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:48:50.0829 0x05e4  Beep - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0829 0x05e4  Beep ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0844 0x05e4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
06:48:50.0860 0x05e4  BFE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0860 0x05e4  Object is SCO, delete is not allowed
06:48:50.0860 0x05e4  BFE ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0876 0x05e4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
06:48:50.0907 0x05e4  BITS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4  BITS ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0907 0x05e4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
06:48:50.0907 0x05e4  blbdrive - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0907 0x05e4  Object is SCO, delete is not allowed
06:48:50.0907 0x05e4  blbdrive ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:48:50.0922 0x05e4  bowser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4  Object is SCO, delete is not allowed
06:48:50.0922 0x05e4  bowser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4  Force sending object to P2P due to detect: bowser
06:48:50.0922 0x05e4  Object send P2P result: false
06:48:50.0922 0x05e4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:48:50.0922 0x05e4  BrFiltLo - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0922 0x05e4  Object is SCO, delete is not allowed
06:48:50.0922 0x05e4  BrFiltLo ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0922 0x05e4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:48:50.0938 0x05e4  BrFiltUp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4  Object is SCO, delete is not allowed
06:48:50.0938 0x05e4  BrFiltUp ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
06:48:50.0938 0x05e4  BridgeMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0938 0x05e4  Object is SCO, delete is not allowed
06:48:50.0938 0x05e4  BridgeMP ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0938 0x05e4  Force sending object to P2P due to detect: BridgeMP
06:48:50.0938 0x05e4  Object send P2P result: false
06:48:50.0954 0x05e4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
06:48:50.0954 0x05e4  Browser - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0954 0x05e4  Browser ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
06:48:50.0969 0x05e4  Brserid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0969 0x05e4  Object is SCO, delete is not allowed
06:48:50.0969 0x05e4  Brserid ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0969 0x05e4  Force sending object to P2P due to detect: Brserid
06:48:50.0969 0x05e4  Object send P2P result: false
06:48:50.0969 0x05e4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:48:50.0985 0x05e4  BrSerWdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4  Object is SCO, delete is not allowed
06:48:50.0985 0x05e4  BrSerWdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:48:50.0985 0x05e4  BrUsbMdm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4  Object is SCO, delete is not allowed
06:48:50.0985 0x05e4  BrUsbMdm ( UnsignedFile.Multi.Generic ) - warning
06:48:50.0985 0x05e4  Force sending object to P2P due to detect: BrUsbMdm
06:48:50.0985 0x05e4  Object send P2P result: false
06:48:50.0985 0x05e4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:48:50.0985 0x05e4  BrUsbSer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:50.0985 0x05e4  Object is SCO, delete is not allowed
06:48:50.0985 0x05e4  BrUsbSer ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
06:48:51.0000 0x05e4  BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4  Object is SCO, delete is not allowed
06:48:51.0000 0x05e4  BTHMODEM ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0000 0x05e4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
06:48:51.0000 0x05e4  bthserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0000 0x05e4  Object is SCO, delete is not allowed
06:48:51.0000 0x05e4  bthserv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:48:51.0016 0x05e4  cdfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0016 0x05e4  Object is SCO, delete is not allowed
06:48:51.0016 0x05e4  cdfs ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0016 0x05e4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
06:48:51.0032 0x05e4  cdrom - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4  Object is SCO, delete is not allowed
06:48:51.0032 0x05e4  cdrom ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0032 0x05e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
06:48:51.0032 0x05e4  CertPropSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0032 0x05e4  Object is SCO, delete is not allowed
06:48:51.0032 0x05e4  CertPropSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
06:48:51.0047 0x05e4  circlass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0047 0x05e4  Object is SCO, delete is not allowed
06:48:51.0047 0x05e4  circlass ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0047 0x05e4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
06:48:51.0063 0x05e4  CLFS - ok
06:48:51.0078 0x05e4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:48:51.0078 0x05e4  clr_optimization_v2.0.50727_32 - ok
06:48:51.0094 0x05e4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:48:51.0094 0x05e4  clr_optimization_v2.0.50727_64 - ok
06:48:51.0110 0x05e4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:48:51.0141 0x05e4  clr_optimization_v4.0.30319_32 - ok
06:48:51.0141 0x05e4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:48:51.0156 0x05e4  clr_optimization_v4.0.30319_64 - ok
06:48:51.0156 0x05e4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
06:48:51.0156 0x05e4  CmBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0156 0x05e4  Object is SCO, delete is not allowed
06:48:51.0156 0x05e4  CmBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0156 0x05e4  Force sending object to P2P due to detect: CmBatt
06:48:51.0172 0x05e4  Object send P2P result: false
06:48:51.0172 0x05e4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:48:51.0172 0x05e4  cmdide - ok
06:48:51.0188 0x05e4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
06:48:51.0203 0x05e4  CNG - ok
06:48:51.0219 0x05e4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
06:48:51.0219 0x05e4  Compbatt - ok
06:48:51.0219 0x05e4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
06:48:51.0219 0x05e4  CompositeBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0219 0x05e4  CompositeBus ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0219 0x05e4  Force sending object to P2P due to detect: CompositeBus
06:48:51.0234 0x05e4  Object send P2P result: false
06:48:51.0234 0x05e4  COMSysApp - ok
06:48:51.0234 0x05e4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
06:48:51.0234 0x05e4  crcdisk - ok
06:48:51.0250 0x05e4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:48:51.0250 0x05e4  CryptSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0250 0x05e4  CryptSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0266 0x05e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:48:51.0281 0x05e4  DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0281 0x05e4  Object is SCO, delete is not allowed
06:48:51.0281 0x05e4  DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0281 0x05e4  Force sending object to P2P due to detect: DcomLaunch
06:48:51.0281 0x05e4  Object send P2P result: false
06:48:51.0297 0x05e4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
06:48:51.0297 0x05e4  defragsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0297 0x05e4  defragsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0312 0x05e4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:48:51.0312 0x05e4  DfsC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0312 0x05e4  Object is SCO, delete is not allowed
06:48:51.0312 0x05e4  DfsC ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0328 0x05e4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:48:51.0328 0x05e4  Dhcp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0328 0x05e4  Dhcp ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
06:48:51.0344 0x05e4  discache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0344 0x05e4  discache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0344 0x05e4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
06:48:51.0359 0x05e4  Disk - ok
06:48:51.0359 0x05e4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:48:51.0375 0x05e4  Dnscache - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0375 0x05e4  Object is SCO, delete is not allowed
06:48:51.0375 0x05e4  Dnscache ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0375 0x05e4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:48:51.0390 0x05e4  dot3svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4  Object is SCO, delete is not allowed
06:48:51.0390 0x05e4  dot3svc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0390 0x05e4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
06:48:51.0390 0x05e4  DPS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0390 0x05e4  Object is SCO, delete is not allowed
06:48:51.0390 0x05e4  DPS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0406 0x05e4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:48:51.0406 0x05e4  drmkaud - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0406 0x05e4  drmkaud ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0422 0x05e4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:48:51.0453 0x05e4  DXGKrnl - ok
06:48:51.0453 0x05e4  EagleX64 - ok
06:48:51.0468 0x05e4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
06:48:51.0468 0x05e4  EapHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0468 0x05e4  Object is SCO, delete is not allowed
06:48:51.0468 0x05e4  EapHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0593 0x05e4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
06:48:51.0671 0x05e4  ebdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0671 0x05e4  ebdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0687 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\Windows\System32\lsass.exe
06:48:51.0687 0x05e4  EFS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0687 0x05e4  Object is SCO, delete is not allowed
06:48:51.0687 0x05e4  EFS ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0702 0x05e4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
06:48:51.0718 0x05e4  ehRecvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0718 0x05e4  Object is SCO, delete is not allowed
06:48:51.0718 0x05e4  ehRecvr ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0734 0x05e4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
06:48:51.0734 0x05e4  ehSched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0734 0x05e4  Object is SCO, delete is not allowed
06:48:51.0734 0x05e4  ehSched ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0749 0x05e4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
06:48:51.0765 0x05e4  elxstor - ok
06:48:51.0765 0x05e4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:48:51.0765 0x05e4  ErrDev - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0765 0x05e4  Object is SCO, delete is not allowed
06:48:51.0765 0x05e4  ErrDev ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0780 0x05e4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
06:48:51.0796 0x05e4  EventSystem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0796 0x05e4  EventSystem ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
06:48:51.0812 0x05e4  exfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0812 0x05e4  Object is SCO, delete is not allowed
06:48:51.0812 0x05e4  exfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0812 0x05e4  Force sending object to P2P due to detect: exfat
06:48:51.0812 0x05e4  Object send P2P result: false
06:48:51.0827 0x05e4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:48:51.0827 0x05e4  fastfat - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0827 0x05e4  Object is SCO, delete is not allowed
06:48:51.0827 0x05e4  fastfat ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0827 0x05e4  Force sending object to P2P due to detect: fastfat
06:48:51.0827 0x05e4  Object send P2P result: false
06:48:51.0843 0x05e4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
06:48:51.0858 0x05e4  Fax - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0858 0x05e4  Object is SCO, delete is not allowed
06:48:51.0858 0x05e4  Fax ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
06:48:51.0874 0x05e4  fdc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4  Object is SCO, delete is not allowed
06:48:51.0874 0x05e4  fdc ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
06:48:51.0874 0x05e4  fdPHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0874 0x05e4  Object is SCO, delete is not allowed
06:48:51.0874 0x05e4  fdPHost ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0874 0x05e4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
06:48:51.0890 0x05e4  FDResPub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0890 0x05e4  Object is SCO, delete is not allowed
06:48:51.0890 0x05e4  FDResPub ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0890 0x05e4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:48:51.0890 0x05e4  FileInfo - ok
06:48:51.0905 0x05e4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:48:51.0905 0x05e4  Filetrace - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4  Object is SCO, delete is not allowed
06:48:51.0905 0x05e4  Filetrace ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
06:48:51.0905 0x05e4  flpydisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:51.0905 0x05e4  Object is SCO, delete is not allowed
06:48:51.0905 0x05e4  flpydisk ( UnsignedFile.Multi.Generic ) - warning
06:48:51.0905 0x05e4  Force sending object to P2P due to detect: flpydisk
06:48:51.0905 0x05e4  Object send P2P result: false
06:48:51.0921 0x05e4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:48:51.0936 0x05e4  FltMgr - ok
06:48:51.0936 0x05e4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:48:51.0936 0x05e4  FontCache3.0.0.0 - ok
06:48:51.0952 0x05e4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:48:51.0952 0x05e4  FsDepends - ok
06:48:51.0952 0x05e4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:48:51.0968 0x05e4  Fs_Rec - ok
06:48:51.0968 0x05e4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:48:51.0983 0x05e4  fvevol - ok
06:48:51.0999 0x05e4  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
06:48:52.0014 0x05e4  FWLANUSB - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0014 0x05e4  FWLANUSB ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0014 0x05e4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
06:48:52.0014 0x05e4  gagp30kx - ok
06:48:52.0046 0x05e4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
06:48:52.0061 0x05e4  gpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0061 0x05e4  Object is SCO, delete is not allowed
06:48:52.0061 0x05e4  gpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0061 0x05e4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:48:52.0077 0x05e4  hcw85cir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0077 0x05e4  hcw85cir ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0077 0x05e4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:48:52.0092 0x05e4  HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0092 0x05e4  HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0092 0x05e4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
06:48:52.0108 0x05e4  HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4  Object is SCO, delete is not allowed
06:48:52.0108 0x05e4  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
