• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 21

    Nido de Malwares en mi pc!

    Hola, perdona la demora, ya estoy aquí. A ver: 1.) Desinstalas el Chrome con este programa: Revo Uninstaller | InfoSpyware en su método avanzado también desinstalas el SpyBot (si lo has comprado tendrás un número ...

    1. #11
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: Nido de Malwares en mi pc!

      Hola, perdona la demora, ya estoy aquí.

      A ver:

      1.) Desinstalas el Chrome con este programa: Revo Uninstaller | InfoSpyware en su método avanzado también desinstalas el SpyBot (si lo has comprado tendrás un número de licencia, con lo cual luego lo podrás volver a instalar, si no lo desinstalás y ya está.

      2.)
      Descarga esta herramienta, pero no la ejecutes aún: AT-Destroyer 1.7 (by InfoSpyware) | InfoSpyware, trasládala por ejemplo desde donde descargues al Escritorio, también te vas a descargar esta otra SpywareBlaster 4.6 | InfoSpyware.

      3.) Actualiza tu AntiSpy. Y si quieres hacer un Scaneo con el Panda online con el mozilla necesitas tener el complemento IE Tab instalado (debía habértelo dicho), este complemento de lo vas a bajar de aquí: https://addons.mozilla.org/es/firefox/addon/ie-tab/.

      4.) Configura el Ccleaner como te digo: te vas a opciones/configuracion/Borrado Seguro 1 pase. Ejecútalo como Administrador y realizas limpieza Limpiador/Registro.

      5.) Reinicia en Modo Seguro. Ejecuta el AT (como Administrador) y le das a la opción 1. Déjalo trabajar. Cuando acabe, ejecútalo de nuevo y le das a la opción 3 guarda reporte. Ejecuta el Antisy en modo completo (hazlo como Administrador), borra todo lo que te salga (te va a salir 2 detecciones del AT, son falsos positivos, pero los borras) si te pide reiniciar lo haces pero en Modo Seguro. Guarda Reporte. Ejecuta como Administrador el Ccleaner, hazlo hasta que no te salga nada.

      4.) Reinicia en Modo Seguro con FUNCIONES DE RED. Desactiva la protección de tu Antivirus: Cómo deshabilitar temporalmente su Antivirus. Ejecuta el Panda Active Scan 2.0 en Modo Seguro con funciones de Red. Te dejo el Manual: Manual de Panda ActiveScan 2.0. Guarda su reporte.

      5.) Reinicia en Modo normal y ejecuta 1 VEZ el Ccleaner. Te dejo Manual del SpyBlaster para que lo configures: Manual de SpywareBlaster en Español. Espero reportes del AT, del AntiSpy y del Panda.
      Tomátelo con paciencia .

      Un saludo.

    2. #12
      Usuario Avatar de elisamuelps
      Registrado
      sep 2012
      Ubicación
      Venezuela
      Mensajes
      13

      Re: Nido de Malwares en mi pc!

      Buenas, perdona mi retraso, he estado super full estos dias, recientemente prendo mi pc de nuevo y me encontre con un proceso sospechoso en el sistema que se llamaba mor.exe de wonder technologies, como estaba en mi lista de procesos y no lo pude terminar me preocupe, así que agarre con el fileassasin y lo elimine, tenia dos instancias, una estaba en mi carpeta de usuario y la segunda estaba en appdata/local/temp igual los borre todos, despues se me bloqueo otra ves algunos drivers como la vez pasada pero pase de nuevo el tdss killer que me detecto otro malware y mas cosas, y luego el malwarebytes por si acaso que no me detecto nada, cuando voy a seguir tus pasos y voy a abrir el atdestroyer me encuentro con esto: http://img515.imageshack.us/img515/9543/helpax.jpg
      entonces no puedo ejecutar el at destroyer :/ ya me llega un disco duro nuevo mañana y ya hasta paso por mi mente formatear mi pc para poder borrar todo rastro de malwares, por que me estan dando muchos problemas

    3. #13
      Usuario Avatar de elisamuelps
      Registrado
      sep 2012
      Ubicación
      Venezuela
      Mensajes
      13

      Re: Nido de Malwares en mi pc!