06:48:52.0108 0x05e4  HidBatt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0108 0x05e4  HidBatt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0108 0x05e4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
06:48:52.0124 0x05e4  HidBth - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4  Object is SCO, delete is not allowed
06:48:52.0124 0x05e4  HidBth ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
06:48:52.0124 0x05e4  HidIr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4  Object is SCO, delete is not allowed
06:48:52.0124 0x05e4  HidIr ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0124 0x05e4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
06:48:52.0124 0x05e4  hidserv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0124 0x05e4  Object is SCO, delete is not allowed
06:48:52.0124 0x05e4  hidserv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
06:48:52.0139 0x05e4  HidUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0139 0x05e4  Object is SCO, delete is not allowed
06:48:52.0139 0x05e4  HidUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0139 0x05e4  Force sending object to P2P due to detect: HidUsb
06:48:52.0139 0x05e4  Object send P2P result: false
06:48:52.0139 0x05e4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:48:52.0155 0x05e4  hkmsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0155 0x05e4  Object is SCO, delete is not allowed
06:48:52.0155 0x05e4  hkmsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0155 0x05e4  Force sending object to P2P due to detect: hkmsvc
06:48:52.0155 0x05e4  Object send P2P result: false
06:48:52.0155 0x05e4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:48:52.0170 0x05e4  HomeGroupListener - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0170 0x05e4  HomeGroupListener ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0170 0x05e4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:48:52.0170 0x05e4  HomeGroupProvider - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0186 0x05e4  HomeGroupProvider ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0186 0x05e4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:48:52.0186 0x05e4  HpSAMD - ok
06:48:52.0202 0x05e4  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
06:48:52.0202 0x05e4  HTCAND64 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0202 0x05e4  HTCAND64 ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0217 0x05e4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:48:52.0233 0x05e4  HTTP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0233 0x05e4  Object is SCO, delete is not allowed
06:48:52.0233 0x05e4  HTTP ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0248 0x05e4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:48:52.0248 0x05e4  hwpolicy - ok
06:48:52.0248 0x05e4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
06:48:52.0264 0x05e4  i8042prt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0264 0x05e4  Object is SCO, delete is not allowed
06:48:52.0264 0x05e4  i8042prt ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0264 0x05e4  Force sending object to P2P due to detect: i8042prt
06:48:52.0264 0x05e4  Object send P2P result: false
06:48:52.0264 0x05e4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:48:52.0280 0x05e4  iaStorV - ok
06:48:52.0311 0x05e4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:48:52.0326 0x05e4  idsvc - ok
06:48:52.0342 0x05e4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
06:48:52.0342 0x05e4  iirsp - ok
06:48:52.0373 0x05e4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
06:48:52.0389 0x05e4  IKEEXT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0389 0x05e4  Object is SCO, delete is not allowed
06:48:52.0389 0x05e4  IKEEXT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0482 0x05e4  [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:48:52.0592 0x05e4  IntcAzAudAddService - ok
06:48:52.0592 0x05e4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
06:48:52.0607 0x05e4  intelide - ok
06:48:52.0607 0x05e4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:48:52.0607 0x05e4  intelppm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0607 0x05e4  Object is SCO, delete is not allowed
06:48:52.0607 0x05e4  intelppm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0607 0x05e4  Force sending object to P2P due to detect: intelppm
06:48:52.0607 0x05e4  Object send P2P result: false
06:48:52.0607 0x05e4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
06:48:52.0623 0x05e4  IPBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4  Object is SCO, delete is not allowed
06:48:52.0623 0x05e4  IPBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4  Force sending object to P2P due to detect: IPBusEnum
06:48:52.0623 0x05e4  Object send P2P result: false
06:48:52.0623 0x05e4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:48:52.0623 0x05e4  IpFilterDriver - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0623 0x05e4  Object is SCO, delete is not allowed
06:48:52.0623 0x05e4  IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0623 0x05e4  Force sending object to P2P due to detect: IpFilterDriver
06:48:52.0623 0x05e4  Object send P2P result: false
06:48:52.0638 0x05e4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:48:52.0654 0x05e4  iphlpsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0654 0x05e4  Object is SCO, delete is not allowed
06:48:52.0654 0x05e4  iphlpsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
06:48:52.0670 0x05e4  IPMIDRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0670 0x05e4  Object is SCO, delete is not allowed
06:48:52.0670 0x05e4  IPMIDRV ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0670 0x05e4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:48:52.0685 0x05e4  IPNAT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4  Object is SCO, delete is not allowed
06:48:52.0685 0x05e4  IPNAT ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:48:52.0685 0x05e4  IRENUM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0685 0x05e4  Object is SCO, delete is not allowed
06:48:52.0685 0x05e4  IRENUM ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0685 0x05e4  Force sending object to P2P due to detect: IRENUM
06:48:52.0685 0x05e4  Object send P2P result: false
06:48:52.0685 0x05e4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:48:52.0701 0x05e4  isapnp - ok
06:48:52.0701 0x05e4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:48:52.0716 0x05e4  iScsiPrt - ok
06:48:52.0716 0x05e4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
06:48:52.0732 0x05e4  kbdclass - ok
06:48:52.0732 0x05e4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
06:48:52.0732 0x05e4  kbdhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0732 0x05e4  Object is SCO, delete is not allowed
06:48:52.0732 0x05e4  kbdhid ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0732 0x05e4  Force sending object to P2P due to detect: kbdhid
06:48:52.0732 0x05e4  Object send P2P result: false
06:48:52.0732 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
06:48:52.0748 0x05e4  KeyIso - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0748 0x05e4  Object is SCO, delete is not allowed
06:48:52.0748 0x05e4  KeyIso ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0748 0x05e4  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:48:52.0748 0x05e4  KSecDD - ok
06:48:52.0763 0x05e4  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:48:52.0763 0x05e4  KSecPkg - ok
06:48:52.0779 0x05e4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
06:48:52.0779 0x05e4  ksthunk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0779 0x05e4  ksthunk ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0794 0x05e4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:48:52.0794 0x05e4  KtmRm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0794 0x05e4  Object is SCO, delete is not allowed
06:48:52.0794 0x05e4  KtmRm ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
06:48:52.0810 0x05e4  LanmanServer - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0810 0x05e4  Object is SCO, delete is not allowed
06:48:52.0810 0x05e4  LanmanServer ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0810 0x05e4  Force sending object to P2P due to detect: LanmanServer
06:48:52.0810 0x05e4  Object send P2P result: false
06:48:52.0826 0x05e4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:48:52.0826 0x05e4  LanmanWorkstation - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0826 0x05e4  Object is SCO, delete is not allowed
06:48:52.0826 0x05e4  LanmanWorkstation ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0826 0x05e4  Force sending object to P2P due to detect: LanmanWorkstation
06:48:52.0826 0x05e4  Object send P2P result: false
06:48:52.0826 0x05e4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:48:52.0841 0x05e4  lltdio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0841 0x05e4  Object is SCO, delete is not allowed
06:48:52.0841 0x05e4  lltdio ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0841 0x05e4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:48:52.0857 0x05e4  lltdsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4  Object is SCO, delete is not allowed
06:48:52.0857 0x05e4  lltdsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0857 0x05e4  Force sending object to P2P due to detect: lltdsvc
06:48:52.0857 0x05e4  Object send P2P result: false
06:48:52.0857 0x05e4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:48:52.0857 0x05e4  lmhosts - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0857 0x05e4  Object is SCO, delete is not allowed
06:48:52.0857 0x05e4  lmhosts ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0872 0x05e4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
06:48:52.0872 0x05e4  LSI_FC - ok
06:48:52.0888 0x05e4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
06:48:52.0888 0x05e4  LSI_SAS - ok
06:48:52.0904 0x05e4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:48:52.0904 0x05e4  LSI_SAS2 - ok
06:48:52.0904 0x05e4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:48:52.0919 0x05e4  LSI_SCSI - ok
06:48:52.0919 0x05e4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
06:48:52.0919 0x05e4  luafv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0935 0x05e4  Object is SCO, delete is not allowed
06:48:52.0935 0x05e4  luafv ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0935 0x05e4  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
06:48:52.0950 0x05e4  LVRS64 - ok
06:48:52.0950 0x05e4  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
06:48:52.0966 0x05e4  MBfilt - ok
06:48:52.0966 0x05e4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
06:48:52.0982 0x05e4  Mcx2Svc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:52.0982 0x05e4  Object is SCO, delete is not allowed
06:48:52.0982 0x05e4  Mcx2Svc ( UnsignedFile.Multi.Generic ) - warning
06:48:52.0982 0x05e4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
06:48:52.0982 0x05e4  megasas - ok
06:48:52.0997 0x05e4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
06:48:53.0013 0x05e4  MegaSR - ok
06:48:53.0013 0x05e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
06:48:53.0013 0x05e4  MMCSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0013 0x05e4  Object is SCO, delete is not allowed
06:48:53.0013 0x05e4  MMCSS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0013 0x05e4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
06:48:53.0028 0x05e4  Modem - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4  Object is SCO, delete is not allowed
06:48:53.0028 0x05e4  Modem ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
06:48:53.0028 0x05e4  monitor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0028 0x05e4  Object is SCO, delete is not allowed
06:48:53.0028 0x05e4  monitor ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0028 0x05e4  Force sending object to P2P due to detect: monitor
06:48:53.0028 0x05e4  Object send P2P result: false
06:48:53.0028 0x05e4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
06:48:53.0044 0x05e4  mouclass - ok
06:48:53.0044 0x05e4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:48:53.0044 0x05e4  mouhid - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0044 0x05e4  Object is SCO, delete is not allowed
06:48:53.0044 0x05e4  mouhid ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0044 0x05e4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:48:53.0060 0x05e4  mountmgr - ok
06:48:53.0060 0x05e4  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:48:53.0075 0x05e4  MozillaMaintenance - ok
06:48:53.0091 0x05e4  [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
06:48:53.0091 0x05e4  MpFilter - ok
06:48:53.0106 0x05e4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
06:48:53.0106 0x05e4  mpio - ok
06:48:53.0122 0x05e4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:48:53.0122 0x05e4  mpsdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0122 0x05e4  Object is SCO, delete is not allowed
06:48:53.0122 0x05e4  mpsdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0138 0x05e4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:48:53.0169 0x05e4  MpsSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0169 0x05e4  Object is SCO, delete is not allowed
06:48:53.0169 0x05e4  MpsSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0169 0x05e4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:48:53.0169 0x05e4  MRxDAV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4  Object is SCO, delete is not allowed
06:48:53.0184 0x05e4  MRxDAV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0184 0x05e4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:48:53.0184 0x05e4  mrxsmb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0184 0x05e4  Object is SCO, delete is not allowed
06:48:53.0184 0x05e4  mrxsmb ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0200 0x05e4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:48:53.0200 0x05e4  mrxsmb10 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0200 0x05e4  Object is SCO, delete is not allowed
06:48:53.0200 0x05e4  mrxsmb10 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:48:53.0216 0x05e4  mrxsmb20 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0216 0x05e4  Object is SCO, delete is not allowed
06:48:53.0216 0x05e4  mrxsmb20 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0216 0x05e4  Force sending object to P2P due to detect: mrxsmb20
06:48:53.0216 0x05e4  Object send P2P result: false
06:48:53.0216 0x05e4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
06:48:53.0231 0x05e4  msahci - ok
06:48:53.0231 0x05e4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
06:48:53.0247 0x05e4  msdsm - ok
06:48:53.0247 0x05e4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
06:48:53.0262 0x05e4  MSDTC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4  Object is SCO, delete is not allowed
06:48:53.0262 0x05e4  MSDTC ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:48:53.0262 0x05e4  Msfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4  Object is SCO, delete is not allowed
06:48:53.0262 0x05e4  Msfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0262 0x05e4  Force sending object to P2P due to detect: Msfs
06:48:53.0262 0x05e4  Object send P2P result: false
06:48:53.0262 0x05e4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:48:53.0262 0x05e4  mshidkmdf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0262 0x05e4  mshidkmdf ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0278 0x05e4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:48:53.0278 0x05e4  msisadrv - ok
06:48:53.0294 0x05e4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:48:53.0294 0x05e4  MSiSCSI - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4  Object is SCO, delete is not allowed
06:48:53.0294 0x05e4  MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
         