      aca el nuevo log de tdss killer que pase :/

      01:05:53.0572 3780 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
      01:05:54.0142 3780 ============================================================
      01:05:54.0142 3780 Current date / time: 2012/10/04 01:05:54.0142
      01:05:54.0142 3780 SystemInfo:
      01:05:54.0142 3780
      01:05:54.0142 3780 OS Version: 6.0.6002 ServicePack: 2.0
      01:05:54.0142 3780 Product type: Workstation
      01:05:54.0142 3780 ComputerName: G5SHB9
      01:05:54.0142 3780 UserName: MY COMPUTERS
      01:05:54.0142 3780 Windows directory: C:\Windows
      01:05:54.0142 3780 System windows directory: C:\Windows
      01:05:54.0142 3780 Processor architecture: Intel x86
      01:05:54.0142 3780 Number of processors: 2
      01:05:54.0142 3780 Page size: 0x1000
      01:05:54.0142 3780 Boot type: Normal boot
      01:05:54.0142 3780 ============================================================
      01:05:55.0889 3780 !crdlk
      01:05:55.0920 3780 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
      01:05:55.0967 3780 ============================================================
      01:05:55.0967 3780 \Device\Harddisk0\DR0:
      01:05:55.0982 3780 MBR partitions:
      01:05:55.0982 3780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57E4000
      01:05:55.0982 3780 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x57E4800, BlocksNum 0xD234800
      01:05:55.0982 3780 ============================================================
      01:05:56.0014 3780 C: <-> \Device\Harddisk0\DR0\Partition1
      01:05:56.0060 3780 D: <-> \Device\Harddisk0\DR0\Partition2
      01:05:56.0060 3780 ============================================================
      01:05:56.0060 3780 Initialize success
      01:05:56.0060 3780 ============================================================
      01:06:12.0990 3648 ============================================================
      01:06:12.0990 3648 Scan started
      01:06:12.0990 3648 Mode: Manual;
      01:06:12.0990 3648 ============================================================
      01:06:14.0596 3648 ================ Scan system memory ========================
      01:06:14.0596 3648 System memory - ok
      01:06:14.0596 3648 ================ Scan services =============================
      01:06:14.0674 3648 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
      01:06:14.0674 3648 !SASCORE - ok
      01:06:14.0737 3648 Suspicious service (NoAccess): 8882a141e2e37786
      01:06:14.0846 3648 [ 075F1F21FD1DCF6C7F1144CC2E9FE3B6 ] 8882a141e2e37786 C:\Windows\System32\Drivers\8882a141e2e37786.sys
      01:06:14.0846 3648 Suspicious file (NoAccess): C:\Windows\System32\Drivers\8882a141e2e37786.sys. md5: 075F1F21FD1DCF6C7F1144CC2E9FE3B6
      01:06:14.0971 3648 8882a141e2e37786 ( Rootkit.Win32.Necurs.gen ) - infected
      01:06:14.0971 3648 8882a141e2e37786 - detected Rootkit.Win32.Necurs.gen (0)
      01:06:15.0080 3648 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
      01:06:15.0080 3648 ACPI - ok
      01:06:15.0142 3648 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys
      01:06:15.0158 3648 adfs - ok
      01:06:15.0252 3648 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      01:06:15.0267 3648 AdobeFlashPlayerUpdateSvc - ok
      01:06:15.0330 3648 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
      01:06:15.0330 3648 adp94xx - ok
      01:06:15.0392 3648 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
      01:06:15.0408 3648 adpahci - ok
      01:06:15.0454 3648 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
      01:06:15.0454 3648 adpu160m - ok
      01:06:15.0517 3648 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
      01:06:15.0517 3648 adpu320 - ok
      01:06:15.0610 3648 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      01:06:15.0610 3648 AeLookupSvc - ok
      01:06:15.0673 3648 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
      01:06:15.0688 3648 AFD - ok
      01:06:15.0751 3648 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
      01:06:15.0751 3648 agp440 - ok
      01:06:15.0813 3648 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
      01:06:15.0813 3648 aic78xx - ok
      01:06:15.0876 3648 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
      01:06:15.0876 3648 ALG - ok
      01:06:15.0922 3648 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
      01:06:15.0938 3648 aliide - ok
      01:06:16.0016 3648 [ 87F8E98FCD859D2F0C291DCF9F1A5543 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
      01:06:16.0016 3648 AMD External Events Utility - ok
      01:06:16.0125 3648 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
      01:06:16.0125 3648 amdagp - ok
      01:06:16.0172 3648 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
      01:06:16.0172 3648 amdide - ok
      01:06:16.0266 3648 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
      01:06:16.0266 3648 AmdK7 - ok
      01:06:16.0312 3648 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
      01:06:16.0312 3648 AmdK8 - ok
      01:06:16.0531 3648 [ 6617FED21C91E821E3D00484741B302F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
      01:06:16.0593 3648 amdkmdag - ok
      01:06:16.0656 3648 [ 0CD80C1ABE5507B4ADBFC8338E3698E0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
      01:06:16.0656 3648 amdkmdap - ok
      01:06:16.0718 3648 [ 60B9810266420D9A87FBCC354C241D4E ] AMON C:\Windows\system32\drivers\amon.sys
      01:06:16.0718 3648 AMON - ok
      01:06:16.0765 3648 Andbus - ok
      01:06:16.0796 3648 AndDiag - ok
      01:06:16.0827 3648 AndGps - ok
      01:06:16.0858 3648 ANDModem - ok
      01:06:16.0890 3648 AndNetDiag - ok
      01:06:16.0921 3648 AndNetGps - ok
      01:06:16.0968 3648 ANDNetModem - ok
      01:06:16.0999 3648 andnetndis - ok
      01:06:17.0046 3648 androidusb - ok
      01:06:17.0139 3648 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
      01:06:17.0139 3648 Appinfo - ok
      01:06:17.0264 3648 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      01:06:17.0295 3648 Apple Mobile Device - ok
      01:06:17.0373 3648 [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt C:\Windows\System32\appmgmts.dll
      01:06:17.0373 3648 AppMgmt - ok
      01:06:17.0436 3648 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
      01:06:17.0436 3648 arc - ok
      01:06:17.0498 3648 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
      01:06:17.0498 3648 arcsas - ok
      01:06:17.0685 3648 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
      01:06:17.0701 3648 aspnet_state - ok
      01:06:17.0748 3648 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      01:06:17.0748 3648 AsyncMac - ok
      01:06:17.0841 3648 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
      01:06:17.0841 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\atapi.sys. md5: 1F05B78AB91C9075565A9D8A4B880BC4
      01:06:17.0904 3648 atapi ( LockedFile.Multi.Generic ) - warning
      01:06:17.0904 3648 atapi - detected LockedFile.Multi.Generic (1)
      01:06:17.0997 3648 [ 35290682DBDB9CEDE934B73369F3CEDE ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
      01:06:17.0997 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\AtihdLH3.sys. md5: 35290682DBDB9CEDE934B73369F3CEDE
      01:06:18.0060 3648 AtiHDAudioService ( LockedFile.Multi.Generic ) - warning
      01:06:18.0060 3648 AtiHDAudioService - detected LockedFile.Multi.Generic (1)
      01:06:18.0138 3648 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      01:06:18.0138 3648 AudioEndpointBuilder - ok
      01:06:18.0200 3648 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
      01:06:18.0200 3648 Audiosrv - ok
      01:06:18.0278 3648 b3eee423e4fba39 - ok
      01:06:18.0418 3648 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
      01:06:18.0418 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\Beep.sys. md5: 67E506B75BD5326A3EC7B70BD014DFB6
      01:06:18.0496 3648 Beep ( LockedFile.Multi.Generic ) - warning
      01:06:18.0496 3648 Beep - detected LockedFile.Multi.Generic (1)
      01:06:18.0590 3648 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
      01:06:18.0590 3648 BFE - ok
      01:06:18.0684 3648 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
      01:06:18.0715 3648 BITS - ok
      01:06:18.0808 3648 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
      01:06:18.0824 3648 Bonjour Service - ok
      01:06:18.0902 3648 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      01:06:18.0902 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bowser.sys. md5: 35F376253F687BDE63976CCB3F2108CA
      01:06:18.0996 3648 bowser ( LockedFile.Multi.Generic ) - warning
      01:06:18.0996 3648 bowser - detected LockedFile.Multi.Generic (1)
      01:06:19.0089 3648 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
      01:06:19.0089 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\brfiltlo.sys. md5: 9F9ACC7F7CCDE8A15C282D3F88B43309
      01:06:19.0167 3648 BrFiltLo ( LockedFile.Multi.Generic ) - warning
      01:06:19.0167 3648 BrFiltLo - detected LockedFile.Multi.Generic (1)
      01:06:19.0245 3648 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
      01:06:19.0245 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\brfiltup.sys. md5: 56801AD62213A41F6497F96DEE83755A
      01:06:19.0323 3648 BrFiltUp ( LockedFile.Multi.Generic ) - warning
      01:06:19.0323 3648 BrFiltUp - detected LockedFile.Multi.Generic (1)
      01:06:19.0401 3648 [ B1564976D98E91FC764D5DC28A0297DA ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
      01:06:19.0401 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bridge.sys. md5: B1564976D98E91FC764D5DC28A0297DA
      01:06:19.0495 3648 Bridge ( LockedFile.Multi.Generic ) - warning
      01:06:19.0495 3648 Bridge - detected LockedFile.Multi.Generic (1)
      01:06:19.0557 3648 [ B1564976D98E91FC764D5DC28A0297DA ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
      01:06:19.0557 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bridge.sys. md5: B1564976D98E91FC764D5DC28A0297DA
      01:06:19.0635 3648 BridgeMP ( LockedFile.Multi.Generic ) - warning
      01:06:19.0635 3648 BridgeMP - detected LockedFile.Multi.Generic (1)
      01:06:19.0729 3648 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
      01:06:19.0729 3648 Browser - ok
      01:06:19.0822 3648 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
      01:06:19.0822 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\brserid.sys. md5: B304E75CFF293029EDDF094246747113
      01:06:19.0916 3648 Brserid ( LockedFile.Multi.Generic ) - warning
      01:06:19.0916 3648 Brserid - detected LockedFile.Multi.Generic (1)
      01:06:19.0978 3648 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
      01:06:19.0978 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\brserwdm.sys. md5: 203F0B1E73ADADBBB7B7B1FABD901F6B
      01:06:20.0072 3648 BrSerWdm ( LockedFile.Multi.Generic ) - warning
      01:06:20.0072 3648 BrSerWdm - detected LockedFile.Multi.Generic (1)
      01:06:20.0134 3648 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
      01:06:20.0134 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\brusbmdm.sys. md5: BD456606156BA17E60A04E18016AE54B
      01:06:20.0228 3648 BrUsbMdm ( LockedFile.Multi.Generic ) - warning
      01:06:20.0228 3648 BrUsbMdm - detected LockedFile.Multi.Generic (1)
      01:06:20.0306 3648 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
      01:06:20.0306 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\brusbser.sys. md5: AF72ED54503F717A43268B3CC5FAEC2E
      01:06:20.0400 3648 BrUsbSer ( LockedFile.Multi.Generic ) - warning
      01:06:20.0400 3648 BrUsbSer - detected LockedFile.Multi.Generic (1)
      01:06:20.0478 3648 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
      01:06:20.0478 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\BthEnum.sys. md5: 6D39C954799B63BA866910234CF7D726
      01:06:20.0556 3648 BthEnum ( LockedFile.Multi.Generic ) - warning
      01:06:20.0556 3648 BthEnum - detected LockedFile.Multi.Generic (1)
      01:06:20.0634 3648 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
      01:06:20.0634 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\bthmodem.sys. md5: AD07C1EC6665B8B35741AB91200C6B68
      01:06:20.0727 3648 BTHMODEM ( LockedFile.Multi.Generic ) - warning
      01:06:20.0727 3648 BTHMODEM - detected LockedFile.Multi.Generic (1)
      01:06:20.0790 3648 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      01:06:20.0790 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bthpan.sys. md5: 5904EFA25F829BF84EA6FB045134A1D8
      01:06:20.0883 3648 BthPan ( LockedFile.Multi.Generic ) - warning
      01:06:20.0883 3648 BthPan - detected LockedFile.Multi.Generic (1)
      01:06:20.0977 3648 [ 5A3ABAA2F8EECE7AEFB942773766E3DB ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
      01:06:20.0977 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\BTHport.sys. md5: 5A3ABAA2F8EECE7AEFB942773766E3DB
      01:06:21.0086 3648 BTHPORT ( LockedFile.Multi.Generic ) - warning
      01:06:21.0086 3648 BTHPORT - detected LockedFile.Multi.Generic (1)
      01:06:21.0180 3648 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
      01:06:21.0180 3648 BthServ - ok
      01:06:21.0289 3648 [ 94E2941280E3756A5E0BCB467865C43A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
      01:06:21.0289 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\BTHUSB.sys. md5: 94E2941280E3756A5E0BCB467865C43A
      01:06:21.0367 3648 BTHUSB ( LockedFile.Multi.Generic ) - warning
      01:06:21.0367 3648 BTHUSB - detected LockedFile.Multi.Generic (1)
      01:06:21.0445 3648 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      01:06:21.0445 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\cdfs.sys. md5: 7ADD03E75BEB9E6DD102C3081D29840A
      01:06:21.0523 3648 cdfs ( LockedFile.Multi.Generic ) - warning
      01:06:21.0523 3648 cdfs - detected LockedFile.Multi.Generic (1)
      01:06:21.0616 3648 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      01:06:21.0616 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\cdrom.sys. md5: 6B4BFFB9BECD728097024276430DB314
      01:06:21.0710 3648 cdrom ( LockedFile.Multi.Generic ) - warning
      01:06:21.0710 3648 cdrom - detected LockedFile.Multi.Generic (1)
      01:06:21.0788 3648 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
      01:06:21.0788 3648 CertPropSvc - ok
      01:06:21.0882 3648 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
      01:06:21.0882 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\circlass.sys. md5: DA8E0AFC7BAA226C538EF53AC2F90897
      01:06:21.0975 3648 circlass ( LockedFile.Multi.Generic ) - warning
      01:06:21.0975 3648 circlass - detected LockedFile.Multi.Generic (1)
      01:06:22.0069 3648 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
      01:06:22.0069 3648 Suspicious file (NoAccess): C:\Windows\system32\CLFS.sys. md5: D7659D3B5B92C31E84E53C1431F35132
      01:06:22.0194 3648 CLFS ( LockedFile.Multi.Generic ) - warning
      01:06:22.0194 3648 CLFS - detected LockedFile.Multi.Generic (1)
      01:06:22.0303 3648 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      01:06:22.0303 3648 clr_optimization_v2.0.50727_32 - ok
      01:06:22.0396 3648 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      01:06:22.0396 3648 clr_optimization_v4.0.30319_32 - ok
      01:06:22.0490 3648 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
      01:06:22.0490 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\cmdide.sys. md5: 45201046C776FFDAF3FC8A0029C581C8
      01:06:22.0568 3648 cmdide ( LockedFile.Multi.Generic ) - warning
      01:06:22.0568 3648 cmdide - detected LockedFile.Multi.Generic (1)
      01:06:22.0662 3648 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
      01:06:22.0662 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\compbatt.sys. md5: 82B8C91D327CFECF76CB58716F7D4997
      01:06:22.0755 3648 Compbatt ( LockedFile.Multi.Generic ) - warning
      01:06:22.0755 3648 Compbatt - detected LockedFile.Multi.Generic (1)
      01:06:22.0864 3648 COMSysApp - ok
      01:06:22.0927 3648 cpudrv - ok
      01:06:23.0005 3648 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
      01:06:23.0005 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\crcdisk.sys. md5: 2A213AE086BBEC5E937553C7D9A2B22C
      01:06:23.0098 3648 crcdisk ( LockedFile.Multi.Generic ) - warning
      01:06:23.0098 3648 crcdisk - detected LockedFile.Multi.Generic (1)
      01:06:23.0176 3648 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
      01:06:23.0176 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\crusoe.sys. md5: 22A7F883508176489F559EE745B5BF5D
      01:06:23.0270 3648 Crusoe ( LockedFile.Multi.Generic ) - warning
      01:06:23.0270 3648 Crusoe - detected LockedFile.Multi.Generic (1)
      01:06:23.0426 3648 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
      01:06:23.0426 3648 CryptSvc - ok
      01:06:23.0535 3648 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC C:\Windows\system32\drivers\csc.sys
      01:06:23.0535 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\csc.sys. md5: 9BDB2E89BE8D0EF37B1F25C3D3FC192C
      01:06:23.0613 3648 CSC ( LockedFile.Multi.Generic ) - warning
      01:06:23.0613 3648 CSC - detected LockedFile.Multi.Generic (1)
      01:06:23.0707 3648 [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService C:\Windows\System32\cscsvc.dll
      01:06:23.0707 3648 CscService - ok
      01:06:23.0894 3648 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
      01:06:23.0894 3648 DcomLaunch - ok
      01:06:23.0988 3648 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      01:06:23.0988 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: 622C41A07CA7E6DD91770F50D532CB6C
      01:06:24.0097 3648 DfsC ( LockedFile.Multi.Generic ) - warning
      01:06:24.0097 3648 DfsC - detected LockedFile.Multi.Generic (1)
      01:06:24.0190 3648 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
      01:06:24.0190 3648 Dhcp - ok
      01:06:24.0284 3648 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
      01:06:24.0284 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\disk.sys. md5: 5D4AEFC3386920236A548271F8F1AF6A
      01:06:24.0378 3648 disk ( LockedFile.Multi.Generic ) - warning
      01:06:24.0378 3648 disk - detected LockedFile.Multi.Generic (1)
      01:06:24.0471 3648 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
      01:06:24.0471 3648 Dnscache - ok
      01:06:24.0580 3648 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
      01:06:24.0580 3648 dot3svc - ok
      01:06:24.0674 3648 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
      01:06:24.0674 3648 DPS - ok
      01:06:24.0783 3648 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      01:06:24.0783 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\drmkaud.sys. md5: 97FEF831AB90BEE128C9AF390E243F80
      01:06:24.0877 3648 drmkaud ( LockedFile.Multi.Generic ) - warning
      01:06:24.0877 3648 drmkaud - detected LockedFile.Multi.Generic (1)
      01:06:24.0970 3648 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\Windows\system32\Drivers\DrvAgent32.sys
      01:06:24.0970 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\DrvAgent32.sys. md5: 651554E483712B708EDE864D0CA1AA73
      01:06:25.0080 3648 DrvAgent32 ( LockedFile.Multi.Generic ) - warning
      01:06:25.0080 3648 DrvAgent32 - detected LockedFile.Multi.Generic (1)
      01:06:25.0204 3648 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      01:06:25.0204 3648 Suspicious file (NoAccess): C:\Windows\System32\drivers\dxgkrnl.sys. md5: C68AC676B0EF30CFBB1080ADCE49EB1F
      01:06:25.0329 3648 DXGKrnl ( LockedFile.Multi.Generic ) - warning
      01:06:25.0329 3648 DXGKrnl - detected LockedFile.Multi.Generic (1)
      01:06:25.0423 3648 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
      01:06:25.0423 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\E1G60I32.sys. md5: F88FB26547FD2CE6D0A5AF2985892C48
      01:06:25.0516 3648 E1G60 ( LockedFile.Multi.Generic ) - warning
      01:06:25.0516 3648 E1G60 - detected LockedFile.Multi.Generic (1)
      01:06:25.0610 3648 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
      01:06:25.0610 3648 EapHost - ok
      01:06:25.0735 3648 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
      01:06:25.0735 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ecache.sys. md5: 7F64EA048DCFAC7ACF8B4D7B4E6FE371
      01:06:25.0844 3648 Ecache ( LockedFile.Multi.Generic ) - warning
      01:06:25.0844 3648 Ecache - detected LockedFile.Multi.Generic (1)
      01:06:25.0969 3648 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      01:06:25.0969 3648 ehRecvr - ok
      01:06:26.0109 3648 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
      01:06:26.0109 3648 ehSched - ok
      01:06:26.0250 3648 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
      01:06:26.0250 3648 ehstart - ok
      01:06:26.0343 3648 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
      01:06:26.0343 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\elxstor.sys. md5: E8F3F21A71720C84BCF423B80028359F
      01:06:26.0452 3648 elxstor ( LockedFile.Multi.Generic ) - warning
      01:06:26.0452 3648 elxstor - detected LockedFile.Multi.Generic (1)
      01:06:26.0655 3648 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
      01:06:26.0655 3648 EMDMgmt - ok
      01:06:26.0952 3648 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
      01:06:26.0952 3648 EventSystem - ok
      01:06:27.0092 3648 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
      01:06:27.0092 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\exfat.sys. md5: 22B408651F9123527BCEE54B4F6C5CAE
      01:06:27.0201 3648 exfat ( LockedFile.Multi.Generic ) - warning
      01:06:27.0201 3648 exfat - detected LockedFile.Multi.Generic (1)
      01:06:27.0326 3648 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
      01:06:27.0326 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\fastfat.sys. md5: 1E9B9A70D332103C52995E957DC09EF8
      01:06:27.0451 3648 fastfat ( LockedFile.Multi.Generic ) - warning
      01:06:27.0451 3648 fastfat - detected LockedFile.Multi.Generic (1)
      01:06:27.0576 3648 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      01:06:27.0576 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fdc.sys. md5: AFE1E8B9782A0DD7FB46BBD88E43F89A
      01:06:27.0700 3648 fdc ( LockedFile.Multi.Generic ) - warning
      01:06:27.0700 3648 fdc - detected LockedFile.Multi.Generic (1)
      01:06:27.0872 3648 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
      01:06:27.0872 3648 fdPHost - ok
      01:06:28.0012 3648 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
      01:06:28.0012 3648 FDResPub - ok
      01:06:28.0137 3648 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      01:06:28.0137 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\fileinfo.sys. md5: A8C0139A884861E3AAE9CFE73B208A9F
      01:06:28.0246 3648 FileInfo ( LockedFile.Multi.Generic ) - warning
      01:06:28.0246 3648 FileInfo - detected LockedFile.Multi.Generic (1)
      01:06:28.0356 3648 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      01:06:28.0371 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\filetrace.sys. md5: 0AE429A696AECBC5970E3CF2C62635AE
      01:06:28.0480 3648 Filetrace ( LockedFile.Multi.Generic ) - warning
      01:06:28.0480 3648 Filetrace - detected LockedFile.Multi.Generic (1)
      01:06:28.0605 3648 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      01:06:28.0621 3648 FLEXnet Licensing Service - ok
      01:06:28.0746 3648 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      01:06:28.0746 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\flpydisk.sys. md5: 6603957EFF5EC62D25075EA8AC27DE68
      01:06:28.0855 3648 flpydisk ( LockedFile.Multi.Generic ) - warning
      01:06:28.0855 3648 flpydisk - detected LockedFile.Multi.Generic (1)
      01:06:28.0964 3648 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      01:06:28.0964 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\fltmgr.sys. md5: 01334F9EA68E6877C4EF05D3EA8ABB05
      01:06:29.0089 3648 FltMgr ( LockedFile.Multi.Generic ) - warning
      01:06:29.0089 3648 FltMgr - detected LockedFile.Multi.Generic (1)
      01:06:29.0260 3648 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
      01:06:29.0276 3648 FontCache - ok
      01:06:29.0448 3648 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      01:06:29.0448 3648 FontCache3.0.0.0 - ok
      01:06:29.0557 3648 [ B905FF23100A5218A4087C36DC760548 ] FreeBT C:\Windows\system32\Drivers\fbtusb.sys
      01:06:29.0557 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\fbtusb.sys. md5: B905FF23100A5218A4087C36DC760548
      01:06:29.0682 3648 FreeBT ( LockedFile.Multi.Generic ) - warning
      01:06:29.0682 3648 FreeBT - detected LockedFile.Multi.Generic (1)
      01:06:29.0806 3648 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      01:06:29.0806 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\Fs_Rec.sys. md5: 65EA8B77B5851854F0C55C43FA51A198
      01:06:29.0931 3648 Fs_Rec ( LockedFile.Multi.Generic ) - warning
      01:06:29.0931 3648 Fs_Rec - detected LockedFile.Multi.Generic (1)
      01:06:30.0040 3648 [ FECF4C2E42440A8D132BF94EEE3C3FC9 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      01:06:30.0040 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fvevol.sys. md5: FECF4C2E42440A8D132BF94EEE3C3FC9
      01:06:30.0165 3648 fvevol ( LockedFile.Multi.Generic ) - warning
      01:06:30.0165 3648 fvevol - detected LockedFile.Multi.Generic (1)
      01:06:30.0352 3648 [ 4A2AC19279FD593D30C7CA52CB450BCA ] FXDrv32 C:\Program Files\FOXCONN\FOX LiveUpdate\FXDrv32.sys
      01:06:30.0352 3648 Suspicious file (NoAccess): C:\Program Files\FOXCONN\FOX LiveUpdate\FXDrv32.sys. md5: 4A2AC19279FD593D30C7CA52CB450BCA
      01:06:30.0477 3648 FXDrv32 ( LockedFile.Multi.Generic ) - warning
      01:06:30.0477 3648 FXDrv32 - detected LockedFile.Multi.Generic (1)
      01:06:30.0618 3648 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
      01:06:30.0618 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\gagp30kx.sys. md5: 4E1CD0A45C50A8882616CAE5BF82F3C5
      01:06:30.0758 3648 gagp30kx ( LockedFile.Multi.Generic ) - warning
      01:06:30.0758 3648 gagp30kx - detected LockedFile.Multi.Generic (1)
      01:06:30.0898 3648 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
      01:06:30.0898 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\GEARAspiWDM.sys. md5: 8182FF89C65E4D38B2DE4BB0FB18564E
      01:06:31.0039 3648 GEARAspiWDM ( LockedFile.Multi.Generic ) - warning
      01:06:31.0039 3648 GEARAspiWDM - detected LockedFile.Multi.Generic (1)
      01:06:31.0210 3648 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
      01:06:31.0210 3648 gpsvc - ok
      01:06:31.0366 3648 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      01:06:31.0366 3648 gusvc - ok
      01:06:31.0554 3648 [ 7929A161F9951D173CA9900FE7067391 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
      01:06:31.0554 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hamachi.sys. md5: 7929A161F9951D173CA9900FE7067391
      01:06:31.0694 3648 hamachi ( LockedFile.Multi.Generic ) - warning
      01:06:31.0694 3648 hamachi - detected LockedFile.Multi.Generic (1)
      01:06:31.0912 3648 [ 2276377973CB774F05044B2E48E49087 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
      01:06:31.0944 3648 Hamachi2Svc - ok
      01:06:32.0115 3648 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      01:06:32.0115 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\HdAudio.sys. md5: 3F90E001369A07243763BD5A523D8722
      01:06:32.0302 3648 HdAudAddService ( LockedFile.Multi.Generic ) - warning
      01:06:32.0302 3648 HdAudAddService - detected LockedFile.Multi.Generic (1)
      01:06:32.0474 3648 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
      01:06:32.0474 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HDAudBus.sys. md5: 062452B7FFD68C8C042A6261FE8DFF4A
      01:06:32.0614 3648 HDAudBus ( LockedFile.Multi.Generic ) - warning
      01:06:32.0614 3648 HDAudBus - detected LockedFile.Multi.Generic (1)
      01:06:32.0802 3648 [ 354F7AC7AE454A1DAF85BF7C0FFEFD07 ] HDDHealth C:\Program Files\HDD Health\HDDHealthService.exe
      01:06:32.0802 3648 HDDHealth - ok
      01:06:32.0958 3648 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
      01:06:32.0958 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidbth.sys. md5: 1338520E78D90154ED6BE8F84DE5FCEB
      01:06:33.0098 3648 HidBth ( LockedFile.Multi.Generic ) - warning
      01:06:33.0098 3648 HidBth - detected LockedFile.Multi.Generic (1)
      01:06:33.0254 3648 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
      01:06:33.0254 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidir.sys. md5: FF3160C3A2445128C5A6D9B076DA519E
      01:06:33.0410 3648 HidIr ( LockedFile.Multi.Generic ) - warning
      01:06:33.0410 3648 HidIr - detected LockedFile.Multi.Generic (1)
      01:06:33.0582 3648 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
      01:06:33.0582 3648 hidserv - ok
      01:06:33.0738 3648 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      01:06:33.0738 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidusb.sys. md5: CCA4B519B17E23A00B826C55716809CC
      01:06:33.0878 3648 HidUsb ( LockedFile.Multi.Generic ) - warning
      01:06:33.0878 3648 HidUsb - detected LockedFile.Multi.Generic (1)
      01:06:34.0050 3648 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
      01:06:34.0050 3648 hkmsvc - ok
      01:06:34.0252 3648 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
      01:06:34.0252 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\hpcisss.sys. md5: DF353B401001246853763C4B7AAA6F50
      01:06:34.0408 3648 HpCISSs ( LockedFile.Multi.Generic ) - warning
      01:06:34.0408 3648 HpCISSs - detected LockedFile.Multi.Generic (1)
      01:06:34.0611 3648 [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
      01:06:34.0611 3648 hpqcxs08 - ok
      01:06:34.0767 3648 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
      01:06:34.0783 3648 hpqddsvc - ok
      01:06:34.0954 3648 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
      01:06:34.0954 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: F870AA3E254628EBEAFE754108D664DE
      01:06:35.0110 3648 HTTP ( LockedFile.Multi.Generic ) - warning
      01:06:35.0110 3648 HTTP - detected LockedFile.Multi.Generic (1)
      01:06:35.0844 3648 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
      01:06:35.0844 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\i2omp.sys. md5: 324C2152FF2C61ABAE92D09F3CCA4D63
      01:06:36.0000 3648 i2omp ( LockedFile.Multi.Generic ) - warning
      01:06:36.0000 3648 i2omp - detected LockedFile.Multi.Generic (1)
      01:06:36.0156 3648 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      01:06:36.0156 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\i8042prt.sys. md5: 22D56C8184586B7A1F6FA60BE5F5A2BD
      01:06:36.0327 3648 i8042prt ( LockedFile.Multi.Generic ) - warning
      01:06:36.0327 3648 i8042prt - detected LockedFile.Multi.Generic (1)
      01:06:36.0530 3648 [ E5490AEA3B791C454E9933BF749CA3D8 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
      01:06:36.0530 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\igdkmd32.sys. md5: E5490AEA3B791C454E9933BF749CA3D8
      01:06:36.0686 3648 ialm ( LockedFile.Multi.Generic ) - warning
      01:06:36.0686 3648 ialm - detected LockedFile.Multi.Generic (1)
      01:06:36.0873 3648 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
      01:06:36.0873 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\iastorv.sys. md5: C957BF4B5D80B46C5017BF0101E6C906
      01:06:37.0029 3648 iaStorV ( LockedFile.Multi.Generic ) - warning
      01:06:37.0029 3648 iaStorV - detected LockedFile.Multi.Generic (1)
      01:06:37.0279 3648 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      01:06:37.0279 3648 IDriverT - ok
      01:06:37.0497 3648 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      01:06:37.0528 3648 idsvc - ok
      01:06:37.0731 3648 [ E5490AEA3B791C454E9933BF749CA3D8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
      01:06:37.0731 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\igdkmd32.sys. md5: E5490AEA3B791C454E9933BF749CA3D8
      01:06:37.0903 3648 igfx ( LockedFile.Multi.Generic ) - warning
      01:06:37.0903 3648 igfx - detected LockedFile.Multi.Generic (1)
      01:06:38.0074 3648 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
      01:06:38.0074 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\iirsp.sys. md5: 2D077BF86E843F901D8DB709C95B49A5
      01:06:38.0230 3648 iirsp ( LockedFile.Multi.Generic ) - warning
      01:06:38.0230 3648 iirsp - detected LockedFile.Multi.Generic (1)
      01:06:38.0402 3648 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
      01:06:38.0418 3648 IKEEXT - ok
      01:06:38.0979 3648 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
      01:06:39.0010 3648 IntcAzAudAddService - ok
      01:06:39.0166 3648 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
      01:06:39.0166 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\intelide.sys. md5: 83AA759F3189E6370C30DE5DC5590718
      01:06:39.0338 3648 intelide ( LockedFile.Multi.Generic ) - warning
      01:06:39.0338 3648 intelide - detected LockedFile.Multi.Generic (1)
      01:06:39.0525 3648 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      01:06:39.0525 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: 224191001E78C89DFA78924C3EA595FF
      01:06:39.0697 3648 intelppm ( LockedFile.Multi.Generic ) - warning
      01:06:39.0697 3648 intelppm - detected LockedFile.Multi.Generic (1)
      01:06:39.0853 3648 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      01:06:39.0868 3648 IPBusEnum - ok
      01:06:40.0024 3648 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      01:06:40.0024 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: 62C265C38769B864CB25B4BCF62DF6C3
      01:06:40.0180 3648 IpFilterDriver ( LockedFile.Multi.Generic ) - warning
      01:06:40.0180 3648 IpFilterDriver - detected LockedFile.Multi.Generic (1)
      01:06:40.0366 3648 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      01:06:40.0366 3648 iphlpsvc - ok
      01:06:40.0536 3648 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
      01:06:40.0536 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ipmidrv.sys. md5: 40F34F8ABA2A015D780E4B09138B6C17
      01:06:40.0696 3648 IPMIDRV ( LockedFile.Multi.Generic ) - warning
      01:06:40.0696 3648 IPMIDRV - detected LockedFile.Multi.Generic (1)
      01:06:40.0876 3648 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
      01:06:40.0876 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipnat.sys. md5: 8793643A67B42CEC66490B2A0CF92D68
      01:06:41.0036 3648 IPNAT ( LockedFile.Multi.Generic ) - warning
      01:06:41.0036 3648 IPNAT - detected LockedFile.Multi.Generic (1)
      01:06:41.0226 3648 [ CE004777B92DEA56FE14EC900D20BAA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
      01:06:41.0236 3648 iPod Service - ok
      01:06:41.0406 3648 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
      01:06:41.0406 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\irda.sys. md5: E50A95179211B12946F7E035D60AF560
      01:06:41.0596 3648 irda ( LockedFile.Multi.Generic ) - warning
      01:06:41.0596 3648 irda - detected LockedFile.Multi.Generic (1)
      01:06:41.0756 3648 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      01:06:41.0756 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: 109C0DFB82C3632FBD11949B73AEEAC9
      01:06:41.0916 3648 IRENUM ( LockedFile.Multi.Generic ) - warning
      01:06:41.0916 3648 IRENUM - detected LockedFile.Multi.Generic (1)
      01:06:42.0086 3648 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
      01:06:42.0086 3648 Irmon - ok
      01:06:42.0266 3648 [ 5896B5FF6332AB2BE1582523E9656A67 ] irsir C:\Windows\system32\DRIVERS\irsir.sys
      01:06:42.0266 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\irsir.sys. md5: 5896B5FF6332AB2BE1582523E9656A67
      01:06:42.0433 3648 irsir ( LockedFile.Multi.Generic ) - warning
      01:06:42.0433 3648 irsir - detected LockedFile.Multi.Generic (1)
      01:06:42.0605 3648 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      01:06:42.0605 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\isapnp.sys. md5: 350FCA7E73CF65BCEF43FAE1E4E91293
      01:06:42.0761 3648 isapnp ( LockedFile.Multi.Generic ) - warning
      01:06:42.0761 3648 isapnp - detected LockedFile.Multi.Generic (1)
      01:06:42.0932 3648 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
      01:06:42.0932 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msiscsi.sys. md5: 232FA340531D940AAC623B121A595034
      01:06:43.0073 3648 iScsiPrt ( LockedFile.Multi.Generic ) - warning
      01:06:43.0073 3648 iScsiPrt - detected LockedFile.Multi.Generic (1)
      01:06:43.0244 3648 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
      01:06:43.0244 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteatapi.sys. md5: BCED60D16156E428F8DF8CF27B0DF150
      01:06:43.0416 3648 iteatapi ( LockedFile.Multi.Generic ) - warning
      01:06:43.0416 3648 iteatapi - detected LockedFile.Multi.Generic (1)
      01:06:43.0572 3648 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
      01:06:43.0572 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteraid.sys. md5: 06FA654504A498C30ADCA8BEC4E87E7E
      01:06:43.0728 3648 iteraid ( LockedFile.Multi.Generic ) - warning
      01:06:43.0728 3648 iteraid - detected LockedFile.Multi.Generic (1)
      01:06:43.0900 3648 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      01:06:43.0900 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdclass.sys. md5: 37605E0A8CF00CBBA538E753E4344C6E
      01:06:44.0087 3648 kbdclass ( LockedFile.Multi.Generic ) - warning
      01:06:44.0087 3648 kbdclass - detected LockedFile.Multi.Generic (1)
      01:06:44.0258 3648 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
      01:06:44.0258 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdhid.sys. md5: EDE59EC70E25C24581ADD1FBEC7325F7
      01:06:44.0430 3648 kbdhid ( LockedFile.Multi.Generic ) - warning
      01:06:44.0430 3648 kbdhid - detected LockedFile.Multi.Generic (1)
      01:06:44.0633 3648 [ 3978F3540329E16C0AC3BCF677E5669F ] KeyIso C:\Windows\system32\lsass.exe
      01:06:44.0633 3648 KeyIso - ok
      01:06:44.0804 3648 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
      01:06:44.0804 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\KMWDFILTER.sys. md5: 566C5FD480FDBCE3BA5CF9FBCFFAEA9A
      01:06:44.0960 3648 KMWDFILTER ( LockedFile.Multi.Generic ) - warning
      01:06:44.0960 3648 KMWDFILTER - detected LockedFile.Multi.Generic (1)
      01:06:45.0132 3648 [ 86165728AF9BF72D6442A894FDFB4F8B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      01:06:45.0132 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: 86165728AF9BF72D6442A894FDFB4F8B
      01:06:45.0304 3648 KSecDD ( LockedFile.Multi.Generic ) - warning
      01:06:45.0304 3648 KSecDD - detected LockedFile.Multi.Generic (1)
      01:06:45.0506 3648 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
      01:06:45.0506 3648 KtmRm - ok
      01:06:45.0709 3648 [ 0F5AE6805EF05DBBE205E5B196CADF31 ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
      01:06:45.0709 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\L8042Kbd.sys. md5: 0F5AE6805EF05DBBE205E5B196CADF31
      01:06:45.0881 3648 L8042Kbd ( LockedFile.Multi.Generic ) - warning
      01:06:45.0881 3648 L8042Kbd - detected LockedFile.Multi.Generic (1)
      01:06:46.0037 3648 [ EE1C6C057A83F93AD9AE7CDF12F0BAA0 ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
      01:06:46.0052 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\L8042mou.Sys. md5: EE1C6C057A83F93AD9AE7CDF12F0BAA0
      01:06:46.0224 3648 L8042mou ( LockedFile.Multi.Generic ) - warning