Alt 27.04.2015, 06:11   #9
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



3ter Teil:
Code:
ATTFilter
06:48:53.0294 0x05e4  msiserver - ok
06:48:53.0294 0x05e4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:48:53.0294 0x05e4  MSKSSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0294 0x05e4  Object is SCO, delete is not allowed
06:48:53.0294 0x05e4  MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0294 0x05e4  Force sending object to P2P due to detect: MSKSSRV
06:48:53.0309 0x05e4  Object send P2P result: false
06:48:53.0309 0x05e4  [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
06:48:53.0309 0x05e4  MsMpSvc - ok
06:48:53.0309 0x05e4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:48:53.0325 0x05e4  MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4  Object is SCO, delete is not allowed
06:48:53.0325 0x05e4  MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4  Force sending object to P2P due to detect: MSPCLOCK
06:48:53.0325 0x05e4  Object send P2P result: false
06:48:53.0325 0x05e4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:48:53.0325 0x05e4  MSPQM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0325 0x05e4  Object is SCO, delete is not allowed
06:48:53.0325 0x05e4  MSPQM ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0325 0x05e4  Force sending object to P2P due to detect: MSPQM
06:48:53.0325 0x05e4  Object send P2P result: false
06:48:53.0340 0x05e4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:48:53.0356 0x05e4  MsRPC - ok
06:48:53.0356 0x05e4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
06:48:53.0356 0x05e4  mssmbios - ok
06:48:53.0356 0x05e4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:48:53.0372 0x05e4  MSTEE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4  Object is SCO, delete is not allowed
06:48:53.0372 0x05e4  MSTEE ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
06:48:53.0372 0x05e4  MTConfig - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0372 0x05e4  MTConfig ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0372 0x05e4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
06:48:53.0387 0x05e4  Mup - ok
06:48:53.0403 0x05e4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
06:48:53.0418 0x05e4  napagent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0418 0x05e4  Object is SCO, delete is not allowed
06:48:53.0418 0x05e4  napagent ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0418 0x05e4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:48:53.0434 0x05e4  NativeWifiP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0434 0x05e4  Object is SCO, delete is not allowed
06:48:53.0434 0x05e4  NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0450 0x05e4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:48:53.0481 0x05e4  NDIS - ok
06:48:53.0481 0x05e4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:48:53.0496 0x05e4  NdisCap - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4  NdisCap ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4  Force sending object to P2P due to detect: NdisCap
06:48:53.0496 0x05e4  Object send P2P result: false
06:48:53.0496 0x05e4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:48:53.0496 0x05e4  NdisTapi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0496 0x05e4  Object is SCO, delete is not allowed
06:48:53.0496 0x05e4  NdisTapi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0496 0x05e4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:48:53.0512 0x05e4  Ndisuio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4  Object is SCO, delete is not allowed
06:48:53.0512 0x05e4  Ndisuio ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0512 0x05e4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:48:53.0512 0x05e4  NdisWan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0512 0x05e4  Object is SCO, delete is not allowed
06:48:53.0512 0x05e4  NdisWan ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:48:53.0528 0x05e4  NDProxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4  Object is SCO, delete is not allowed
06:48:53.0528 0x05e4  NDProxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0528 0x05e4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:48:53.0528 0x05e4  NetBIOS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0528 0x05e4  Object is SCO, delete is not allowed
06:48:53.0528 0x05e4  NetBIOS ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0543 0x05e4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:48:53.0543 0x05e4  NetBT - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0543 0x05e4  Object is SCO, delete is not allowed
06:48:53.0543 0x05e4  NetBT ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
06:48:53.0559 0x05e4  Netlogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0559 0x05e4  Object is SCO, delete is not allowed
06:48:53.0559 0x05e4  Netlogon ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0559 0x05e4  Force sending object to P2P due to detect: Netlogon
06:48:53.0559 0x05e4  Object send P2P result: false
06:48:53.0559 0x05e4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
06:48:53.0574 0x05e4  Netman - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0574 0x05e4  Netman ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0590 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0590 0x05e4  NetMsmqActivator - ok
06:48:53.0606 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0606 0x05e4  NetPipeActivator - ok
06:48:53.0621 0x05e4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
06:48:53.0637 0x05e4  netprofm - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0637 0x05e4  Object is SCO, delete is not allowed
06:48:53.0637 0x05e4  netprofm ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0637 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0652 0x05e4  NetTcpActivator - ok
06:48:53.0652 0x05e4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:48:53.0668 0x05e4  NetTcpPortSharing - ok
06:48:53.0668 0x05e4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
06:48:53.0684 0x05e4  nfrd960 - ok
06:48:53.0684 0x05e4  [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
06:48:53.0699 0x05e4  NisDrv - ok
06:48:53.0699 0x05e4  [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
06:48:53.0730 0x05e4  NisSrv - ok
06:48:53.0730 0x05e4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:48:53.0746 0x05e4  NlaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4  Object is SCO, delete is not allowed
06:48:53.0746 0x05e4  NlaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0746 0x05e4  Force sending object to P2P due to detect: NlaSvc
06:48:53.0746 0x05e4  Object send P2P result: false
06:48:53.0746 0x05e4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:48:53.0746 0x05e4  Npfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0746 0x05e4  Object is SCO, delete is not allowed
06:48:53.0746 0x05e4  Npfs ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
06:48:53.0762 0x05e4  nsi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4  Object is SCO, delete is not allowed
06:48:53.0762 0x05e4  nsi ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0762 0x05e4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:48:53.0762 0x05e4  nsiproxy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0762 0x05e4  Object is SCO, delete is not allowed
06:48:53.0762 0x05e4  nsiproxy ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0808 0x05e4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:48:53.0855 0x05e4  Ntfs - ok
06:48:53.0855 0x05e4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
06:48:53.0855 0x05e4  Null - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0855 0x05e4  Object is SCO, delete is not allowed
06:48:53.0855 0x05e4  Null ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0855 0x05e4  Force sending object to P2P due to detect: Null
06:48:53.0855 0x05e4  Object send P2P result: false
06:48:53.0855 0x05e4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:48:53.0871 0x05e4  nvraid - ok
06:48:53.0886 0x05e4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:48:53.0886 0x05e4  nvstor - ok
06:48:53.0902 0x05e4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:48:53.0902 0x05e4  nv_agp - ok
06:48:53.0902 0x05e4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:48:53.0918 0x05e4  ohci1394 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0918 0x05e4  Object is SCO, delete is not allowed
06:48:53.0918 0x05e4  ohci1394 ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0918 0x05e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:48:53.0933 0x05e4  p2pimsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0933 0x05e4  p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0949 0x05e4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
06:48:53.0964 0x05e4  p2psvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4  Object is SCO, delete is not allowed
06:48:53.0964 0x05e4  p2psvc ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
06:48:53.0964 0x05e4  Parport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0964 0x05e4  Object is SCO, delete is not allowed
06:48:53.0964 0x05e4  Parport ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0964 0x05e4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:48:53.0980 0x05e4  partmgr - ok
06:48:53.0980 0x05e4  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
06:48:53.0996 0x05e4  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
06:48:53.0996 0x05e4  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
06:48:53.0996 0x05e4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:48:54.0011 0x05e4  PcaSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0011 0x05e4  Object is SCO, delete is not allowed
06:48:54.0011 0x05e4  PcaSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0011 0x05e4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
06:48:54.0027 0x05e4  pci - ok
06:48:54.0027 0x05e4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
06:48:54.0027 0x05e4  pciide - ok
06:48:54.0042 0x05e4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
06:48:54.0058 0x05e4  pcmcia - ok
06:48:54.0058 0x05e4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
06:48:54.0074 0x05e4  pcw - ok
06:48:54.0089 0x05e4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:48:54.0105 0x05e4  PEAUTH - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0105 0x05e4  Object is SCO, delete is not allowed
06:48:54.0105 0x05e4  PEAUTH ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0105 0x05e4  Force sending object to P2P due to detect: PEAUTH
06:48:54.0105 0x05e4  Object send P2P result: false
06:48:54.0120 0x05e4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
06:48:54.0136 0x05e4  PerfHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0136 0x05e4  PerfHost ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0167 0x05e4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
06:48:54.0198 0x05e4  pla - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0198 0x05e4  Object is SCO, delete is not allowed
06:48:54.0198 0x05e4  pla ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0198 0x05e4  Force sending object to P2P due to detect: pla
06:48:54.0214 0x05e4  Object send P2P result: false
06:48:54.0230 0x05e4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:48:54.0230 0x05e4  PlugPlay - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0230 0x05e4  Object is SCO, delete is not allowed
06:48:54.0230 0x05e4  PlugPlay ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:48:54.0245 0x05e4  PNRPAutoReg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0245 0x05e4  PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0245 0x05e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:48:54.0261 0x05e4  PNRPsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0261 0x05e4  PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0276 0x05e4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:48:54.0292 0x05e4  PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0292 0x05e4  Object is SCO, delete is not allowed
06:48:54.0292 0x05e4  PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0292 0x05e4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
06:48:54.0308 0x05e4  Power - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4  Power ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0308 0x05e4  Force sending object to P2P due to detect: Power
06:48:54.0308 0x05e4  Object send P2P result: false
06:48:54.0308 0x05e4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:48:54.0308 0x05e4  PptpMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0308 0x05e4  Object is SCO, delete is not allowed
06:48:54.0308 0x05e4  PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
06:48:54.0323 0x05e4  Processor - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0323 0x05e4  Object is SCO, delete is not allowed
06:48:54.0323 0x05e4  Processor ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0323 0x05e4  Force sending object to P2P due to detect: Processor
06:48:54.0323 0x05e4  Object send P2P result: false
06:48:54.0323 0x05e4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
06:48:54.0339 0x05e4  ProfSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4  Object is SCO, delete is not allowed
06:48:54.0339 0x05e4  ProfSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0339 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:48:54.0339 0x05e4  ProtectedStorage - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0339 0x05e4  Object is SCO, delete is not allowed