      01:06:46.0224 3648 L8042mou - detected LockedFile.Multi.Generic (1)
      01:06:46.0411 3648 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
      01:06:46.0411 3648 LanmanServer - ok
      01:06:46.0645 3648 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      01:06:46.0661 3648 LanmanWorkstation - ok
      01:06:47.0020 3648 [ 4DD47B5AF0B24871EBB9EFC012A7474E ] LgBttPort C:\Windows\system32\DRIVERS\lgbtport.sys
      01:06:47.0020 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lgbtport.sys. md5: 4DD47B5AF0B24871EBB9EFC012A7474E
      01:06:47.0222 3648 LgBttPort ( LockedFile.Multi.Generic ) - warning
      01:06:47.0222 3648 LgBttPort - detected LockedFile.Multi.Generic (1)
      01:06:47.0410 3648 [ 1D038CA6C529203087A990E5E97887B4 ] lgbusenum C:\Windows\system32\DRIVERS\lgbtbus.sys
      01:06:47.0410 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lgbtbus.sys. md5: 1D038CA6C529203087A990E5E97887B4
      01:06:47.0581 3648 lgbusenum ( LockedFile.Multi.Generic ) - warning
      01:06:47.0581 3648 lgbusenum - detected LockedFile.Multi.Generic (1)
      01:06:47.0784 3648 [ 26F1976A330195D62A6224C76968CF0D ] LGVMODEM C:\Windows\system32\DRIVERS\lgvmodem.sys
      01:06:47.0784 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lgvmodem.sys. md5: 26F1976A330195D62A6224C76968CF0D
      01:06:47.0940 3648 LGVMODEM ( LockedFile.Multi.Generic ) - warning
      01:06:47.0940 3648 LGVMODEM - detected LockedFile.Multi.Generic (1)
      01:06:48.0268 3648 [ E2F1DCF4A68CC6CF694FBFBA1842F4CD ] libusb0 C:\Windows\system32\drivers\libusb0.sys
      01:06:48.0268 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\libusb0.sys. md5: E2F1DCF4A68CC6CF694FBFBA1842F4CD
      01:06:48.0439 3648 libusb0 ( LockedFile.Multi.Generic ) - warning
      01:06:48.0439 3648 libusb0 - detected LockedFile.Multi.Generic (1)
      01:06:48.0798 3648 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      01:06:48.0798 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: D1C5883087A0C3F1344D9D55A44901F6
      01:06:49.0001 3648 lltdio ( LockedFile.Multi.Generic ) - warning
      01:06:49.0001 3648 lltdio - detected LockedFile.Multi.Generic (1)
      01:06:49.0188 3648 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
      01:06:49.0188 3648 lltdsvc - ok
      01:06:49.0375 3648 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
      01:06:49.0375 3648 lmhosts - ok
      01:06:49.0584 3648 [ D1FD76EA56CD653D7B55A0FAC96EE416 ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
      01:06:49.0584 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\LMouKE.Sys. md5: D1FD76EA56CD653D7B55A0FAC96EE416
      01:06:49.0774 3648 LMouKE ( LockedFile.Multi.Generic ) - warning
      01:06:49.0774 3648 LMouKE - detected LockedFile.Multi.Generic (1)
      01:06:50.0134 3648 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
      01:06:50.0134 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_fc.sys. md5: A2262FB9F28935E862B4DB46438C80D2
      01:06:50.0314 3648 LSI_FC ( LockedFile.Multi.Generic ) - warning
      01:06:50.0314 3648 LSI_FC - detected LockedFile.Multi.Generic (1)
      01:06:50.0504 3648 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
      01:06:50.0504 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_sas.sys. md5: 30D73327D390F72A62F32C103DAF1D6D
      01:06:50.0694 3648 LSI_SAS ( LockedFile.Multi.Generic ) - warning
      01:06:50.0694 3648 LSI_SAS - detected LockedFile.Multi.Generic (1)
      01:06:50.0904 3648 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
      01:06:50.0904 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_scsi.sys. md5: E1E36FEFD45849A95F1AB81DE0159FE3
      01:06:51.0094 3648 LSI_SCSI ( LockedFile.Multi.Generic ) - warning
      01:06:51.0094 3648 LSI_SCSI - detected LockedFile.Multi.Generic (1)
      01:06:51.0274 3648 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
      01:06:51.0274 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 8F5C7426567798E62A3B3614965D62CC
      01:06:51.0504 3648 luafv ( LockedFile.Multi.Generic ) - warning
      01:06:51.0504 3648 luafv - detected LockedFile.Multi.Generic (1)
      01:06:51.0706 3648 [ F96CFB47903854F228BAAF3E2D41A0A3 ] LVPr2Mon C:\Windows\system32\Drivers\LVPr2Mon.sys
      01:06:51.0706 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\LVPr2Mon.sys. md5: F96CFB47903854F228BAAF3E2D41A0A3
      01:06:51.0956 3648 LVPr2Mon ( LockedFile.Multi.Generic ) - warning
      01:06:51.0956 3648 LVPr2Mon - detected LockedFile.Multi.Generic (1)
      01:06:52.0214 3648 [ FF23862146A682FCC3DBAA002E22F958 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
      01:06:52.0224 3648 LVPrcSrv - ok
      01:06:52.0524 3648 [ E22FD7852E74F04CCEB6B8A684A51F3E ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
      01:06:52.0524 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lvrs.sys. md5: E22FD7852E74F04CCEB6B8A684A51F3E
      01:06:52.0794 3648 LVRS ( LockedFile.Multi.Generic ) - warning
      01:06:52.0794 3648 LVRS - detected LockedFile.Multi.Generic (1)
      01:06:53.0064 3648 [ 5F987FC1AAD215EC2C60CF07719B1CCE ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
      01:06:53.0064 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\LVUSBSta.sys. md5: 5F987FC1AAD215EC2C60CF07719B1CCE
      01:06:53.0314 3648 LVUSBSta ( LockedFile.Multi.Generic ) - warning
      01:06:53.0314 3648 LVUSBSta - detected LockedFile.Multi.Generic (1)
      01:06:53.0574 3648 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
      01:06:53.0574 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mcdbus.sys. md5: 8FD868E32459ECE2A1BB0169F513D31E
      01:06:53.0804 3648 mcdbus ( LockedFile.Multi.Generic ) - warning
      01:06:53.0804 3648 mcdbus - detected LockedFile.Multi.Generic (1)
      01:06:54.0024 3648 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      01:06:54.0024 3648 Mcx2Svc - ok
      01:06:54.0304 3648 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
      01:06:54.0304 3648 MDM - ok
      01:06:54.0534 3648 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
      01:06:54.0534 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\megasas.sys. md5: D153B14FC6598EAE8422A2037553ADCE
      01:06:54.0764 3648 megasas ( LockedFile.Multi.Generic ) - warning
      01:06:54.0764 3648 megasas - detected LockedFile.Multi.Generic (1)
      01:06:55.0214 3648 [ 45943698D279E77CB24DD775204AF59E ] MIPDISKPNPv5 C:\Windows\system32\DRIVERS\MIPDISKPNPv5.sys
      01:06:55.0214 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MIPDISKPNPv5.sys. md5: 45943698D279E77CB24DD775204AF59E
      01:06:55.0484 3648 MIPDISKPNPv5 ( LockedFile.Multi.Generic ) - warning
      01:06:55.0484 3648 MIPDISKPNPv5 - detected LockedFile.Multi.Generic (1)
      01:06:55.0714 3648 [ 0CD158653E5A4A153C5F702AB6ADE537 ] MIPDISKv532 C:\Windows\system32\drivers\MIPDISKv532.sys
      01:06:55.0714 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\MIPDISKv532.sys. md5: 0CD158653E5A4A153C5F702AB6ADE537
      01:06:55.0914 3648 MIPDISKv532 ( LockedFile.Multi.Generic ) - warning
      01:06:55.0914 3648 MIPDISKv532 - detected LockedFile.Multi.Generic (1)
      01:06:56.0144 3648 [ FCB429829F2A59A5499175FE1E2721F3 ] MIPFSv5 C:\Windows\system32\DRIVERS\MIPFSv5.sys
      01:06:56.0144 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MIPFSv5.sys. md5: FCB429829F2A59A5499175FE1E2721F3
      01:06:56.0784 3648 MIPFSv5 ( LockedFile.Multi.Generic ) - warning
      01:06:56.0784 3648 MIPFSv5 - detected LockedFile.Multi.Generic (1)
      01:06:57.0005 3648 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
      01:06:57.0021 3648 MMCSS - ok
      01:06:57.0536 3648 [ 62DAFA4351872DB7E2B74801BB9F9EBD ] MobileAdapter C:\Windows\system32\DRIVERS\qscnusb.sys
      01:06:57.0536 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\qscnusb.sys. md5: 62DAFA4351872DB7E2B74801BB9F9EBD
      01:06:57.0770 3648 MobileAdapter ( LockedFile.Multi.Generic ) - warning
      01:06:57.0770 3648 MobileAdapter - detected LockedFile.Multi.Generic (1)
      01:06:58.0066 3648 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
      01:06:58.0066 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: E13B5EA0F51BA5B1512EC671393D09BA
      01:06:58.0284 3648 Modem ( LockedFile.Multi.Generic ) - warning
      01:06:58.0284 3648 Modem - detected LockedFile.Multi.Generic (1)
      01:06:58.0940 3648 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      01:06:58.0940 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: 0A9BB33B56E294F686ABB7C1E4E2D8A8
      01:06:59.0220 3648 monitor ( LockedFile.Multi.Generic ) - warning
      01:06:59.0220 3648 monitor - detected LockedFile.Multi.Generic (1)
      01:06:59.0470 3648 [ 9960B18D55E7BD0F265C3C1953D19592 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
      01:06:59.0470 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MijXfilt.sys. md5: 9960B18D55E7BD0F265C3C1953D19592
      01:06:59.0688 3648 MotioninJoyXFilter ( LockedFile.Multi.Generic ) - warning
      01:06:59.0688 3648 MotioninJoyXFilter - detected LockedFile.Multi.Generic (1)
      01:06:59.0891 3648 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      01:06:59.0891 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouclass.sys. md5: 5BF6A1326A335C5298477754A506D263
      01:07:00.0094 3648 mouclass ( LockedFile.Multi.Generic ) - warning
      01:07:00.0094 3648 mouclass - detected LockedFile.Multi.Generic (1)
      01:07:00.0328 3648 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      01:07:00.0328 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouhid.sys. md5: 93B8D4869E12CFBE663915502900876F
      01:07:00.0546 3648 mouhid ( LockedFile.Multi.Generic ) - warning
      01:07:00.0546 3648 mouhid - detected LockedFile.Multi.Generic (1)
      01:07:00.0749 3648 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
      01:07:00.0749 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: BDAFC88AA6B92F7842416EA6A48E1600
      01:07:00.0952 3648 MountMgr ( LockedFile.Multi.Generic ) - warning
      01:07:00.0952 3648 MountMgr - detected LockedFile.Multi.Generic (1)
      01:07:01.0264 3648 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      01:07:01.0264 3648 MozillaMaintenance - ok
      01:07:01.0514 3648 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
      01:07:01.0514 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpio.sys. md5: 583A41F26278D9E0EA548163D6139397
      01:07:01.0997 3648 mpio ( LockedFile.Multi.Generic ) - warning
      01:07:01.0997 3648 mpio - detected LockedFile.Multi.Generic (1)
      01:07:02.0200 3648 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      01:07:02.0200 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: 22241FEBA9B2DEFA669C8CB0A8DD7D2E
      01:07:02.0465 3648 mpsdrv ( LockedFile.Multi.Generic ) - warning
      01:07:02.0465 3648 mpsdrv - detected LockedFile.Multi.Generic (1)
      01:07:02.0808 3648 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
      01:07:02.0824 3648 MpsSvc - ok
      01:07:03.0074 3648 [ 4116CDE6C8C97E2F4492F2755810019F ] MQAC C:\Windows\system32\drivers\mqac.sys
      01:07:03.0074 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\mqac.sys. md5: 4116CDE6C8C97E2F4492F2755810019F
      01:07:03.0339 3648 MQAC ( LockedFile.Multi.Generic ) - warning
      01:07:03.0339 3648 MQAC - detected LockedFile.Multi.Generic (1)
      01:07:03.0682 3648 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
      01:07:03.0682 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\mraid35x.sys. md5: 4FBBB70D30FD20EC51F80061703B001E
      01:07:03.0900 3648 Mraid35x ( LockedFile.Multi.Generic ) - warning
      01:07:03.0900 3648 Mraid35x - detected LockedFile.Multi.Generic (1)
      01:07:04.0134 3648 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      01:07:04.0134 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: 82CEA0395524AACFEB58BA1448E8325C
      01:07:04.0368 3648 MRxDAV ( LockedFile.Multi.Generic ) - warning
      01:07:04.0368 3648 MRxDAV - detected LockedFile.Multi.Generic (1)
      01:07:04.0587 3648 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      01:07:04.0587 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: 1E94971C4B446AB2290DEB71D01CF0C2
      01:07:04.0868 3648 mrxsmb ( LockedFile.Multi.Generic ) - warning
      01:07:04.0868 3648 mrxsmb - detected LockedFile.Multi.Generic (1)
      01:07:05.0102 3648 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      01:07:05.0102 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: 4FCCB34D793B116423209C0F8B7A3B03
      01:07:05.0398 3648 mrxsmb10 ( LockedFile.Multi.Generic ) - warning
      01:07:05.0398 3648 mrxsmb10 - detected LockedFile.Multi.Generic (1)
      01:07:05.0694 3648 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      01:07:05.0694 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: C3CB1B40AD4A0124D617A1199B0B9D7C
      01:07:05.0960 3648 mrxsmb20 ( LockedFile.Multi.Generic ) - warning
      01:07:05.0960 3648 mrxsmb20 - detected LockedFile.Multi.Generic (1)
      01:07:06.0194 3648 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
      01:07:06.0194 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\msahci.sys. md5: 742AED7939E734C36B7E8D6228CE26B7
      01:07:06.0412 3648 msahci ( LockedFile.Multi.Generic ) - warning
      01:07:06.0412 3648 msahci - detected LockedFile.Multi.Generic (1)
      01:07:06.0646 3648 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      01:07:06.0646 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\msdsm.sys. md5: 3FC82A2AE4CC149165A94699183D3028
      01:07:06.0864 3648 msdsm ( LockedFile.Multi.Generic ) - warning
      01:07:06.0864 3648 msdsm - detected LockedFile.Multi.Generic (1)
      01:07:07.0083 3648 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
      01:07:07.0083 3648 MSDTC - ok
      01:07:07.0769 3648 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      01:07:07.0769 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: A9927F4A46B816C92F461ACB90CF8515
      01:07:07.0972 3648 Msfs ( LockedFile.Multi.Generic ) - warning
      01:07:07.0972 3648 Msfs - detected LockedFile.Multi.Generic (1)
      01:07:08.0190 3648 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      01:07:08.0190 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\msisadrv.sys. md5: 0F400E306F385C56317357D6DEA56F62
      01:07:08.0409 3648 msisadrv ( LockedFile.Multi.Generic ) - warning
      01:07:08.0409 3648 msisadrv - detected LockedFile.Multi.Generic (1)
      01:07:08.0658 3648 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      01:07:08.0674 3648 MSiSCSI - ok
      01:07:08.0861 3648 msiserver - ok
      01:07:09.0095 3648 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      01:07:09.0095 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: D8C63D34D9C9E56C059E24EC7185CC07
      01:07:09.0314 3648 MSKSSRV ( LockedFile.Multi.Generic ) - warning
      01:07:09.0314 3648 MSKSSRV - detected LockedFile.Multi.Generic (1)
      01:07:09.0516 3648 [ AABD2BC9DADA61AD5EB4223BAAC4486D ] MSMQ C:\Windows\system32\mqsvc.exe
      01:07:09.0516 3648 MSMQ - ok
      01:07:09.0813 3648 [ FA3849C021B463E383BF188A9F0C8ED5 ] MSMQTriggers C:\Windows\system32\mqtgsvc.exe
      01:07:09.0813 3648 MSMQTriggers - ok
      01:07:10.0062 3648 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      01:07:10.0062 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: 1D373C90D62DDB641D50E55B9E78D65E
      01:07:10.0265 3648 MSPCLOCK ( LockedFile.Multi.Generic ) - warning
      01:07:10.0265 3648 MSPCLOCK - detected LockedFile.Multi.Generic (1)
      01:07:10.0515 3648 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      01:07:10.0515 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: B572DA05BF4E098D4BBA3A4734FB505B
      01:07:10.0733 3648 MSPQM ( LockedFile.Multi.Generic ) - warning
      01:07:10.0733 3648 MSPQM - detected LockedFile.Multi.Generic (1)
      01:07:10.0952 3648 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      01:07:10.0952 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: B49456D70555DE905C311BCDA6EC6ADB
      01:07:11.0186 3648 MsRPC ( LockedFile.Multi.Generic ) - warning
      01:07:11.0186 3648 MsRPC - detected LockedFile.Multi.Generic (1)
      01:07:11.0591 3648 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
      01:07:11.0591 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mssmbios.sys. md5: E384487CB84BE41D09711C30CA79646C
      01:07:11.0856 3648 mssmbios ( LockedFile.Multi.Generic ) - warning
      01:07:11.0856 3648 mssmbios - detected LockedFile.Multi.Generic (1)
      01:07:12.0075 3648 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      01:07:12.0075 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: 7199C1EEC1E4993CAF96B8C0A26BD58A
      01:07:12.0324 3648 MSTEE ( LockedFile.Multi.Generic ) - warning
      01:07:12.0324 3648 MSTEE - detected LockedFile.Multi.Generic (1)
      01:07:12.0527 3648 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
      01:07:12.0527 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: 6A57B5733D4CB702C8EA4542E836B96C
      01:07:12.0886 3648 Mup ( LockedFile.Multi.Generic ) - warning
      01:07:12.0886 3648 Mup - detected LockedFile.Multi.Generic (1)
      01:07:13.0229 3648 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
      01:07:13.0229 3648 napagent - ok
      01:07:13.0463 3648 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      01:07:13.0463 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 85C44FDFF9CF7E72A40DCB7EC06A4416
      01:07:13.0775 3648 NativeWifiP ( LockedFile.Multi.Generic ) - warning
      01:07:13.0775 3648 NativeWifiP - detected LockedFile.Multi.Generic (1)
      01:07:14.0056 3648 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
      01:07:14.0056 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: 1357274D1883F68300AEADD15D7BBB42
      01:07:14.0274 3648 NDIS ( LockedFile.Multi.Generic ) - warning
      01:07:14.0274 3648 NDIS - detected LockedFile.Multi.Generic (1)
      01:07:14.0508 3648 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      01:07:14.0508 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: 0E186E90404980569FB449BA7519AE61
      01:07:14.0774 3648 NdisTapi ( LockedFile.Multi.Generic ) - warning
      01:07:14.0774 3648 NdisTapi - detected LockedFile.Multi.Generic (1)
      01:07:15.0086 3648 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      01:07:15.0086 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: D6973AA34C4D5D76C0430B181C3CD389
      01:07:15.0320 3648 Ndisuio ( LockedFile.Multi.Generic ) - warning
      01:07:15.0320 3648 Ndisuio - detected LockedFile.Multi.Generic (1)
      01:07:15.0569 3648 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      01:07:15.0569 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 818F648618AE34F729FDB47EC68345C3
      01:07:15.0944 3648 NdisWan ( LockedFile.Multi.Generic ) - warning
      01:07:15.0944 3648 NdisWan - detected LockedFile.Multi.Generic (1)
      01:07:16.0287 3648 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      01:07:16.0287 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: 71DAB552B41936358F3B541AE5997FB3
      01:07:16.0505 3648 NDProxy ( LockedFile.Multi.Generic ) - warning
      01:07:16.0505 3648 NDProxy - detected LockedFile.Multi.Generic (1)
      01:07:16.0724 3648 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      01:07:16.0724 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: BCD093A5A6777CF626434568DC7DBA78
      01:07:16.0958 3648 NetBIOS ( LockedFile.Multi.Generic ) - warning
      01:07:16.0958 3648 NetBIOS - detected LockedFile.Multi.Generic (1)
      01:07:17.0176 3648 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
      01:07:17.0176 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: ECD64230A59CBD93C85F1CD1CAB9F3F6
      01:07:17.0457 3648 netbt ( LockedFile.Multi.Generic ) - warning
      01:07:17.0457 3648 netbt - detected LockedFile.Multi.Generic (1)
      01:07:17.0675 3648 [ 3978F3540329E16C0AC3BCF677E5669F ] Netlogon