06:48:54.0339 0x05e4  ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:48:54.0354 0x05e4  Psched - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0354 0x05e4  Object is SCO, delete is not allowed
06:48:54.0354 0x05e4  Psched ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0354 0x05e4  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
06:48:54.0370 0x05e4  PxHlpa64 - ok
06:48:54.0401 0x05e4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
06:48:54.0448 0x05e4  ql2300 - ok
06:48:54.0448 0x05e4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
06:48:54.0464 0x05e4  ql40xx - ok
06:48:54.0464 0x05e4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
06:48:54.0479 0x05e4  QWAVE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4  Object is SCO, delete is not allowed
06:48:54.0479 0x05e4  QWAVE ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:48:54.0479 0x05e4  QWAVEdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0479 0x05e4  Object is SCO, delete is not allowed
06:48:54.0479 0x05e4  QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0479 0x05e4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:48:54.0495 0x05e4  RasAcd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4  Object is SCO, delete is not allowed
06:48:54.0495 0x05e4  RasAcd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
06:48:54.0495 0x05e4  RasAgileVpn - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0495 0x05e4  RasAgileVpn ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0495 0x05e4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
06:48:54.0510 0x05e4  RasAuto - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4  Object is SCO, delete is not allowed
06:48:54.0510 0x05e4  RasAuto ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0510 0x05e4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
06:48:54.0510 0x05e4  Rasl2tp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0510 0x05e4  Object is SCO, delete is not allowed
06:48:54.0510 0x05e4  Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0526 0x05e4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
06:48:54.0542 0x05e4  RasMan - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4  Object is SCO, delete is not allowed
06:48:54.0542 0x05e4  RasMan ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0542 0x05e4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:48:54.0542 0x05e4  RasPppoe - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0542 0x05e4  Object is SCO, delete is not allowed
06:48:54.0542 0x05e4  RasPppoe ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
06:48:54.0557 0x05e4  RasSstp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0557 0x05e4  Object is SCO, delete is not allowed
06:48:54.0557 0x05e4  RasSstp ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0557 0x05e4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:48:54.0573 0x05e4  rdbss - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0573 0x05e4  Object is SCO, delete is not allowed
06:48:54.0573 0x05e4  rdbss ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0573 0x05e4  Force sending object to P2P due to detect: rdbss
06:48:54.0573 0x05e4  Object send P2P result: false
06:48:54.0573 0x05e4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
06:48:54.0588 0x05e4  rdpbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4  rdpbus ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:48:54.0588 0x05e4  RDPCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4  Object is SCO, delete is not allowed
06:48:54.0588 0x05e4  RDPCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0588 0x05e4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:48:54.0588 0x05e4  RDPENCDD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0588 0x05e4  Object is SCO, delete is not allowed
06:48:54.0588 0x05e4  RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:48:54.0604 0x05e4  RDPREFMP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4  RDPREFMP ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0604 0x05e4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:48:54.0604 0x05e4  RdpVideoMiniport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0604 0x05e4  RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0620 0x05e4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
06:48:54.0620 0x05e4  RDPWD - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0620 0x05e4  Object is SCO, delete is not allowed
06:48:54.0620 0x05e4  RDPWD ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0635 0x05e4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:48:54.0635 0x05e4  rdyboost - ok
06:48:54.0651 0x05e4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:48:54.0651 0x05e4  RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0651 0x05e4  Object is SCO, delete is not allowed
06:48:54.0651 0x05e4  RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0651 0x05e4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:48:54.0666 0x05e4  RemoteRegistry - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4  RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:48:54.0666 0x05e4  RpcEptMapper - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0666 0x05e4  RpcEptMapper ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0666 0x05e4  Force sending object to P2P due to detect: RpcEptMapper
06:48:54.0666 0x05e4  Object send P2P result: false
06:48:54.0682 0x05e4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
06:48:54.0682 0x05e4  RpcLocator - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0682 0x05e4  RpcLocator ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0682 0x05e4  Force sending object to P2P due to detect: RpcLocator
06:48:54.0682 0x05e4  Object send P2P result: false
06:48:54.0698 0x05e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
06:48:54.0698 0x05e4  RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0698 0x05e4  Object is SCO, delete is not allowed
06:48:54.0698 0x05e4  RpcSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:48:54.0713 0x05e4  rspndr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4  Object is SCO, delete is not allowed
06:48:54.0713 0x05e4  rspndr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\Windows\system32\lsass.exe
06:48:54.0713 0x05e4  SamSs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0713 0x05e4  Object is SCO, delete is not allowed
06:48:54.0713 0x05e4  SamSs ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0713 0x05e4  Force sending object to P2P due to detect: SamSs
06:48:54.0713 0x05e4  Object send P2P result: false
06:48:54.0729 0x05e4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:48:54.0729 0x05e4  sbp2port - ok
06:48:54.0744 0x05e4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:48:54.0744 0x05e4  SCardSvr - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0744 0x05e4  Object is SCO, delete is not allowed
06:48:54.0744 0x05e4  SCardSvr ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0760 0x05e4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:48:54.0760 0x05e4  scfilter - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0760 0x05e4  scfilter ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0791 0x05e4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
06:48:54.0822 0x05e4  Schedule - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4  Schedule ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0822 0x05e4  Force sending object to P2P due to detect: Schedule
06:48:54.0822 0x05e4  Object send P2P result: false
06:48:54.0822 0x05e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:48:54.0822 0x05e4  SCPolicySvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0822 0x05e4  Object is SCO, delete is not allowed
06:48:54.0822 0x05e4  SCPolicySvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:48:54.0838 0x05e4  SDRSVC - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0838 0x05e4  Object is SCO, delete is not allowed
06:48:54.0838 0x05e4  SDRSVC ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0838 0x05e4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:48:54.0838 0x05e4  secdrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4  secdrv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
06:48:54.0854 0x05e4  seclogon - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4  Object is SCO, delete is not allowed
06:48:54.0854 0x05e4  seclogon ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0854 0x05e4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
06:48:54.0854 0x05e4  SENS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0854 0x05e4  Object is SCO, delete is not allowed
06:48:54.0854 0x05e4  SENS ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:48:54.0869 0x05e4  SensrSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4  SensrSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0869 0x05e4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
06:48:54.0869 0x05e4  Serenum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0869 0x05e4  Object is SCO, delete is not allowed
06:48:54.0869 0x05e4  Serenum ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
06:48:54.0885 0x05e4  Serial - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4  Object is SCO, delete is not allowed
06:48:54.0885 0x05e4  Serial ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
06:48:54.0885 0x05e4  sermouse - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0885 0x05e4  Object is SCO, delete is not allowed
06:48:54.0885 0x05e4  sermouse ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0885 0x05e4  Force sending object to P2P due to detect: sermouse
06:48:54.0885 0x05e4  Object send P2P result: false
06:48:54.0900 0x05e4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
06:48:54.0900 0x05e4  SessionEnv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0900 0x05e4  Object is SCO, delete is not allowed
06:48:54.0900 0x05e4  SessionEnv ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0900 0x05e4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
06:48:54.0900 0x05e4  sffdisk - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4  Object is SCO, delete is not allowed
06:48:54.0916 0x05e4  sffdisk ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:48:54.0916 0x05e4  sffp_mmc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4  Object is SCO, delete is not allowed
06:48:54.0916 0x05e4  sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
06:48:54.0916 0x05e4  sffp_sd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0916 0x05e4  Object is SCO, delete is not allowed
06:48:54.0916 0x05e4  sffp_sd ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0916 0x05e4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
06:48:54.0932 0x05e4  sfloppy - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0932 0x05e4  Object is SCO, delete is not allowed
06:48:54.0932 0x05e4  sfloppy ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0932 0x05e4  Force sending object to P2P due to detect: sfloppy
06:48:54.0932 0x05e4  Object send P2P result: false
06:48:54.0932 0x05e4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:48:54.0947 0x05e4  SharedAccess - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0947 0x05e4  Object is SCO, delete is not allowed
06:48:54.0947 0x05e4  SharedAccess ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0963 0x05e4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:48:54.0963 0x05e4  ShellHWDetection - detected UnsignedFile.Multi.Generic ( 1 )
06:48:54.0963 0x05e4  ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
06:48:54.0978 0x05e4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:48:54.0978 0x05e4  SiSRaid2 - ok
06:48:54.0978 0x05e4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
06:48:54.0994 0x05e4  SiSRaid4 - ok
06:48:55.0056 0x05e4  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
06:48:55.0072 0x05e4  SkypeUpdate - ok
06:48:55.0072 0x05e4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
06:48:55.0072 0x05e4  Smb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0072 0x05e4  Object is SCO, delete is not allowed
06:48:55.0072 0x05e4  Smb ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0072 0x05e4  Force sending object to P2P due to detect: Smb
06:48:55.0072 0x05e4  Object send P2P result: false
06:48:55.0088 0x05e4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:48:55.0088 0x05e4  SNMPTRAP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0088 0x05e4  Object is SCO, delete is not allowed
06:48:55.0088 0x05e4  SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0088 0x05e4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
06:48:55.0088 0x05e4  spldr - ok
06:48:55.0103 0x05e4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
06:48:55.0119 0x05e4  Spooler - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0119 0x05e4  Spooler ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0197 0x05e4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
06:48:55.0290 0x05e4  sppsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0290 0x05e4  sppsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0290 0x05e4  Force sending object to P2P due to detect: sppsvc
06:48:55.0306 0x05e4  Object send P2P result: false
06:48:55.0306 0x05e4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
06:48:55.0306 0x05e4  sppuinotify - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0306 0x05e4  sppuinotify ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0306 0x05e4  Force sending object to P2P due to detect: sppuinotify
06:48:55.0306 0x05e4  Object send P2P result: false