    4. #14
      Usuario Avatar de elisamuelps
      Registrado
      sep 2012
      Ubicación
      Venezuela
      Mensajes
      13

      Re: Nido de Malwares en mi pc!

      y la segunda parte O.o
      C:\Windows\system32\lsass.exe
      01:07:17.0675 3648 Netlogon - ok
      01:07:17.0909 3648 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
      01:07:17.0909 3648 Netman - ok
      01:07:18.0174 3648 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      01:07:18.0174 3648 NetMsmqActivator - ok
      01:07:18.0377 3648 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      01:07:18.0393 3648 NetPipeActivator - ok
      01:07:18.0642 3648 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
      01:07:18.0642 3648 netprofm - ok
      01:07:18.0908 3648 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      01:07:18.0908 3648 NetTcpActivator - ok
      01:07:19.0126 3648 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      01:07:19.0126 3648 NetTcpPortSharing - ok
      01:07:19.0391 3648 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
      01:07:19.0391 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\nfrd960.sys. md5: 2E7FB731D4790A1BC6270ACCEFACB36E
      01:07:19.0594 3648 nfrd960 ( LockedFile.Multi.Generic ) - warning
      01:07:19.0594 3648 nfrd960 - detected LockedFile.Multi.Generic (1)
      01:07:19.0906 3648 [ 25C774E9C3AB49C741FD413857CCE6C6 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
      01:07:19.0984 3648 NIHardwareService - ok
      01:07:20.0249 3648 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
      01:07:20.0249 3648 NlaSvc - ok
      01:07:20.0499 3648 [ 03BBA4DEDEFB48C510061529651B453A ] nocashio C:\Windows\system32\drivers\nocashio.sys
      01:07:20.0499 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\nocashio.sys. md5: 03BBA4DEDEFB48C510061529651B453A
      01:07:20.0717 3648 nocashio ( LockedFile.Multi.Generic ) - warning
      01:07:20.0717 3648 nocashio - detected LockedFile.Multi.Generic (1)
      01:07:20.0951 3648 [ 74EACEA4D953299338E9F680788D7CC1 ] nod32drv C:\Windows\system32\drivers\nod32drv.sys
      01:07:20.0951 3648 nod32drv - ok
      01:07:21.0232 3648 [ E3BF2C3B6FBD03418D9C5414C16EFAFD ] NOD32krn C:\Program Files\Eset\nod32krn.exe
      01:07:21.0232 3648 NOD32krn - ok
      01:07:21.0482 3648 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      01:07:21.0482 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: D36F239D7CCE1931598E8FB90A0DBC26
      01:07:21.0731 3648 Npfs ( LockedFile.Multi.Generic ) - warning
      01:07:21.0731 3648 Npfs - detected LockedFile.Multi.Generic (1)
      01:07:21.0950 3648 npggsvc - ok
      01:07:22.0199 3648 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
      01:07:22.0199 3648 nsi - ok
      01:07:22.0464 3648 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      01:07:22.0464 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: 609773E344A97410CE4EBF74A8914FCF
      01:07:22.0683 3648 nsiproxy ( LockedFile.Multi.Generic ) - warning
      01:07:22.0683 3648 nsiproxy - detected LockedFile.Multi.Generic (1)
      01:07:23.0229 3648 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      01:07:23.0229 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: 6A4A98CEE84CF9E99564510DDA4BAA47
      01:07:23.0463 3648 Ntfs ( LockedFile.Multi.Generic ) - warning
      01:07:23.0463 3648 Ntfs - detected LockedFile.Multi.Generic (1)
      01:07:23.0697 3648 [ A7DFF9642D510BE1EEC6664CD0369953 ] NtmsSvc C:\Windows\system32\ntmssvc.dll
      01:07:23.0697 3648 NtmsSvc - ok
      01:07:23.0978 3648 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
      01:07:23.0978 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ntrigdigi.sys. md5: E875C093AEC0C978A90F30C9E0DFBB72
      01:07:24.0243 3648 ntrigdigi ( LockedFile.Multi.Generic ) - warning
      01:07:24.0243 3648 ntrigdigi - detected LockedFile.Multi.Generic (1)
      01:07:24.0446 3648 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
      01:07:24.0446 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: C5DBBCDA07D780BDA9B685DF333BB41E
      01:07:24.0680 3648 Null ( LockedFile.Multi.Generic ) - warning
      01:07:24.0680 3648 Null - detected LockedFile.Multi.Generic (1)
      01:07:24.0914 3648 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
      01:07:24.0914 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvraid.sys. md5: E69E946F80C1C31C53003BFBF50CBB7C
      01:07:25.0132 3648 nvraid ( LockedFile.Multi.Generic ) - warning
      01:07:25.0132 3648 nvraid - detected LockedFile.Multi.Generic (1)
      01:07:25.0350 3648 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
      01:07:25.0350 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvstor.sys. md5: 9E0BA19A28C498A6D323D065DB76DFFC
      01:07:25.0584 3648 nvstor ( LockedFile.Multi.Generic ) - warning
      01:07:25.0584 3648 nvstor - detected LockedFile.Multi.Generic (1)
      01:07:25.0818 3648 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      01:07:25.0818 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\nv_agp.sys. md5: 07C186427EB8FCC3D8D7927187F260F7
      01:07:26.0068 3648 nv_agp ( LockedFile.Multi.Generic ) - warning
      01:07:26.0068 3648 nv_agp - detected LockedFile.Multi.Generic (1)
      01:07:26.0318 3648 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      01:07:26.0333 3648 odserv - ok
      01:07:26.0567 3648 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      01:07:26.0567 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ohci1394.sys. md5: BE32DA025A0BE1878F0EE8D6D9386CD5
      01:07:26.0801 3648 ohci1394 ( LockedFile.Multi.Generic ) - warning
      01:07:26.0801 3648 ohci1394 - detected LockedFile.Multi.Generic (1)
      01:07:27.0160 3648 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      01:07:27.0160 3648 ose - ok
      01:07:27.0503 3648 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
      01:07:27.0519 3648 p2pimsvc - ok
      01:07:27.0753 3648 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
      01:07:27.0768 3648 p2psvc - ok
      01:07:28.0236 3648 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      01:07:28.0236 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\parport.sys. md5: 8A79FDF04A73428597E2CAF9D0D67850
      01:07:28.0455 3648 Parport ( LockedFile.Multi.Generic ) - warning
      01:07:28.0455 3648 Parport - detected LockedFile.Multi.Generic (1)
      01:07:28.0689 3648 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
      01:07:28.0689 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: 57389FA59A36D96B3EB09D0CB91E9CDC
      01:07:28.0923 3648 partmgr ( LockedFile.Multi.Generic ) - warning
      01:07:28.0923 3648 partmgr - detected LockedFile.Multi.Generic (1)
      01:07:29.0157 3648 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
      01:07:29.0157 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\parvdm.sys. md5: 6C580025C81CAF3AE9E3617C22CAD00E
      01:07:29.0422 3648 Parvdm ( LockedFile.Multi.Generic ) - warning
      01:07:29.0422 3648 Parvdm - detected LockedFile.Multi.Generic (1)
      01:07:29.0672 3648 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
      01:07:29.0672 3648 PcaSvc - ok
      01:07:29.0921 3648 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
      01:07:29.0937 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\pci.sys. md5: 941DC1D19E7E8620F40BBC206981EFDB
      01:07:30.0155 3648 pci ( LockedFile.Multi.Generic ) - warning
      01:07:30.0155 3648 pci - detected LockedFile.Multi.Generic (1)
      01:07:30.0374 3648 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
      01:07:30.0374 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: 3B1901E401473E03EB8C874271E50C26
      01:07:30.0639 3648 pciide ( LockedFile.Multi.Generic ) - warning
      01:07:30.0639 3648 pciide - detected LockedFile.Multi.Generic (1)
      01:07:30.0857 3648 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
      01:07:30.0857 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcmcia.sys. md5: E6F3FB1B86AA519E7698AD05E58B04E5
      01:07:31.0138 3648 pcmcia ( LockedFile.Multi.Generic ) - warning
      01:07:31.0138 3648 pcmcia - detected LockedFile.Multi.Generic (1)
      01:07:31.0388 3648 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      01:07:31.0403 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 6349F6ED9C623B44B52EA3C63C831A92
      01:07:31.0622 3648 PEAUTH ( LockedFile.Multi.Generic ) - warning
      01:07:31.0622 3648 PEAUTH - detected LockedFile.Multi.Generic (1)
      01:07:31.0887 3648 [ 4349C7DC0C982CFFC11946FFF20F8524 ] pepifilter C:\Windows\system32\DRIVERS\lv302af.sys
      01:07:31.0887 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lv302af.sys. md5: 4349C7DC0C982CFFC11946FFF20F8524
      01:07:32.0121 3648 pepifilter ( LockedFile.Multi.Generic ) - warning
      01:07:32.0121 3648 pepifilter - detected LockedFile.Multi.Generic (1)
      01:07:33.0291 3648 [ 444F122E68DB44C0589227781F3C8B3F ] pfc C:\Windows\system32\drivers\pfc.sys
      01:07:33.0291 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\pfc.sys. md5: 444F122E68DB44C0589227781F3C8B3F
      01:07:33.0525 3648 pfc ( LockedFile.Multi.Generic ) - warning
      01:07:33.0525 3648 pfc - detected LockedFile.Multi.Generic (1)
      01:07:33.0806 3648 [ 4FC23DAE30EF4F6A2952CD93104909E7 ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V32.SYS
      01:07:33.0806 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\LV302V32.SYS. md5: 4FC23DAE30EF4F6A2952CD93104909E7
      01:07:34.0055 3648 PID_PEPI ( LockedFile.Multi.Generic ) - warning
      01:07:34.0055 3648 PID_PEPI - detected LockedFile.Multi.Generic (1)
      01:07:34.0336 3648 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
      01:07:34.0367 3648 pla - ok
      01:07:34.0632 3648 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      01:07:34.0632 3648 PlugPlay - ok
      01:07:34.0913 3648 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
      01:07:34.0929 3648 PNRPAutoReg - ok
      01:07:35.0178 3648 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
      01:07:35.0178 3648 PNRPsvc - ok
      01:07:35.0459 3648 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      01:07:35.0459 3648 PolicyAgent - ok
      01:07:35.0927 3648 [ 89045B00BD36CFE3910E3CB6762C2DB0 ] PPJoyBus C:\Windows\system32\drivers\PPJoyBus.sys
      01:07:35.0927 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\PPJoyBus.sys. md5: 89045B00BD36CFE3910E3CB6762C2DB0
      01:07:36.0208 3648 PPJoyBus ( LockedFile.Multi.Generic ) - warning
      01:07:36.0208 3648 PPJoyBus - detected LockedFile.Multi.Generic (1)
      01:07:36.0442 3648 [ F1228587245AD1DB17F918D518D85BC1 ] PPortJoystick C:\Windows\system32\drivers\PPortJoy.sys
      01:07:36.0442 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\PPortJoy.sys. md5: F1228587245AD1DB17F918D518D85BC1
      01:07:36.0692 3648 PPortJoystick ( LockedFile.Multi.Generic ) - warning
      01:07:36.0692 3648 PPortJoystick - detected LockedFile.Multi.Generic (1)
      01:07:36.0941 3648 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      01:07:36.0941 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: ECFFFAEC0C1ECD8DBC77F39070EA1DB1
      01:07:37.0191 3648 PptpMiniport ( LockedFile.Multi.Generic ) - warning
      01:07:37.0191 3648 PptpMiniport - detected LockedFile.Multi.Generic (1)
      01:07:37.0456 3648 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
      01:07:37.0456 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\processr.sys. md5: 0E3CEF5D28B40CF273281D620C50700A
      01:07:37.0690 3648 Processor ( LockedFile.Multi.Generic ) - warning
      01:07:37.0690 3648 Processor - detected LockedFile.Multi.Generic (1)
      01:07:37.0971 3648 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
      01:07:37.0986 3648 ProfSvc - ok
      01:07:38.0236 3648 [ 3978F3540329E16C0AC3BCF677E5669F ] ProtectedStorage C:\Windows\system32\lsass.exe
      01:07:38.0236 3648 ProtectedStorage - ok
      01:07:38.0486 3648 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
      01:07:38.0486 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: 99514FAA8DF93D34B5589187DB3AA0BA
      01:07:38.0735 3648 PSched ( LockedFile.Multi.Generic ) - warning
      01:07:38.0735 3648 PSched - detected LockedFile.Multi.Generic (1)
      01:07:39.0016 3648 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
      01:07:39.0016 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql2300.sys. md5: CCDAC889326317792480C0A67156A1EC
      01:07:39.0312 3648 ql2300 ( LockedFile.Multi.Generic ) - warning
      01:07:39.0312 3648 ql2300 - detected LockedFile.Multi.Generic (1)
      01:07:39.0531 3648 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
      01:07:39.0531 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql40xx.sys. md5: 81A7E5C076E59995D54BC1ED3A16E60B
      01:07:39.0796 3648 ql40xx ( LockedFile.Multi.Generic ) - warning
      01:07:39.0796 3648 ql40xx - detected LockedFile.Multi.Generic (1)
      01:07:40.0077 3648 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
      01:07:40.0077 3648 QWAVE - ok
      01:07:40.0326 3648 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      01:07:40.0326 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: 9F5E0E1926014D17486901C88ECA2DB7
      01:07:40.0592 3648 QWAVEdrv ( LockedFile.Multi.Generic ) - warning
      01:07:40.0592 3648 QWAVEdrv - detected LockedFile.Multi.Generic (1)
      01:07:40.0888 3648 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
      01:07:40.0888 3648 RapiMgr - ok
      01:07:41.0184 3648 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      01:07:41.0184 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: 147D7F9C556D259924351FEB0DE606C3
      01:07:41.0434 3648 RasAcd ( LockedFile.Multi.Generic ) - warning
      01:07:41.0434 3648 RasAcd - detected LockedFile.Multi.Generic (1)
      01:07:41.0730 3648 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
      01:07:41.0730 3648 RasAuto - ok
      01:07:41.0980 3648 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      01:07:41.0980 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: A214ADBAF4CB47DD2728859EF31F26B0
      01:07:42.0323 3648 Rasl2tp ( LockedFile.Multi.Generic ) - warning
      01:07:42.0323 3648 Rasl2tp - detected LockedFile.Multi.Generic (1)
      01:07:42.0604 3648 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
      01:07:42.0604 3648 RasMan - ok
      01:07:42.0869 3648 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      01:07:42.0869 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: 509A98DD18AF4375E1FC40BC175F1DEF
      01:07:43.0166 3648 RasPppoe ( LockedFile.Multi.Generic ) - warning
      01:07:43.0166 3648 RasPppoe - detected LockedFile.Multi.Generic (1)
      01:07:43.0446 3648 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      01:07:43.0446 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rassstp.sys. md5: 2005F4A1E05FA09389AC85840F0A9E4D
      01:07:43.0696 3648 RasSstp ( LockedFile.Multi.Generic ) - warning
      01:07:43.0696 3648 RasSstp - detected LockedFile.Multi.Generic (1)
      01:07:43.0961 3648 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      01:07:43.0961 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: B14C9D5B9ADD2F84F70570BBBFAA7935
      01:07:44.0258 3648 rdbss ( LockedFile.Multi.Generic ) - warning
      01:07:44.0258 3648 rdbss - detected LockedFile.Multi.Generic (1)
      01:07:44.0507 3648 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      01:07:44.0507 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: 89E59BE9A564262A3FB6C4F4F1CD9899
      01:07:44.0757 3648 RDPCDD ( LockedFile.Multi.Generic ) - warning
      01:07:44.0757 3648 RDPCDD - detected LockedFile.Multi.Generic (1)
      01:07:45.0287 3648 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
      01:07:45.0287 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdpdr.sys. md5: 943B18305EAE3935598A9B4A3D560B4C
      01:07:45.0568 3648 rdpdr ( LockedFile.Multi.Generic ) - warning
      01:07:45.0568 3648 rdpdr - detected LockedFile.Multi.Generic (1)
      01:07:45.0833 3648 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      01:07:45.0833 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: 9D91FE5286F748862ECFFA05F8A0710C
      01:07:46.0114 3648 RDPENCDD ( LockedFile.Multi.Generic ) - warning
      01:07:46.0114 3648 RDPENCDD - detected LockedFile.Multi.Generic (1)
      01:07:46.0629 3648 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      01:07:46.0629 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: 30BFBDFB7F95559EDE971F9DDB9A00BA
      01:07:46.0878 3648 RDPWD ( LockedFile.Multi.Generic ) - warning
      01:07:46.0878 3648 RDPWD - detected LockedFile.Multi.Generic (1)
      01:07:47.0144 3648 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
      01:07:47.0144 3648 RemoteAccess - ok
      01:07:47.0456 3648 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
      01:07:47.0456 3648 RemoteRegistry - ok
      01:07:47.0736 3648 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      01:07:47.0736 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rfcomm.sys. md5: 6482707F9F4DA0ECBAB43B2E0398A101
      01:07:48.0002 3648 RFCOMM ( LockedFile.Multi.Generic ) - warning
      01:07:48.0002 3648 RFCOMM - detected LockedFile.Multi.Generic (1)
      01:07:48.0594 3648 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
      01:07:48.0594 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\RimUsb.sys. md5: 4F4A4C09CC5BE58A76CAC1C337E004E6
      01:07:48.0828 3648 RimUsb ( LockedFile.Multi.Generic ) - warning
      01:07:48.0828 3648 RimUsb - detected LockedFile.Multi.Generic (1)
      01:07:49.0094 3648 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
      01:07:49.0094 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RimSerial.sys. md5: 2C4FB2E9F039287767C384E46EE91030
      01:07:49.0343 3648 RimVSerPort ( LockedFile.Multi.Generic ) - warning
      01:07:49.0343 3648 RimVSerPort - detected LockedFile.Multi.Generic (1)
      01:07:49.0624 3648 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
      01:07:49.0624 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RMCAST.sys. md5: EEC7EE5675294B03E88AA868540007C1
      01:07:49.0874 3648 RMCAST ( LockedFile.Multi.Generic ) - warning
      01:07:49.0874 3648 RMCAST - detected LockedFile.Multi.Generic (1)
      01:07:50.0123 3648 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
      01:07:50.0123 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\RootMdm.sys. md5: 75E8A6BFA7374ABA833AE92BF41AE4E6
      01:07:50.0373 3648 ROOTMODEM ( LockedFile.Multi.Generic ) - warning
      01:07:50.0373 3648 ROOTMODEM - detected LockedFile.Multi.Generic (1)
      01:07:50.0919 3648 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
      01:07:50.0934 3648 Roxio UPnP Renderer 9 - ok
      01:07:51.0434 3648 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
      01:07:51.0449 3648 Roxio Upnp Server 9 - ok
      01:07:51.0777 3648 [ 78E680A105F47B6AA0003BD23ED9FA51 ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
      01:07:51.0777 3648 RoxLiveShare9 - ok