06:48:55.0306 0x05e4  sptd - ok
06:48:55.0322 0x05e4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:48:55.0337 0x05e4  srv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0337 0x05e4  Object is SCO, delete is not allowed
06:48:55.0337 0x05e4  srv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0353 0x05e4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:48:55.0368 0x05e4  srv2 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0368 0x05e4  Object is SCO, delete is not allowed
06:48:55.0368 0x05e4  srv2 ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0368 0x05e4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:48:55.0384 0x05e4  srvnet - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0384 0x05e4  Object is SCO, delete is not allowed
06:48:55.0384 0x05e4  srvnet ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0384 0x05e4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:48:55.0400 0x05e4  SSDPSRV - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4  SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0400 0x05e4  Force sending object to P2P due to detect: SSDPSRV
06:48:55.0400 0x05e4  Object send P2P result: false
06:48:55.0400 0x05e4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:48:55.0400 0x05e4  SstpSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0400 0x05e4  Object is SCO, delete is not allowed
06:48:55.0400 0x05e4  SstpSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0415 0x05e4  [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
06:48:55.0431 0x05e4  Steam Client Service - ok
06:48:55.0446 0x05e4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
06:48:55.0446 0x05e4  stexstor - ok
06:48:55.0462 0x05e4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
06:48:55.0478 0x05e4  stisvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0478 0x05e4  Object is SCO, delete is not allowed
06:48:55.0478 0x05e4  stisvc ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0478 0x05e4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
06:48:55.0493 0x05e4  swenum - ok
06:48:55.0509 0x05e4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
06:48:55.0524 0x05e4  swprv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0524 0x05e4  Object is SCO, delete is not allowed
06:48:55.0524 0x05e4  swprv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0524 0x05e4  Force sending object to P2P due to detect: swprv
06:48:55.0524 0x05e4  Object send P2P result: false
06:48:55.0556 0x05e4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
06:48:55.0602 0x05e4  SysMain - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0602 0x05e4  Object is SCO, delete is not allowed
06:48:55.0602 0x05e4  SysMain ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:48:55.0618 0x05e4  TabletInputService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0618 0x05e4  Object is SCO, delete is not allowed
06:48:55.0618 0x05e4  TabletInputService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0618 0x05e4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:48:55.0634 0x05e4  TapiSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0634 0x05e4  TapiSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0634 0x05e4  Force sending object to P2P due to detect: TapiSrv
06:48:55.0634 0x05e4  Object send P2P result: false
06:48:55.0634 0x05e4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
06:48:55.0649 0x05e4  TBS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0649 0x05e4  Object is SCO, delete is not allowed
06:48:55.0649 0x05e4  TBS ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0696 0x05e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:48:55.0743 0x05e4  Tcpip - ok
06:48:55.0774 0x05e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:48:55.0821 0x05e4  TCPIP6 - ok
06:48:55.0836 0x05e4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:48:55.0836 0x05e4  tcpipreg - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4  Object is SCO, delete is not allowed
06:48:55.0836 0x05e4  tcpipreg ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0836 0x05e4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:48:55.0836 0x05e4  TDPIPE - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0836 0x05e4  Object is SCO, delete is not allowed
06:48:55.0836 0x05e4  TDPIPE ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
06:48:55.0852 0x05e4  TDTCP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4  Object is SCO, delete is not allowed
06:48:55.0852 0x05e4  TDTCP ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0852 0x05e4  Force sending object to P2P due to detect: TDTCP
06:48:55.0852 0x05e4  Object send P2P result: false
06:48:55.0852 0x05e4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:48:55.0852 0x05e4  tdx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0852 0x05e4  Object is SCO, delete is not allowed
06:48:55.0852 0x05e4  tdx ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0868 0x05e4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
06:48:55.0868 0x05e4  TermDD - ok
06:48:55.0883 0x05e4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
06:48:55.0899 0x05e4  TermService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0899 0x05e4  Object is SCO, delete is not allowed
06:48:55.0899 0x05e4  TermService ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
06:48:55.0914 0x05e4  Themes - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0914 0x05e4  Themes ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0914 0x05e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
06:48:55.0930 0x05e4  THREADORDER - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4  Object is SCO, delete is not allowed
06:48:55.0930 0x05e4  THREADORDER ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0930 0x05e4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
06:48:55.0930 0x05e4  TrkWks - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0930 0x05e4  Object is SCO, delete is not allowed
06:48:55.0930 0x05e4  TrkWks ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:48:55.0946 0x05e4  TrustedInstaller - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0946 0x05e4  Object is SCO, delete is not allowed
06:48:55.0946 0x05e4  TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0946 0x05e4  Force sending object to P2P due to detect: TrustedInstaller
06:48:55.0946 0x05e4  Object send P2P result: false
06:48:55.0946 0x05e4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:48:55.0961 0x05e4  tssecsrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4  Object is SCO, delete is not allowed
06:48:55.0961 0x05e4  tssecsrv ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:48:55.0961 0x05e4  TsUsbFlt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0961 0x05e4  TsUsbFlt ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0961 0x05e4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:48:55.0977 0x05e4  tunnel - detected UnsignedFile.Multi.Generic ( 1 )
06:48:55.0977 0x05e4  Object is SCO, delete is not allowed
06:48:55.0977 0x05e4  tunnel ( UnsignedFile.Multi.Generic ) - warning
06:48:55.0977 0x05e4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
06:48:55.0977 0x05e4  uagp35 - ok
06:48:55.0992 0x05e4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:48:56.0008 0x05e4  udfs - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4  Object is SCO, delete is not allowed
06:48:56.0008 0x05e4  udfs ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0008 0x05e4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:48:56.0008 0x05e4  UI0Detect - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0008 0x05e4  Object is SCO, delete is not allowed
06:48:56.0008 0x05e4  UI0Detect ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0024 0x05e4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:48:56.0024 0x05e4  uliagpkx - ok
06:48:56.0024 0x05e4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
06:48:56.0039 0x05e4  umbus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4  Object is SCO, delete is not allowed
06:48:56.0039 0x05e4  umbus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0039 0x05e4  Force sending object to P2P due to detect: umbus
06:48:56.0039 0x05e4  Object send P2P result: false
06:48:56.0039 0x05e4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
06:48:56.0039 0x05e4  UmPass - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0039 0x05e4  Object is SCO, delete is not allowed
06:48:56.0039 0x05e4  UmPass ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0055 0x05e4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
06:48:56.0055 0x05e4  upnphost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0055 0x05e4  upnphost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
06:48:56.0070 0x05e4  usbaudio - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0070 0x05e4  usbaudio ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0070 0x05e4  Force sending object to P2P due to detect: usbaudio
06:48:56.0070 0x05e4  Object send P2P result: false
06:48:56.0070 0x05e4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
06:48:56.0086 0x05e4  usbccgp - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4  Object is SCO, delete is not allowed
06:48:56.0086 0x05e4  usbccgp ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0086 0x05e4  Force sending object to P2P due to detect: usbccgp
06:48:56.0086 0x05e4  Object send P2P result: false
06:48:56.0086 0x05e4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:48:56.0086 0x05e4  usbcir - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0086 0x05e4  Object is SCO, delete is not allowed
06:48:56.0086 0x05e4  usbcir ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0102 0x05e4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
06:48:56.0102 0x05e4  usbehci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0102 0x05e4  Object is SCO, delete is not allowed
06:48:56.0102 0x05e4  usbehci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
06:48:56.0117 0x05e4  usbhub - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0117 0x05e4  Object is SCO, delete is not allowed
06:48:56.0117 0x05e4  usbhub ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0117 0x05e4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
06:48:56.0133 0x05e4  usbohci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4  Object is SCO, delete is not allowed
06:48:56.0133 0x05e4  usbohci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4  Force sending object to P2P due to detect: usbohci
06:48:56.0133 0x05e4  Object send P2P result: false
06:48:56.0133 0x05e4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
06:48:56.0133 0x05e4  usbprint - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0133 0x05e4  Object is SCO, delete is not allowed
06:48:56.0133 0x05e4  usbprint ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0133 0x05e4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:48:56.0148 0x05e4  USBSTOR - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4  USBSTOR ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
06:48:56.0148 0x05e4  usbuhci - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4  Object is SCO, delete is not allowed
06:48:56.0148 0x05e4  usbuhci ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0148 0x05e4  Force sending object to P2P due to detect: usbuhci
06:48:56.0148 0x05e4  Object send P2P result: false
06:48:56.0148 0x05e4  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
06:48:56.0148 0x05e4  usb_rndisx - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0148 0x05e4  usb_rndisx ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
06:48:56.0164 0x05e4  UxSms - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4  Object is SCO, delete is not allowed
06:48:56.0164 0x05e4  UxSms ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
06:48:56.0164 0x05e4  VaultSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0164 0x05e4  Object is SCO, delete is not allowed
06:48:56.0164 0x05e4  VaultSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0164 0x05e4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:48:56.0180 0x05e4  vdrvroot - ok
06:48:56.0195 0x05e4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
06:48:56.0211 0x05e4  vds - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4  Object is SCO, delete is not allowed
06:48:56.0211 0x05e4  vds ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
06:48:56.0211 0x05e4  vga - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0211 0x05e4  Object is SCO, delete is not allowed
06:48:56.0211 0x05e4  vga ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0211 0x05e4  Force sending object to P2P due to detect: vga
06:48:56.0211 0x05e4  Object send P2P result: false
06:48:56.0226 0x05e4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
06:48:56.0226 0x05e4  VgaSave - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0226 0x05e4  Object is SCO, delete is not allowed
06:48:56.0226 0x05e4  VgaSave ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0226 0x05e4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
06:48:56.0242 0x05e4  vhdmp - ok
06:48:56.0242 0x05e4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
06:48:56.0258 0x05e4  viaide - ok
06:48:56.0258 0x05e4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:48:56.0258 0x05e4  volmgr - ok
06:48:56.0273 0x05e4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:48:56.0289 0x05e4  volmgrx - ok
06:48:56.0304 0x05e4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:48:56.0304 0x05e4  volsnap - ok
06:48:56.0320 0x05e4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
06:48:56.0320 0x05e4  vsmraid - ok
06:48:56.0367 0x05e4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
06:48:56.0398 0x05e4  VSS - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0398 0x05e4  Object is SCO, delete is not allowed
06:48:56.0398 0x05e4  VSS ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0414 0x05e4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
06:48:56.0414 0x05e4  vwifibus - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0414 0x05e4  vwifibus ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0429 0x05e4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
06:48:56.0429 0x05e4  W32Time - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0429 0x05e4  Object is SCO, delete is not allowed
06:48:56.0429 0x05e4  W32Time ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
06:48:56.0445 0x05e4  WacomPen - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4  Object is SCO, delete is not allowed
06:48:56.0445 0x05e4  WacomPen ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0445 0x05e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0445 0x05e4  WANARP - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0445 0x05e4  Object is SCO, delete is not allowed
06:48:56.0445 0x05e4  WANARP ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:48:56.0460 0x05e4  Wanarpv6 - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0460 0x05e4  Object is SCO, delete is not allowed
06:48:56.0460 0x05e4  Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0460 0x05e4  Force sending object to P2P due to detect: Wanarpv6
06:48:56.0460 0x05e4  Object send P2P result: false
06:48:56.0492 0x05e4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
06:48:56.0523 0x05e4  WatAdminSvc - ok
06:48:56.0570 0x05e4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
06:48:56.0601 0x05e4  wbengine - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0601 0x05e4  Object is SCO, delete is not allowed
06:48:56.0601 0x05e4  wbengine ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0616 0x05e4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:48:56.0616 0x05e4  WbioSrvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0616 0x05e4  WbioSrvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0632 0x05e4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:48:56.0632 0x05e4  wcncsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0632 0x05e4  Object is SCO, delete is not allowed
06:48:56.0632 0x05e4  wcncsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:48:56.0648 0x05e4  WcsPlugInService - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0648 0x05e4  Object is SCO, delete is not allowed
06:48:56.0648 0x05e4  WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0648 0x05e4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
06:48:56.0663 0x05e4  Wd - ok
06:48:56.0679 0x05e4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:48:56.0694 0x05e4  Wdf01000 - ok
06:48:56.0710 0x05e4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:48:56.0710 0x05e4  WdiServiceHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0710 0x05e4  Object is SCO, delete is not allowed
06:48:56.0710 0x05e4  WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:48:56.0726 0x05e4  WdiSystemHost - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0726 0x05e4  Object is SCO, delete is not allowed
06:48:56.0726 0x05e4  WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0726 0x05e4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
06:48:56.0741 0x05e4  WebClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0741 0x05e4  Object is SCO, delete is not allowed
06:48:56.0741 0x05e4  WebClient ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:48:56.0757 0x05e4  Wecsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0757 0x05e4  Object is SCO, delete is not allowed
06:48:56.0757 0x05e4  Wecsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0757 0x05e4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:48:56.0772 0x05e4  wercplsupport - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4  Object is SCO, delete is not allowed
06:48:56.0772 0x05e4  wercplsupport ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:48:56.0772 0x05e4  WerSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0772 0x05e4  Object is SCO, delete is not allowed
06:48:56.0772 0x05e4  WerSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0772 0x05e4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:48:56.0788 0x05e4  WfpLwf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0788 0x05e4  WfpLwf ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0788 0x05e4  Force sending object to P2P due to detect: WfpLwf
06:48:56.0788 0x05e4  Object send P2P result: false
06:48:56.0788 0x05e4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:48:56.0788 0x05e4  WIMMount - ok
06:48:56.0788 0x05e4  WinDefend - ok
06:48:56.0804 0x05e4  WinHttpAutoProxySvc - ok
06:48:56.0804 0x05e4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:48:56.0819 0x05e4  Winmgmt - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0819 0x05e4  Object is SCO, delete is not allowed
06:48:56.0819 0x05e4  Winmgmt ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0866 0x05e4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
06:48:56.0913 0x05e4  WinRM - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0913 0x05e4  Object is SCO, delete is not allowed
06:48:56.0913 0x05e4  WinRM ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0928 0x05e4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
06:48:56.0928 0x05e4  WinUsb - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0928 0x05e4  WinUsb ( UnsignedFile.Multi.Generic ) - warning
06:48:56.0944 0x05e4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
06:48:56.0975 0x05e4  Wlansvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:56.0975 0x05e4  Object is SCO, delete is not allowed
06:48:56.0975 0x05e4  Wlansvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0022 0x05e4  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:48:57.0084 0x05e4  wlidsvc - ok
06:48:57.0084 0x05e4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
06:48:57.0084 0x05e4  WmiAcpi - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0084 0x05e4  Object is SCO, delete is not allowed
06:48:57.0084 0x05e4  WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0100 0x05e4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:48:57.0100 0x05e4  wmiApSrv - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0100 0x05e4  Object is SCO, delete is not allowed
06:48:57.0100 0x05e4  wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4  WMPNetworkSvc - ok
06:48:57.0116 0x05e4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:48:57.0116 0x05e4  WPCSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0116 0x05e4  Object is SCO, delete is not allowed
06:48:57.0116 0x05e4  WPCSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0116 0x05e4  Force sending object to P2P due to detect: WPCSvc
06:48:57.0116 0x05e4  Object send P2P result: false
06:48:57.0116 0x05e4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:48:57.0131 0x05e4  WPDBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4  Object is SCO, delete is not allowed
06:48:57.0131 0x05e4  WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:48:57.0131 0x05e4  ws2ifsl - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0131 0x05e4  Object is SCO, delete is not allowed
06:48:57.0131 0x05e4  ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0131 0x05e4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
06:48:57.0147 0x05e4  wscsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0147 0x05e4  Object is SCO, delete is not allowed
06:48:57.0147 0x05e4  wscsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0147 0x05e4  Force sending object to P2P due to detect: wscsvc
06:48:57.0147 0x05e4  Object send P2P result: false
06:48:57.0147 0x05e4  WSearch - ok
06:48:57.0209 0x05e4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
06:48:57.0272 0x05e4  wuauserv - ok
06:48:57.0272 0x05e4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:48:57.0287 0x05e4  WudfPf - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4  Object is SCO, delete is not allowed
06:48:57.0287 0x05e4  WudfPf ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
06:48:57.0287 0x05e4  WUDFRd - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0287 0x05e4  Object is SCO, delete is not allowed
06:48:57.0287 0x05e4  WUDFRd ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0287 0x05e4  Force sending object to P2P due to detect: WUDFRd
06:48:57.0303 0x05e4  Object send P2P result: false
06:48:57.0303 0x05e4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:48:57.0303 0x05e4  wudfsvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0303 0x05e4  Object is SCO, delete is not allowed
06:48:57.0303 0x05e4  wudfsvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:48:57.0318 0x05e4  WwanSvc - detected UnsignedFile.Multi.Generic ( 1 )
06:48:57.0318 0x05e4  WwanSvc ( UnsignedFile.Multi.Generic ) - warning
06:48:57.0318 0x05e4  Force sending object to P2P due to detect: WwanSvc
06:48:57.0318 0x05e4  Object send P2P result: false
06:48:57.0318 0x05e4  ================ Scan global ===============================
06:48:57.0334 0x05e4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
06:48:57.0334 0x05e4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
06:48:57.0350 0x05e4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
06:48:57.0365 0x05e4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
06:48:57.0365 0x05e4  [ Global ] - ok
06:48:57.0365 0x05e4  ================ Scan MBR ==================================
06:48:57.0365 0x05e4  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
06:48:57.0412 0x05e4  \Device\Harddisk0\DR0 - ok
06:48:57.0412 0x05e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
06:48:57.0521 0x05e4  \Device\Harddisk1\DR1 - ok
06:48:57.0521 0x05e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
06:48:57.0568 0x05e4  \Device\Harddisk2\DR2 - ok
06:48:57.0584 0x05e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
06:48:57.0630 0x05e4  \Device\Harddisk3\DR3 - ok
06:48:57.0630 0x05e4  ================ Scan VBR ==================================
06:48:57.0630 0x05e4  [ 0EE2DD8428A12145BDEE66378AE92E26 ] \Device\Harddisk0\DR0\Partition1
06:48:57.0630 0x05e4  \Device\Harddisk0\DR0\Partition1 - ok
06:48:57.0630 0x05e4  [ 9C9C8B45E21AD77EA6D5035C53019B6A ] \Device\Harddisk1\DR1\Partition1
06:48:57.0630 0x05e4  \Device\Harddisk1\DR1\Partition1 - ok
06:48:57.0646 0x05e4  [ 1CF7C9E0C2891AADCDBA1FC14C9B93BF ] \Device\Harddisk1\DR1\Partition2
06:48:57.0646 0x05e4  \Device\Harddisk1\DR1\Partition2 - ok
06:48:57.0646 0x05e4  [ 803961758AD5EF82D9A740EB838293FE ] \Device\Harddisk2\DR2\Partition1
06:48:57.0662 0x05e4  \Device\Harddisk2\DR2\Partition1 - ok
06:48:57.0662 0x05e4  [ 543BE68A69DD2EEAF6271B5357D6D96A ] \Device\Harddisk3\DR3\Partition1
06:48:57.0693 0x05e4  \Device\Harddisk3\DR3\Partition1 - ok
06:48:57.0693 0x05e4  ================ Scan generic autorun ======================
06:48:57.0974 0x05e4  [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
06:48:58.0301 0x05e4  RTHDVCPL - ok
06:48:58.0348 0x05e4  [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] C:\Program Files\Microsoft Security Client\msseces.exe
06:48:58.0395 0x05e4  MSC - ok
06:48:58.0410 0x05e4  [ 51B634D617073986FA73417318F7C121, CAB64175383F501FA515D335167334D7F2147F0889E5052484AA1FF866C6F8CF ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
06:48:58.0426 0x05e4  AdobeAAMUpdater-1.0 - ok
06:48:58.0473 0x05e4  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
06:48:58.0520 0x05e4  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
06:48:58.0520 0x05e4  AVMWlanClient ( UnsignedFile.Multi.Generic ) - warning
06:48:58.0520 0x05e4  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
06:48:58.0535 0x05e4  NUSB3MON - ok
06:48:58.0566 0x05e4  [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
06:48:58.0582 0x05e4  StartCCC - ok
06:48:58.0644 0x05e4  [ 87EE3EF42CF8257F6B14BAD6F77DFF04, 8E64B1BD89C322753D0E1BBBFD61D5FFE202CA3C07298BC613E3D7E303479E23 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
06:48:58.0707 0x05e4  Adobe Creative Cloud - ok
06:48:58.0738 0x05e4  [ 2E156FEA6FA4F462F39F6AA86E03A269, E99343353781DBD5B300D6B887D8CC91DB019922CA7E494500CC2604685287FD ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
06:48:58.0785 0x05e4  Acrobat Assistant 8.0 - ok
06:48:58.0894 0x05e4  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Dizzy\AppData\Local\Akamai\netsession_win.exe
06:48:59.0019 0x05e4  Akamai NetSession Interface - ok
06:48:59.0175 0x05e4  [ 18EE6C694976C4D205AF24D6CCE3B660, 262F8B929CBBC8BFDD465826A27625ED9508A7C325C45F1964A4EFAC36D60056 ] C:\Program Files\CCleaner\CCleaner64.exe
06:48:59.0362 0x05e4  CCleaner Monitoring - ok
06:48:59.0393 0x05e4  [ D3D72615EA99E9B4D83101A4006595EA, E6ED416D75B9A7C573F68DBEB5E58D771D6D0D46415C373466EDC4E266C100D7 ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
06:48:59.0409 0x05e4  Adobe Acrobat Synchronizer - ok
06:48:59.0440 0x05e4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x60000 ( disabled : updated )
06:48:59.0456 0x05e4  Win FW state via NFP2: enabled
06:48:59.0456 0x05e4  ============================================================
06:48:59.0456 0x05e4  Scan finished
06:48:59.0456 0x05e4  ============================================================
         