      01:07:52.0058 3648 [ 9D5C024170C376D7CC66ED853FDA9068 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      01:07:52.0073 3648 RoxMediaDB9 - ok
      01:07:52.0463 3648 [ 87F175539DBBA297018AA7FCDD563FF7 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      01:07:52.0463 3648 RoxWatch9 - ok
      01:07:52.0791 3648 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
      01:07:52.0791 3648 RpcLocator - ok
      01:07:53.0150 3648 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
      01:07:53.0150 3648 RpcSs - ok
      01:07:53.0540 3648 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
      01:07:53.0555 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RsFx0103.sys. md5: FD692C6FFADE58F7C4C3C3C9A0EC35BD
      01:07:53.0945 3648 RsFx0103 ( LockedFile.Multi.Generic ) - warning
      01:07:53.0945 3648 RsFx0103 - detected LockedFile.Multi.Generic (1)
      01:07:54.0226 3648 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
      01:07:54.0226 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Rtlh86.sys. md5: 2D19A7469EA19993D0C12E627F4530BC
      01:07:54.0507 3648 RTL8169 ( LockedFile.Multi.Generic ) - warning
      01:07:54.0507 3648 RTL8169 - detected LockedFile.Multi.Generic (1)
      01:07:54.0756 3648 [ 3978F3540329E16C0AC3BCF677E5669F ] SamSs C:\Windows\system32\lsass.exe
      01:07:54.0756 3648 SamSs - ok
      01:07:55.0068 3648 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
      01:07:55.0068 3648 Suspicious file (NoAccess): C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS. md5: 39763504067962108505BFF25F024345
      01:07:55.0365 3648 SASDIFSV ( LockedFile.Multi.Generic ) - warning
      01:07:55.0365 3648 SASDIFSV - detected LockedFile.Multi.Generic (1)
      01:07:55.0708 3648 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
      01:07:55.0708 3648 Suspicious file (NoAccess): C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS. md5: 77B9FC20084B48408AD3E87570EB4A85
      01:07:55.0958 3648 SASKUTIL ( LockedFile.Multi.Generic ) - warning
      01:07:55.0958 3648 SASKUTIL - detected LockedFile.Multi.Generic (1)
      01:07:56.0270 3648 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      01:07:56.0270 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sbp2port.sys. md5: 3CE8F073A557E172B330109436984E30
      01:07:56.0644 3648 sbp2port ( LockedFile.Multi.Generic ) - warning
      01:07:56.0644 3648 sbp2port - detected LockedFile.Multi.Generic (1)
      01:07:57.0206 3648 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
      01:07:57.0206 3648 SCardSvr - ok
      01:07:57.0580 3648 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
      01:07:57.0580 3648 Schedule - ok
      01:07:57.0876 3648 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
      01:07:57.0876 3648 SCPolicySvc - ok
      01:07:58.0188 3648 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      01:07:58.0188 3648 SDRSVC - ok
      01:07:58.0547 3648 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      01:07:58.0547 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\secdrv.sys. md5: 90A3935D05B494A5A39D37E71F09A677
      01:07:59.0280 3648 secdrv ( LockedFile.Multi.Generic ) - warning
      01:07:59.0280 3648 secdrv - detected LockedFile.Multi.Generic (1)
      01:07:59.0624 3648 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
      01:07:59.0624 3648 seclogon - ok
      01:07:59.0951 3648 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
      01:07:59.0951 3648 SENS - ok
      01:08:00.0248 3648 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      01:08:00.0248 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serenum.sys. md5: CE9EC966638EF0B10B864DDEDF62A099
      01:08:00.0591 3648 Serenum ( LockedFile.Multi.Generic ) - warning
      01:08:00.0591 3648 Serenum - detected LockedFile.Multi.Generic (1)
      01:08:00.0856 3648 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      01:08:00.0856 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serial.sys. md5: 6D663022DB3E7058907784AE14B69898
      01:08:01.0168 3648 Serial ( LockedFile.Multi.Generic ) - warning
      01:08:01.0168 3648 Serial - detected LockedFile.Multi.Generic (1)
      01:08:01.0480 3648 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
      01:08:01.0480 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sermouse.sys. md5: 8AF3D28A879BF75DB53A0EE7A4289624
      01:08:01.0761 3648 sermouse ( LockedFile.Multi.Generic ) - warning
      01:08:01.0761 3648 sermouse - detected LockedFile.Multi.Generic (1)
      01:08:03.0009 3648 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
      01:08:03.0024 3648 SessionEnv - ok
      01:08:03.0305 3648 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      01:08:03.0305 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffdisk.sys. md5: 103B79418DA647736EE95645F305F68A
      01:08:03.0664 3648 sffdisk ( LockedFile.Multi.Generic ) - warning
      01:08:03.0664 3648 sffdisk - detected LockedFile.Multi.Generic (1)
      01:08:03.0945 3648 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      01:08:03.0945 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_mmc.sys. md5: 8FD08A310645FE872EEEC6E08C6BF3EE
      01:08:04.0241 3648 sffp_mmc ( LockedFile.Multi.Generic ) - warning
      01:08:04.0241 3648 sffp_mmc - detected LockedFile.Multi.Generic (1)
      01:08:04.0553 3648 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      01:08:04.0553 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_sd.sys. md5: 9CFA05FCFCB7124E69CFC812B72F9614
      01:08:04.0850 3648 sffp_sd ( LockedFile.Multi.Generic ) - warning
      01:08:04.0850 3648 sffp_sd - detected LockedFile.Multi.Generic (1)
      01:08:05.0146 3648 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
      01:08:05.0146 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sfloppy.sys. md5: 46ED8E91793B2E6F848015445A0AC188
      01:08:05.0411 3648 sfloppy ( LockedFile.Multi.Generic ) - warning
      01:08:05.0411 3648 sfloppy - detected LockedFile.Multi.Generic (1)
      01:08:05.0770 3648 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
      01:08:05.0770 3648 SharedAccess - ok
      01:08:06.0082 3648 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      01:08:06.0082 3648 ShellHWDetection - ok
      01:08:06.0363 3648 [ A275FBB7C99458C12E088DFF3E58EB4D ] simptcp C:\Windows\System32\tcpsvcs.exe
      01:08:06.0363 3648 simptcp - ok
      01:08:06.0690 3648 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
      01:08:06.0690 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisagp.sys. md5: D2A595D6EEBEEAF4334F8E50EFBC9931
      01:08:06.0956 3648 sisagp ( LockedFile.Multi.Generic ) - warning
      01:08:06.0956 3648 sisagp - detected LockedFile.Multi.Generic (1)
      01:08:07.0236 3648 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
      01:08:07.0236 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid2.sys. md5: CEDD6F4E7D84E9F98B34B3FE988373AA
      01:08:07.0606 3648 SiSRaid2 ( LockedFile.Multi.Generic ) - warning
      01:08:07.0607 3648 SiSRaid2 - detected LockedFile.Multi.Generic (1)
      01:08:07.0879 3648 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
      01:08:07.0880 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid4.sys. md5: DF843C528C4F69D12CE41CE462E973A7
      01:08:08.0148 3648 SiSRaid4 ( LockedFile.Multi.Generic ) - warning
      01:08:08.0148 3648 SiSRaid4 - detected LockedFile.Multi.Generic (1)
      01:08:08.0483 3648 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
      01:08:08.0486 3648 SkypeUpdate - ok
      01:08:08.0946 3648 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
      01:08:08.0970 3648 slsvc - ok
      01:08:09.0433 3648 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
      01:08:09.0437 3648 SLUINotify - ok
      01:08:09.0824 3648 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      01:08:09.0824 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: 7B75299A4D201D6A6533603D6914AB04
      01:08:10.0111 3648 Smb ( LockedFile.Multi.Generic ) - warning
      01:08:10.0111 3648 Smb - detected LockedFile.Multi.Generic (1)
      01:08:10.0981 3648 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      01:08:10.0986 3648 SNMPTRAP - ok
      01:08:11.0984 3648 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
      01:08:11.0984 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: 7AEBDEEF071FE28B0EEF2CDD69102BFF
      01:08:13.0575 3648 spldr ( LockedFile.Multi.Generic ) - warning
      01:08:13.0575 3648 spldr - detected LockedFile.Multi.Generic (1)
      01:08:16.0633 3648 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
      01:08:16.0633 3648 Spooler - ok
      01:08:17.0304 3648 [ C4BB8A12843D9CBB65F5FF617F389BBD ] sptd C:\Windows\system32\Drivers\sptd.sys
      01:08:17.0304 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: C4BB8A12843D9CBB65F5FF617F389BBD
      01:08:18.0318 3648 sptd ( LockedFile.Multi.Generic ) - warning
      01:08:18.0318 3648 sptd - detected LockedFile.Multi.Generic (1)
      01:08:18.0598 3648 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
      01:08:18.0598 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: 41987F9FC0E61ADF54F581E15029AD91
      01:08:19.0238 3648 srv ( LockedFile.Multi.Generic ) - warning
      01:08:19.0238 3648 srv - detected LockedFile.Multi.Generic (1)
      01:08:21.0110 3648 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      01:08:21.0110 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: FF33AFF99564B1AA534F58868CBE41EF
      01:08:22.0951 3648 srv2 ( LockedFile.Multi.Generic ) - warning
      01:08:22.0951 3648 srv2 - detected LockedFile.Multi.Generic (1)
      01:08:23.0372 3648 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      01:08:23.0372 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: 7605C0E1D01A08F3ECD743F38B834A44
      01:08:23.0684 3648 srvnet ( LockedFile.Multi.Generic ) - warning
      01:08:23.0684 3648 srvnet - detected LockedFile.Multi.Generic (1)
      01:08:24.0152 3648 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      01:08:24.0152 3648 SSDPSRV - ok
      01:08:24.0698 3648 [ DF5C19F053EFF7F8BA25D73AEA899656 ] ssm_bus C:\Windows\system32\DRIVERS\ssm_bus.sys
      01:08:24.0698 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ssm_bus.sys. md5: DF5C19F053EFF7F8BA25D73AEA899656
      01:08:25.0369 3648 ssm_bus ( LockedFile.Multi.Generic ) - warning
      01:08:25.0369 3648 ssm_bus - detected LockedFile.Multi.Generic (1)
      01:08:25.0634 3648 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
      01:08:25.0634 3648 SstpSvc - ok
      01:08:26.0570 3648 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
      01:08:26.0570 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ss_bbus.sys. md5: EAA66218CD39F5BB1B4853A78C67C787
      01:08:26.0976 3648 ss_bbus ( LockedFile.Multi.Generic ) - warning
      01:08:26.0976 3648 ss_bbus - detected LockedFile.Multi.Generic (1)
      01:08:27.0381 3648 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
      01:08:27.0381 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\StarOpen.sys. md5: 306521935042FC0A6988D528643619B3
      01:08:27.0709 3648 StarOpen ( LockedFile.Multi.Generic ) - warning
      01:08:27.0709 3648 StarOpen - detected LockedFile.Multi.Generic (1)
      01:08:28.0208 3648 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
      01:08:28.0224 3648 StarWindServiceAE - ok
      01:08:28.0520 3648 Steam Client Service - ok
      01:08:28.0801 3648 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
      01:08:28.0816 3648 stisvc - ok
      01:08:29.0253 3648 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
      01:08:29.0253 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\swenum.sys. md5: 7BA58ECF0C0A9A69D44B3DCA62BECF56
      01:08:29.0862 3648 swenum ( LockedFile.Multi.Generic ) - warning
      01:08:29.0862 3648 swenum - detected LockedFile.Multi.Generic (1)
      01:08:30.0517 3648 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      01:08:30.0548 3648 SwitchBoard - ok
      01:08:30.0876 3648 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
      01:08:30.0891 3648 swprv - ok
      01:08:31.0312 3648 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
      01:08:31.0312 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\symc8xx.sys. md5: 192AA3AC01DF071B541094F251DEED10
      01:08:31.0749 3648 Symc8xx ( LockedFile.Multi.Generic ) - warning
      01:08:31.0749 3648 Symc8xx - detected LockedFile.Multi.Generic (1)
      01:08:32.0170 3648 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
      01:08:32.0170 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_hi.sys. md5: 8C8EB8C76736EBAF3B13B633B2E64125
      01:08:32.0467 3648 Sym_hi ( LockedFile.Multi.Generic ) - warning
      01:08:32.0467 3648 Sym_hi - detected LockedFile.Multi.Generic (1)
      01:08:32.0763 3648 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
      01:08:32.0763 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_u3.sys. md5: 8072AF52B5FD103BBBA387A1E49F62CB
      01:08:33.0075 3648 Sym_u3 ( LockedFile.Multi.Generic ) - warning
      01:08:33.0075 3648 Sym_u3 - detected LockedFile.Multi.Generic (1)
      01:08:33.0496 3648 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
      01:08:33.0496 3648 SysMain - ok
      01:08:33.0793 3648 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
      01:08:33.0808 3648 TabletInputService - ok
      01:08:34.0245 3648 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
      01:08:34.0245 3648 TapiSrv - ok
      01:08:34.0526 3648 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
      01:08:34.0542 3648 TBS - ok
      01:08:35.0041 3648 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      01:08:35.0041 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: A474879AFA4A596B3A531F3E69730DBF
      01:08:35.0540 3648 Tcpip ( LockedFile.Multi.Generic ) - warning
      01:08:35.0540 3648 Tcpip - detected LockedFile.Multi.Generic (1)
      01:08:35.0821 3648 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
      01:08:35.0821 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: A474879AFA4A596B3A531F3E69730DBF
      01:08:36.0258 3648 Tcpip6 ( LockedFile.Multi.Generic ) - warning
      01:08:36.0258 3648 Tcpip6 - detected LockedFile.Multi.Generic (1)
      01:08:36.0819 3648 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      01:08:36.0819 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: 608C345A255D82A6289C2D468EB41FD7
      01:08:37.0365 3648 tcpipreg ( LockedFile.Multi.Generic ) - warning
      01:08:37.0365 3648 tcpipreg - detected LockedFile.Multi.Generic (1)
      01:08:37.0818 3648 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      01:08:37.0818 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 5DCF5E267BE67A1AE926F2DF77FBCC56
      01:08:38.0286 3648 TDPIPE ( LockedFile.Multi.Generic ) - warning
      01:08:38.0286 3648 TDPIPE - detected LockedFile.Multi.Generic (1)
      01:08:38.0582 3648 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      01:08:38.0582 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 389C63E32B3CEFED425B61ED92D3F021
      01:08:38.0863 3648 TDTCP ( LockedFile.Multi.Generic ) - warning
      01:08:38.0863 3648 TDTCP - detected LockedFile.Multi.Generic (1)
      01:08:39.0409 3648 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      01:08:39.0409 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: 76B06EB8A01FC8624D699E7045303E54
      01:08:39.0705 3648 tdx ( LockedFile.Multi.Generic ) - warning
      01:08:39.0705 3648 tdx - detected LockedFile.Multi.Generic (1)
      01:08:39.0986 3648 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
      01:08:39.0986 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\teamviewervpn.sys. md5: 9101FFFCFCCD1A30E870A5B8A9091B10
      01:08:40.0407 3648 teamviewervpn ( LockedFile.Multi.Generic ) - warning
      01:08:40.0407 3648 teamviewervpn - detected LockedFile.Multi.Generic (1)
      01:08:40.0750 3648 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
      01:08:40.0750 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\termdd.sys. md5: 3CAD38910468EAB9A6479E2F01DB43C7
      01:08:41.0484 3648 TermDD ( LockedFile.Multi.Generic ) - warning
      01:08:41.0484 3648 TermDD - detected LockedFile.Multi.Generic (1)
      01:08:41.0983 3648 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
      01:08:41.0998 3648 TermService - ok
      01:08:42.0498 3648 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
      01:08:42.0498 3648 Themes - ok
      01:08:42.0856 3648 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
      01:08:42.0856 3648 THREADORDER - ok
      01:08:43.0309 3648 [ 5F226C681049FB1DF1578AF32BB641F1 ] TPkd C:\Windows\system32\drivers\TPkd.sys
      01:08:43.0309 3648 TPkd - ok
      01:08:43.0652 3648 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
      01:08:43.0652 3648 TrkWks - ok
      01:08:43.0964 3648 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      01:08:43.0964 3648 TrustedInstaller - ok
      01:08:44.0775 3648 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      01:08:44.0775 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: DCF0F056A2E4F52287264F5AB29CF206
      01:08:45.0118 3648 tssecsrv ( LockedFile.Multi.Generic ) - warning
      01:08:45.0118 3648 tssecsrv - detected LockedFile.Multi.Generic (1)
      01:08:45.0540 3648 [ A2F2EA1290E23763837B0C6952F7BD2F ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
      01:08:45.0540 3648 TuneUp.UtilitiesSvc - ok
      01:08:45.0836 3648 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
      01:08:45.0836 3648 Suspicious file (NoAccess): C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys. md5: F2107C9D85EC0DF116939CCCE06AE697
      01:08:46.0226 3648 TuneUpUtilitiesDrv ( LockedFile.Multi.Generic ) - warning
      01:08:46.0226 3648 TuneUpUtilitiesDrv - detected LockedFile.Multi.Generic (1)
      01:08:46.0538 3648 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
      01:08:46.0538 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunmp.sys. md5: CAECC0120AC49E3D2F758B9169872D38
      01:08:46.0850 3648 tunmp ( LockedFile.Multi.Generic ) - warning
      01:08:46.0850 3648 tunmp - detected LockedFile.Multi.Generic (1)
      01:08:47.0334 3648 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      01:08:47.0334 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: 300DB877AC094FEAB0BE7688C3454A9C
      01:08:47.0708 3648 tunnel ( LockedFile.Multi.Generic ) - warning
      01:08:47.0708 3648 tunnel - detected LockedFile.Multi.Generic (1)
      01:08:48.0004 3648 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
      01:08:48.0004 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\uagp35.sys. md5: C3ADE15414120033A36C0F293D4A4121
      01:08:48.0426 3648 uagp35 ( LockedFile.Multi.Generic ) - warning
      01:08:48.0426 3648 uagp35 - detected LockedFile.Multi.Generic (1)
      01:08:48.0706 3648 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      01:08:48.0706 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: D9728AF68C4C7693CB100B8441CBDEC6
      01:08:49.0050 3648 udfs ( LockedFile.Multi.Generic ) - warning
      01:08:49.0050 3648 udfs - detected LockedFile.Multi.Generic (1)