Alt 28.04.2015, 13:21   #10
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Skip-Teil:
Code:
ATTFilter
06:48:59.0456 0x05dc  Detected object count: 280
06:48:59.0456 0x05dc  Actual detected object count: 280
06:58:08.0296 0x05dc  1394ohci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0296 0x05dc  1394ohci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0296 0x05dc  AcpiPmi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0296 0x05dc  AcpiPmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AeLookupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AeLookupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AFD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  ALG ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AMD External Events Utility ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AMD External Events Utility ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  amdkmdag ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  amdkmdag ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  amdkmdap ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  amdkmdap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AmdPPM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AmdPPM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AppID ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AppID ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AppIDSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AppIDSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  Appinfo ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  Appinfo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AtiHDAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AtiHDAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AudioEndpointBuilder ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  AxInstSV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  AxInstSV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0311 0x05dc  b06bdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0311 0x05dc  b06bdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  b57nd60a ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  b57nd60a ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BDESVC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BDESVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  Beep ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BFE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BFE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BITS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  blbdrive ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  blbdrive ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  bowser ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  bowser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BrFiltLo ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BrFiltLo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BrFiltUp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BrFiltUp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BridgeMP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BridgeMP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  Browser ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  Brserid ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  Brserid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BrSerWdm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BrSerWdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BrUsbMdm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BrUsbMdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BrUsbSer ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BrUsbSer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  BTHMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  BTHMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  bthserv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  bthserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0327 0x05dc  cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0327 0x05dc  cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  CertPropSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  CertPropSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  circlass ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  circlass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  CompositeBus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  CompositeBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  defragsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  defragsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  DfsC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  DfsC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  discache ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  discache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  DPS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  DPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  ebdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  ebdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  EFS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  EFS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  ehRecvr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  ehRecvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0343 0x05dc  ehSched ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0343 0x05dc  ehSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  ErrDev ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  ErrDev ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  exfat ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  exfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  Fax ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  Fax ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  fdc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  fdPHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  fdPHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  FDResPub ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  FDResPub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  Filetrace ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  Filetrace ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  FWLANUSB ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  FWLANUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  gpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  gpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  hcw85cir ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  hcw85cir ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  HidBatt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  HidBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  HidBth ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  HidBth ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  HidIr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  HidIr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  hidserv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  hidserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0358 0x05dc  HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0358 0x05dc  HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  HomeGroupListener ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  HomeGroupListener ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  HomeGroupProvider ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  HomeGroupProvider ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  IKEEXT ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  IKEEXT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  IPBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  IPBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  iphlpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  iphlpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  IPMIDRV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  IPMIDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  IPNAT ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  IPNAT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  KeyIso ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  KeyIso ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  ksthunk ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  ksthunk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  KtmRm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  KtmRm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0374 0x05dc  LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0374 0x05dc  LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  LanmanWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  LanmanWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  lltdio ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  lltdio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  lltdsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  lltdsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  lmhosts ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  lmhosts ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  luafv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  luafv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  Mcx2Svc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  Mcx2Svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  MMCSS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  MMCSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  Modem ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  monitor ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  mpsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  mpsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  MpsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  MpsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  mrxsmb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  mrxsmb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  mrxsmb10 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  mrxsmb10 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  mrxsmb20 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  mrxsmb20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0389 0x05dc  mshidkmdf ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0389 0x05dc  mshidkmdf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  MSiSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  MTConfig ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  MTConfig ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  napagent ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  NativeWifiP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  NdisCap ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  NdisCap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0405 0x05dc  Netman ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0405 0x05dc  Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  netprofm ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  netprofm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  NlaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  nsi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  nsi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  nsiproxy ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  Null ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  p2pimsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  p2pimsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  p2psvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  p2psvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  Parport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PcaSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PEAUTH ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PerfHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PerfHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  pla ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  pla ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PNRPAutoReg ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PNRPAutoReg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PNRPsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PNRPsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0421 0x05dc  Power ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0421 0x05dc  Power ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  Processor ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  Processor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  ProfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  Psched ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  Psched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  QWAVEdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RasAgileVpn ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RasAgileVpn ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RasSstp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  rdpbus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  rdpbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RDPENCDD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0436 0x05dc  RDPREFMP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0436 0x05dc  RDPREFMP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  RpcEptMapper ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  RpcEptMapper ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  scfilter ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  scfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  SCPolicySvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  SCPolicySvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  SDRSVC ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  SDRSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  SENS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  SensrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  SensrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0452 0x05dc  Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0452 0x05dc  Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  Serial ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  sermouse ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  sermouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  SessionEnv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  sffdisk ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  sffp_mmc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  sffp_sd ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  Smb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  Smb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  SNMPTRAP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  sppsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  sppsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  sppuinotify ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  sppuinotify ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  srv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  srv2 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  srv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  srvnet ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  srvnet ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0467 0x05dc  SstpSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0467 0x05dc  SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  swprv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  swprv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  SysMain ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  SysMain ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TabletInputService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TabletInputService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TBS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TBS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  tcpipreg ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  tdx ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  tdx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TermService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  Themes ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  THREADORDER ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  THREADORDER ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TrustedInstaller ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  tssecsrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  TsUsbFlt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  TsUsbFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  tunnel ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  tunnel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  udfs ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0483 0x05dc  UI0Detect ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0483 0x05dc  UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  umbus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  umbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  UmPass ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  UmPass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbcir ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbcir ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbohci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbohci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  usb_rndisx ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  usb_rndisx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  UxSms ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  UxSms ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  VaultSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  VaultSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  vds ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  vds ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  vga ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  vga ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  VSS ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0499 0x05dc  vwifibus ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0499 0x05dc  vwifibus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WacomPen ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WANARP ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WANARP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  Wanarpv6 ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  wbengine ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  wbengine ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WbioSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WbioSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  wcncsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  wcncsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WcsPlugInService ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WcsPlugInService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WdiServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WdiSystemHost ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  Wecsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  wercplsupport ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  wercplsupport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WfpLwf ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WfpLwf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  Winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0514 0x05dc  WinRM ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0514 0x05dc  WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  WinUsb ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  WinUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  Wlansvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  Wlansvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  wmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  WPCSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  WPCSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  WPDBusEnum ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  WPDBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  ws2ifsl ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  WUDFRd ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  wudfsvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  WwanSvc ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  WwanSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
06:58:08.0530 0x05dc  AVMWlanClient ( UnsignedFile.Multi.Generic ) - skipped by user
06:58:08.0530 0x05dc  AVMWlanClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
p.s. Soll ich die ComboFix auch nochmal im
abgesicherten Modus laufen lassen? Oder
kommt jetzt was komplett Neues?