      01:08:49.0970 3648 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      01:08:49.0970 3648 UI0Detect - ok
      01:08:50.0376 3648 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      01:08:50.0376 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliagpkx.sys. md5: 75E6890EBFCE0841D3291B02E7A8BDB0
      01:08:50.0688 3648 uliagpkx ( LockedFile.Multi.Generic ) - warning
      01:08:50.0688 3648 uliagpkx - detected LockedFile.Multi.Generic (1)
      01:08:50.0984 3648 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
      01:08:50.0984 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliahci.sys. md5: 3CD4EA35A6221B85DCC25DAA46313F8D
      01:08:51.0374 3648 uliahci ( LockedFile.Multi.Generic ) - warning
      01:08:51.0374 3648 uliahci - detected LockedFile.Multi.Generic (1)
      01:08:51.0670 3648 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
      01:08:51.0670 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata.sys. md5: 8514D0E5CD0534467C5FC61BE94A569F
      01:08:51.0967 3648 UlSata ( LockedFile.Multi.Generic ) - warning
      01:08:51.0967 3648 UlSata - detected LockedFile.Multi.Generic (1)
      01:08:52.0341 3648 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
      01:08:52.0341 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata2.sys. md5: 38C3C6E62B157A6BC46594FADA45C62B
      01:08:52.0684 3648 ulsata2 ( LockedFile.Multi.Generic ) - warning
      01:08:52.0684 3648 ulsata2 - detected LockedFile.Multi.Generic (1)
      01:08:53.0121 3648 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
      01:08:53.0121 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umbus.sys. md5: 32CFF9F809AE9AED85464492BF3E32D2
      01:08:53.0464 3648 umbus ( LockedFile.Multi.Generic ) - warning
      01:08:53.0464 3648 umbus - detected LockedFile.Multi.Generic (1)
      01:08:53.0745 3648 [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService C:\Windows\System32\umrdp.dll
      01:08:53.0761 3648 UmRdpService - ok
      01:08:54.0104 3648 UNDPX2A - ok
      01:08:54.0478 3648 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
      01:08:54.0494 3648 upnphost - ok
      01:08:55.0243 3648 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
      01:08:55.0243 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbaapl.sys. md5: EAFE1E00739AFE6C51487A050E772E17
      01:08:55.0586 3648 USBAAPL ( LockedFile.Multi.Generic ) - warning
      01:08:55.0586 3648 USBAAPL - detected LockedFile.Multi.Generic (1)
      01:08:55.0898 3648 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
      01:08:55.0898 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbaudio.sys. md5: 32DB9517628FF0D070682AAB61E688F0
      01:08:56.0210 3648 usbaudio ( LockedFile.Multi.Generic ) - warning
      01:08:56.0210 3648 usbaudio - detected LockedFile.Multi.Generic (1)
      01:08:56.0506 3648 usbbus - ok
      01:08:56.0803 3648 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      01:08:56.0803 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: CAF811AE4C147FFCD5B51750C7F09142
      01:08:57.0099 3648 usbccgp ( LockedFile.Multi.Generic ) - warning
      01:08:57.0099 3648 usbccgp - detected LockedFile.Multi.Generic (1)
      01:08:57.0396 3648 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      01:08:57.0411 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: E9476E6C486E76BC4898074768FB7131
      01:08:57.0770 3648 usbcir ( LockedFile.Multi.Generic ) - warning
      01:08:57.0770 3648 usbcir - detected LockedFile.Multi.Generic (1)
      01:08:58.0051 3648 USBCM - ok
      01:08:58.0332 3648 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      01:08:58.0332 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbehci.sys. md5: 79E96C23A97CE7B8F14D310DA2DB0C9B
      01:08:58.0644 3648 usbehci ( LockedFile.Multi.Generic ) - warning
      01:08:58.0644 3648 usbehci - detected LockedFile.Multi.Generic (1)
      01:08:58.0924 3648 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      01:08:58.0924 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: 4673BBCB006AF60E7ABDDBE7A130BA42
      01:08:59.0252 3648 usbhub ( LockedFile.Multi.Generic ) - warning
      01:08:59.0252 3648 usbhub - detected LockedFile.Multi.Generic (1)
      01:08:59.0548 3648 USBModem - ok
      01:08:59.0860 3648 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
      01:08:59.0860 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbohci.sys. md5: 38DBC7DD6CC5A72011F187425384388B
      01:09:00.0157 3648 usbohci ( LockedFile.Multi.Generic ) - warning
      01:09:00.0157 3648 usbohci - detected LockedFile.Multi.Generic (1)
      01:09:00.0469 3648 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      01:09:00.0484 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: E75C4B5269091D15A2E7DC0B6D35F2F5
      01:09:00.0781 3648 usbprint ( LockedFile.Multi.Generic ) - warning
      01:09:00.0781 3648 usbprint - detected LockedFile.Multi.Generic (1)
      01:09:01.0077 3648 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      01:09:01.0077 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: BE3DA31C191BC222D9AD503C5224F2AD
      01:09:01.0389 3648 USBSTOR ( LockedFile.Multi.Generic ) - warning
      01:09:01.0389 3648 USBSTOR - detected LockedFile.Multi.Generic (1)
      01:09:01.0717 3648 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
      01:09:01.0717 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbuhci.sys. md5: 814D653EFC4D48BE3B04A307ECEFF56F
      01:09:02.0013 3648 usbuhci ( LockedFile.Multi.Generic ) - warning
      01:09:02.0013 3648 usbuhci - detected LockedFile.Multi.Generic (1)
      01:09:02.0356 3648 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
      01:09:02.0356 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbvideo.sys. md5: E67998E8F14CB0627A769F6530BCB352
      01:09:02.0684 3648 usbvideo ( LockedFile.Multi.Generic ) - warning
      01:09:02.0684 3648 usbvideo - detected LockedFile.Multi.Generic (1)
      01:09:02.0980 3648 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
      01:09:02.0980 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usb8023x.sys. md5: 35C9095FA7076466AFBFC5B9EC4B779E
      01:09:03.0277 3648 usb_rndisx ( LockedFile.Multi.Generic ) - warning
      01:09:03.0277 3648 usb_rndisx - detected LockedFile.Multi.Generic (1)
      01:09:03.0589 3648 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
      01:09:03.0604 3648 UxSms - ok
      01:09:03.0901 3648 [ 1DDD12104A082ECAC4D03938FABC654F ] UxTuneUp C:\Windows\System32\uxtuneup.dll
      01:09:03.0901 3648 UxTuneUp - ok
      01:09:05.0742 3648 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
      01:09:05.0742 3648 vds - ok
      01:09:06.0100 3648 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      01:09:06.0100 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: 87B06E1F30B749A114F74622D013F8D4
      01:09:06.0428 3648 vga ( LockedFile.Multi.Generic ) - warning
      01:09:06.0428 3648 vga - detected LockedFile.Multi.Generic (1)
      01:09:06.0756 3648 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
      01:09:06.0756 3648 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 2E93AC0A1D8C79D019DB6C51F036636C
      01:09:07.0068 3648 VgaSave ( LockedFile.Multi.Generic ) - warning
      01:09:07.0068 3648 VgaSave - detected LockedFile.Multi.Generic (1)
      01:09:07.0380 3648 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
      01:09:07.0380 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaagp.sys. md5: 045D9961E591CF0674A920B6BA3BA5CB
      01:09:07.0723 3648 viaagp ( LockedFile.Multi.Generic ) - warning
      01:09:07.0723 3648 viaagp - detected LockedFile.Multi.Generic (1)
      01:09:08.0035 3648 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
      01:09:08.0035 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\viac7.sys. md5: 56A4DE5F02F2E88182B0981119B4DD98
      01:09:08.0347 3648 ViaC7 ( LockedFile.Multi.Generic ) - warning
      01:09:08.0347 3648 ViaC7 - detected LockedFile.Multi.Generic (1)
      01:09:08.0659 3648 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
      01:09:08.0659 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: FD2E3175FCADA350C7AB4521DCA187EC
      01:09:08.0986 3648 viaide ( LockedFile.Multi.Generic ) - warning
      01:09:08.0986 3648 viaide - detected LockedFile.Multi.Generic (1)
      01:09:09.0298 3648 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      01:09:09.0298 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: 69503668AC66C77C6CD7AF86FBDF8C43
      01:09:09.0829 3648 volmgr ( LockedFile.Multi.Generic ) - warning
      01:09:09.0829 3648 volmgr - detected LockedFile.Multi.Generic (1)
      01:09:10.0453 3648 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      01:09:10.0453 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: 23E41B834759917BFD6B9A0D625D0C28
      01:09:10.0765 3648 volmgrx ( LockedFile.Multi.Generic ) - warning
      01:09:10.0765 3648 volmgrx - detected LockedFile.Multi.Generic (1)
      01:09:11.0092 3648 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      01:09:11.0092 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: 147281C01FCB1DF9252DE2A10D5E7093
      01:09:11.0404 3648 volsnap ( LockedFile.Multi.Generic ) - warning
      01:09:11.0404 3648 volsnap - detected LockedFile.Multi.Generic (1)
      01:09:11.0748 3648 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
      01:09:11.0748 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\vsmraid.sys. md5: D984439746D42B30FC65A4C3546C6829
      01:09:12.0060 3648 vsmraid ( LockedFile.Multi.Generic ) - warning
      01:09:12.0060 3648 vsmraid - detected LockedFile.Multi.Generic (1)
      01:09:12.0403 3648 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
      01:09:12.0434 3648 VSS - ok
      01:09:13.0136 3648 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
      01:09:13.0152 3648 W32Time - ok
      01:09:13.0526 3648 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
      01:09:13.0526 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\wacompen.sys. md5: 48DFEE8F1AF7C8235D4E626F0C4FE031
      01:09:13.0838 3648 WacomPen ( LockedFile.Multi.Generic ) - warning
      01:09:13.0854 3648 WacomPen - detected LockedFile.Multi.Generic (1)
      01:09:14.0228 3648 [ F41E453A90EF19217CEE1675F5256EE7 ] wampapache C:\Program Files\wamp\bin\apache\apache2.2.21\bin\httpd.exe
      01:09:14.0228 3648 wampapache - ok
      01:09:14.0805 3648 [ 94F57434EA6D572721325C282A0CA8B0 ] wampmysqld C:\Program Files\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe
      01:09:14.0961 3648 wampmysqld - ok
      01:09:15.0414 3648 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
      01:09:15.0414 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 55201897378CCA7AF8B5EFD874374A26
      01:09:15.0741 3648 Wanarp ( LockedFile.Multi.Generic ) - warning
      01:09:15.0741 3648 Wanarp - detected LockedFile.Multi.Generic (1)
      01:09:16.0069 3648 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      01:09:16.0069 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 55201897378CCA7AF8B5EFD874374A26
      01:09:16.0396 3648 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
      01:09:16.0396 3648 Wanarpv6 - detected LockedFile.Multi.Generic (1)
      01:09:16.0818 3648 [ 20B23332885DFB93FE0185362EE811E9 ] wbengine C:\Windows\system32\wbengine.exe
      01:09:16.0833 3648 wbengine - ok
      01:09:17.0192 3648 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
      01:09:17.0208 3648 WcesComm - ok
      01:09:17.0551 3648 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
      01:09:17.0551 3648 wcncsvc - ok
      01:09:17.0925 3648 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      01:09:17.0925 3648 WcsPlugInService - ok
      01:09:18.0253 3648 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
      01:09:18.0253 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\wd.sys. md5: AFC5AD65B991C1E205CF25CFDBF7A6F4
      01:09:18.0612 3648 Wd ( LockedFile.Multi.Generic ) - warning
      01:09:18.0612 3648 Wd - detected LockedFile.Multi.Generic (1)
      01:09:18.0970 3648 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      01:09:18.0970 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 9950E3D0F08141C7E89E64456AE7DC73
      01:09:19.0314 3648 Wdf01000 ( LockedFile.Multi.Generic ) - warning
      01:09:19.0314 3648 Wdf01000 - detected LockedFile.Multi.Generic (1)
      01:09:19.0626 3648 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
      01:09:19.0641 3648 WdiServiceHost - ok
      01:09:20.0140 3648 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
      01:09:20.0140 3648 WdiSystemHost - ok
      01:09:20.0608 3648 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
      01:09:20.0608 3648 WebClient - ok
      01:09:20.0967 3648 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
      01:09:20.0983 3648 Wecsvc - ok
      01:09:21.0810 3648 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      01:09:21.0825 3648 wercplsupport - ok
      01:09:22.0200 3648 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
      01:09:22.0215 3648 WerSvc - ok
      01:09:22.0574 3648 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
      01:09:22.0574 3648 WinDefend - ok
      01:09:23.0588 3648 WinHttpAutoProxySvc - ok
      01:09:23.0962 3648 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      01:09:23.0978 3648 Winmgmt - ok
      01:09:24.0337 3648 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
      01:09:24.0352 3648 WinRM - ok
      01:09:25.0413 3648 [ 676F4B665BDD8053EAA53AC1695B8074 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
      01:09:25.0413 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\winusb.sys. md5: 676F4B665BDD8053EAA53AC1695B8074
      01:09:26.0864 3648 winusb ( LockedFile.Multi.Generic ) - warning
      01:09:26.0864 3648 winusb - detected LockedFile.Multi.Generic (1)
      01:09:27.0223 3648 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
      01:09:27.0223 3648 Wlansvc - ok
      01:09:27.0582 3648 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      01:09:27.0597 3648 wlidsvc - ok
      01:09:27.0972 3648 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      01:09:27.0972 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\wmiacpi.sys. md5: 701A9F884A294327E9141D73746EE279
      01:09:28.0315 3648 WmiAcpi ( LockedFile.Multi.Generic ) - warning
      01:09:28.0315 3648 WmiAcpi - detected LockedFile.Multi.Generic (1)
      01:09:29.0235 3648 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      01:09:29.0235 3648 wmiApSrv - ok
      01:09:29.0781 3648 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      01:09:29.0828 3648 WMPNetworkSvc - ok
      01:09:30.0436 3648 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm D:\program files\Zune\WMZuneComm.exe
      01:09:30.0436 3648 WMZuneComm - ok
      01:09:31.0279 3648 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
      01:09:31.0279 3648 WPCSvc - ok
      01:09:31.0622 3648 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      01:09:31.0638 3648 WPDBusEnum - ok
      01:09:31.0996 3648 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
      01:09:31.0996 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wpdusb.sys. md5: DE9D36F91A4DF3D911626643DEBF11EA
      01:09:32.0355 3648 WpdUsb ( LockedFile.Multi.Generic ) - warning
      01:09:32.0355 3648 WpdUsb - detected LockedFile.Multi.Generic (1)
      01:09:32.0714 3648 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      01:09:32.0714 3648 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: E3A3CB253C0EC2494D4A61F5E43A389C
      01:09:33.0073 3648 ws2ifsl ( LockedFile.Multi.Generic ) - warning
      01:09:33.0073 3648 ws2ifsl - detected LockedFile.Multi.Generic (1)
      01:09:33.0416 3648 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
      01:09:33.0416 3648 wscsvc - ok
      01:09:33.0775 3648 WSearch - ok
      01:09:34.0477 3648 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
      01:09:34.0524 3648 wuauserv - ok
      01:09:34.0945 3648 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      01:09:34.0945 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: AC13CB789D93412106B0FB6C7EB2BCB6
      01:09:35.0366 3648 WUDFRd ( LockedFile.Multi.Generic ) - warning
      01:09:35.0366 3648 WUDFRd - detected LockedFile.Multi.Generic (1)
      01:09:35.0709 3648 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      01:09:35.0709 3648 wudfsvc - ok
      01:09:36.0037 3648 XDva387 - ok
      01:09:36.0536 3648 XDva388 - ok
      01:09:36.0910 3648 XDva389 - ok
      01:09:37.0316 3648 XDva390 - ok
      01:09:37.0628 3648 XDva391 - ok
      01:09:38.0049 3648 XDva392 - ok
      01:09:38.0346 3648 XDva397 - ok
      01:09:38.0673 3648 XDva398 - ok
      01:09:39.0141 3648 XDva399 - ok
      01:09:39.0859 3648 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
      01:09:39.0859 3648 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\xusb21.sys. md5: EE9144207EE0211EB5656BA6808AC4A0
      01:09:40.0202 3648 xusb21 ( LockedFile.Multi.Generic ) - warning
      01:09:40.0202 3648 xusb21 - detected LockedFile.Multi.Generic (1)
      01:09:40.0561 3648 [ 4888399E41C4B71CE4AE71568B78CC8E ] YMIDUSB C:\Windows\system32\Drivers\ymidusb.sys
      01:09:40.0561 3648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ymidusb.sys. md5: 4888399E41C4B71CE4AE71568B78CC8E
      01:09:40.0966 3648 YMIDUSB ( LockedFile.Multi.Generic ) - warning
      01:09:40.0966 3648 YMIDUSB - detected LockedFile.Multi.Generic (1)
      01:09:41.0466 3648 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc D:\program files\Zune\ZuneNss.exe
      01:09:41.0606 3648 ZuneNetworkSvc - ok
      01:09:42.0027 3648 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc D:\program files\Zune\ZuneWlanCfgSvc.exe
      01:09:42.0027 3648 ZuneWlanCfgSvc - ok
      01:09:44.0305 3648 ================ Scan global ===============================
      01:09:44.0367 3648 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
      01:09:44.0398 3648 [ 5DF01708D214FDC0075AD197F1889557 ] C:\Windows\system32\winsrv.dll
      01:09:44.0398 3648 [ 5DF01708D214FDC0075AD197F1889557 ] C:\Windows\system32\winsrv.dll
      01:09:44.0430 3648 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
      01:09:44.0430 3648 [Global] - ok
      01:09:44.0445 3648 ================ Scan MBR ==================================
      01:09:44.0445 3648 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
      01:09:44.0570 3648 \Device\Harddisk0\DR0 - ok
      01:09:44.0570 3648 ================ Scan VBR ==================================
      01:09:44.0586 3648 [ 7C8F2DE529A95752C873E7BBA090C522 ] \Device\Harddisk0\DR0\Partition1
      01:09:44.0586 3648 \Device\Harddisk0\DR0\Partition1 - ok
      01:09:44.0601 3648 [ 1B68CAA5CBEA434297F620E6F47DED53 ] \Device\Harddisk0\DR0\Partition2
      01:09:44.0601 3648 \Device\Harddisk0\DR0\Partition2 - ok
      01:09:44.0601 3648 ============================================================
      01:09:44.0601 3648 Scan finished
      01:09:44.0601 3648 ============================================================