Hab heute nochmals Windows-Updates ausprobiert...ohne Änderung...
lässt sich nicht updaten.

Wieder kleines Update:

Einige Programme haben in der Autostart-Phase wohl Probleme
("funktioniert nicht mehr"-Erneuter Start des Programmes)

Und ich werd noch ratloser...
Die Combofix bleibt wie im normalen Modus als auch
im Abgesicherten Modus bei der "Services"-File hängen
und macht nichts mehr...

Ich hoffe mal, dass du aus den obigen Logs schlau wirst, was da los ist.

Alt 29.04.2015, 07:43   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Ok, angeblich ist keine einzige Systemdatei korrekt....


  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.04.2015, 09:04   #12
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Hab die Repair wie oben angezeigt durchgeführt.
PC fuhr herunter, nun hab ich Ihn wieder angeschaltet.
Was nun?

Alt 30.04.2015, 06:57   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



Dann bitte nochmal TDSSKiller und Combofix.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.05.2015, 18:28   #14
Oronwe
 
Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



wird gemacht.

Der TDSSKiller hat das exakt selbe Log wie vorher (mit 280 gefundenen) files
und die COMBOFIX bleibt wieder bei dem Versuch, die "Services.exe" zu reparieren,
hängen....

Ergo alles wie vor dem Repair. Leider.

p.s. alles im abgesicherten Modus mit deaktiviertem Echtzeitschutz.

Geändert von Oronwe (02.05.2015 um 19:07 Uhr)

Alt 03.05.2015, 13:39   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Standard

Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.



FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.
adware, akamai, browser, computer, defender, desktop, error, festplatte, firefox, flash player, format, home, homepage, mozilla, newtab, prozess, realtek, refresh, registry, security, services.exe, software, stick, svchost.exe, system, teredo, updates, usb



Ähnliche Themen: Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a.


  1. Keine Updates bzw. neue Installation möglich
    Plagegeister aller Art und deren Bekämpfung - 06.10.2015 (41)
  2. Keine Updates bzw Neuinstallationen mehr möglich
    Alles rund um Windows - 23.07.2015 (1)
  3. Nach Adware Cleaner Meldung: "Keine Internetverbindung". Keine Updates, kein Skype u.ä. mehr möglich!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2015 (15)
  4. Keine Installationen und Updates mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 12.09.2014 (13)
  5. Keine Installationen/Updates möglich
    Alles rund um Windows - 30.06.2014 (5)
  6. Keine Installationen/Updates möglich
    Alles rund um Windows - 15.06.2014 (4)
  7. Keine Updates und Installationen mehr möglich (win 7)
    Plagegeister aller Art und deren Bekämpfung - 31.03.2014 (30)
  8. keine Online Updates aus Programmen möglich
    Log-Analyse und Auswertung - 24.05.2013 (3)
  9. Keine Updates mehr möglich
    Log-Analyse und Auswertung - 22.12.2010 (3)
  10. WinXP Update Seite blockiert - Keine Updates möglich
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (6)
  11. Keine Windows Updates möglich: Fehler 0x80072EFD
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (1)
  12. Keine Updates mehr möglich
    Log-Analyse und Auswertung - 18.06.2010 (3)
  13. keine Updates mehr möglich
    Log-Analyse und Auswertung - 20.07.2009 (7)
  14. Keine Updates mehr möglich! Trojanerverdacht!!
    Log-Analyse und Auswertung - 18.04.2009 (1)
  15. Keine Updates mehr möglich MS, Spybot u.a.
    Log-Analyse und Auswertung - 03.02.2009 (1)
  16. Internetverbindung extrem langsam / keine Updates möglich
    Log-Analyse und Auswertung - 03.01.2009 (1)
  17. keine updates mehr möglich
    Log-Analyse und Auswertung - 14.12.2008 (1)

Zum Thema Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. - Hallo, mein Rechner läuft seit einigen Tagen ziemlich unrund. Wie oben beschrieben sind alle Windows-Updates grundsätzlich "fehlgeschlagen", einige Programme haben seltsame Startmanieren (Adobe Illustrator, InDesign, etc.) und nicht nachvollziehbare Abstürze - Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a....
Archiv
Du betrachtest: Win 7 keine Updates möglich,Programmabstürze, Virenfund VMProtect.AAA u.a. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.