    5. #15
      Usuario Avatar de elisamuelps
      Registrado
      sep 2012
      Ubicación
      Venezuela
      Mensajes
      13

      Re: Nido de Malwares en mi pc!

      ... y la tercera, este foro no deja poner mas de 75000 caracteres O.o y que log tan largo xD
      01:09:44.0617 3768 Detected object count: 256
      01:09:44.0617 3768 Actual detected object count: 256
      01:12:57.0177 3768 C:\Windows\System32\Drivers\8882a141e2e37786.sys - copied to quarantine
      01:12:57.0230 3768 HKLM\SYSTEM\ControlSet002\services\8882a141e2e37786 - will be deleted on reboot
      01:12:57.0386 3768 HKLM\SYSTEM\ControlSet004\services\8882a141e2e37786 - will be deleted on reboot
      01:12:57.0681 3768 C:\Windows\System32\Drivers\8882a141e2e37786.sys - will be deleted on reboot
      01:12:57.0681 3768 8882a141e2e37786 ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
      01:12:57.0713 3768 C:\Windows\system32\drivers\atapi.sys - copied to quarantine
      01:12:57.0713 3768 atapi ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0742 3768 C:\Windows\system32\drivers\AtihdLH3.sys - copied to quarantine
      01:12:57.0742 3768 AtiHDAudioService ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0775 3768 C:\Windows\system32\drivers\Beep.sys - copied to quarantine
      01:12:57.0775 3768 Beep ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0816 3768 C:\Windows\system32\DRIVERS\bowser.sys - copied to quarantine
      01:12:57.0816 3768 bowser ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0838 3768 C:\Windows\system32\drivers\brfiltlo.sys - copied to quarantine
      01:12:57.0838 3768 BrFiltLo ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0846 3768 C:\Windows\system32\drivers\brfiltup.sys - copied to quarantine
      01:12:57.0846 3768 BrFiltUp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0861 3768 C:\Windows\system32\DRIVERS\bridge.sys - copied to quarantine
      01:12:57.0861 3768 Bridge ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0870 3768 C:\Windows\system32\DRIVERS\bridge.sys - copied to quarantine
      01:12:57.0870 3768 BridgeMP ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0878 3768 C:\Windows\system32\drivers\brserid.sys - copied to quarantine
      01:12:57.0878 3768 Brserid ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0900 3768 C:\Windows\system32\drivers\brserwdm.sys - copied to quarantine
      01:12:57.0900 3768 BrSerWdm ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0908 3768 C:\Windows\system32\drivers\brusbmdm.sys - copied to quarantine
      01:12:57.0908 3768 BrUsbMdm ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0928 3768 C:\Windows\system32\drivers\brusbser.sys - copied to quarantine
      01:12:57.0928 3768 BrUsbSer ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:57.0951 3768 C:\Windows\system32\DRIVERS\BthEnum.sys - copied to quarantine
      01:12:57.0951 3768 BthEnum ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0000 3768 C:\Windows\system32\drivers\bthmodem.sys - copied to quarantine
      01:12:58.0001 3768 BTHMODEM ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0041 3768 C:\Windows\system32\DRIVERS\bthpan.sys - copied to quarantine
      01:12:58.0041 3768 BthPan ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0085 3768 C:\Windows\system32\Drivers\BTHport.sys - copied to quarantine
      01:12:58.0086 3768 BTHPORT ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0132 3768 C:\Windows\system32\Drivers\BTHUSB.sys - copied to quarantine
      01:12:58.0132 3768 BTHUSB ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0150 3768 C:\Windows\system32\DRIVERS\cdfs.sys - copied to quarantine
      01:12:58.0150 3768 cdfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0192 3768 C:\Windows\system32\DRIVERS\cdrom.sys - copied to quarantine
      01:12:58.0192 3768 cdrom ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0226 3768 C:\Windows\system32\drivers\circlass.sys - copied to quarantine
      01:12:58.0226 3768 circlass ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0254 3768 C:\Windows\system32\CLFS.sys - copied to quarantine
      01:12:58.0254 3768 CLFS ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0284 3768 C:\Windows\system32\drivers\cmdide.sys - copied to quarantine
      01:12:58.0284 3768 cmdide ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0293 3768 C:\Windows\system32\drivers\compbatt.sys - copied to quarantine
      01:12:58.0293 3768 Compbatt ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0308 3768 C:\Windows\system32\drivers\crcdisk.sys - copied to quarantine
      01:12:58.0308 3768 crcdisk ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0324 3768 C:\Windows\system32\drivers\crusoe.sys - copied to quarantine
      01:12:58.0324 3768 Crusoe ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0355 3768 C:\Windows\system32\drivers\csc.sys - copied to quarantine
      01:12:58.0355 3768 CSC ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0393 3768 C:\Windows\system32\Drivers\dfsc.sys - copied to quarantine
      01:12:58.0394 3768 DfsC ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0411 3768 C:\Windows\system32\drivers\disk.sys - copied to quarantine
      01:12:58.0411 3768 disk ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0433 3768 C:\Windows\system32\drivers\drmkaud.sys - copied to quarantine
      01:12:58.0434 3768 drmkaud ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0457 3768 C:\Windows\system32\Drivers\DrvAgent32.sys - copied to quarantine
      01:12:58.0457 3768 DrvAgent32 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0505 3768 C:\Windows\System32\drivers\dxgkrnl.sys - copied to quarantine
      01:12:58.0505 3768 DXGKrnl ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0539 3768 C:\Windows\system32\DRIVERS\E1G60I32.sys - copied to quarantine
      01:12:58.0539 3768 E1G60 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0571 3768 C:\Windows\system32\drivers\ecache.sys - copied to quarantine
      01:12:58.0571 3768 Ecache ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0601 3768 C:\Windows\system32\drivers\elxstor.sys - copied to quarantine
      01:12:58.0602 3768 elxstor ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0618 3768 C:\Windows\system32\drivers\exfat.sys - copied to quarantine
      01:12:58.0618 3768 exfat ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0646 3768 C:\Windows\system32\drivers\fastfat.sys - copied to quarantine
      01:12:58.0647 3768 fastfat ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0681 3768 C:\Windows\system32\DRIVERS\fdc.sys - copied to quarantine
      01:12:58.0682 3768 fdc ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0694 3768 C:\Windows\system32\drivers\fileinfo.sys - copied to quarantine
      01:12:58.0695 3768 FileInfo ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0718 3768 C:\Windows\system32\drivers\filetrace.sys - copied to quarantine
      01:12:58.0718 3768 Filetrace ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0744 3768 C:\Windows\system32\DRIVERS\flpydisk.sys - copied to quarantine
      01:12:58.0744 3768 flpydisk ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0772 3768 C:\Windows\system32\drivers\fltmgr.sys - copied to quarantine
      01:12:58.0772 3768 FltMgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0805 3768 C:\Windows\system32\Drivers\fbtusb.sys - copied to quarantine
      01:12:58.0805 3768 FreeBT ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0817 3768 C:\Windows\system32\drivers\Fs_Rec.sys - copied to quarantine
      01:12:58.0817 3768 Fs_Rec ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0849 3768 C:\Windows\system32\DRIVERS\fvevol.sys - copied to quarantine
      01:12:58.0850 3768 fvevol ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0901 3768 C:\Program Files\FOXCONN\FOX LiveUpdate\FXDrv32.sys - copied to quarantine
      01:12:58.0901 3768 FXDrv32 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0927 3768 C:\Windows\system32\drivers\gagp30kx.sys - copied to quarantine
      01:12:58.0928 3768 gagp30kx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0950 3768 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys - copied to quarantine
      01:12:58.0950 3768 GEARAspiWDM ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:58.0977 3768 C:\Windows\system32\DRIVERS\hamachi.sys - copied to quarantine
      01:12:58.0977 3768 hamachi ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0004 3768 C:\Windows\system32\drivers\HdAudio.sys - copied to quarantine
      01:12:59.0005 3768 HdAudAddService ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0050 3768 C:\Windows\system32\DRIVERS\HDAudBus.sys - copied to quarantine
      01:12:59.0050 3768 HDAudBus ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0081 3768 C:\Windows\system32\drivers\hidbth.sys - copied to quarantine
      01:12:59.0082 3768 HidBth ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0102 3768 C:\Windows\system32\drivers\hidir.sys - copied to quarantine
      01:12:59.0102 3768 HidIr ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0127 3768 C:\Windows\system32\DRIVERS\hidusb.sys - copied to quarantine
      01:12:59.0127 3768 HidUsb ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0170 3768 C:\Windows\system32\drivers\hpcisss.sys - copied to quarantine
      01:12:59.0171 3768 HpCISSs ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0213 3768 C:\Windows\system32\drivers\HTTP.sys - copied to quarantine
      01:12:59.0214 3768 HTTP ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0262 3768 C:\Windows\system32\drivers\i2omp.sys - copied to quarantine
      01:12:59.0262 3768 i2omp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0293 3768 C:\Windows\system32\DRIVERS\i8042prt.sys - copied to quarantine
      01:12:59.0293 3768 i8042prt ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0397 3768 C:\Windows\system32\DRIVERS\igdkmd32.sys - copied to quarantine
      01:12:59.0398 3768 ialm ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0437 3768 C:\Windows\system32\drivers\iastorv.sys - copied to quarantine
      01:12:59.0437 3768 iaStorV ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0530 3768 C:\Windows\system32\DRIVERS\igdkmd32.sys - copied to quarantine
      01:12:59.0530 3768 igfx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0559 3768 C:\Windows\system32\drivers\iirsp.sys - copied to quarantine
      01:12:59.0559 3768 iirsp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0582 3768 C:\Windows\system32\drivers\intelide.sys - copied to quarantine
      01:12:59.0583 3768 intelide ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0596 3768 C:\Windows\system32\DRIVERS\intelppm.sys - copied to quarantine
      01:12:59.0596 3768 intelppm ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0616 3768 C:\Windows\system32\DRIVERS\ipfltdrv.sys - copied to quarantine
      01:12:59.0616 3768 IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0632 3768 C:\Windows\system32\drivers\ipmidrv.sys - copied to quarantine
      01:12:59.0633 3768 IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0642 3768 C:\Windows\system32\DRIVERS\ipnat.sys - copied to quarantine
      01:12:59.0643 3768 IPNAT ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0662 3768 C:\Windows\system32\DRIVERS\irda.sys - copied to quarantine
      01:12:59.0663 3768 irda ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0675 3768 C:\Windows\system32\drivers\irenum.sys - copied to quarantine
      01:12:59.0676 3768 IRENUM ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0691 3768 C:\Windows\system32\DRIVERS\irsir.sys - copied to quarantine
      01:12:59.0692 3768 irsir ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0711 3768 C:\Windows\system32\drivers\isapnp.sys - copied to quarantine
      01:12:59.0712 3768 isapnp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0740 3768 C:\Windows\system32\DRIVERS\msiscsi.sys - copied to quarantine
      01:12:59.0740 3768 iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0770 3768 C:\Windows\system32\drivers\iteatapi.sys - copied to quarantine
      01:12:59.0770 3768 iteatapi ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0786 3768 C:\Windows\system32\drivers\iteraid.sys - copied to quarantine
      01:12:59.0786 3768 iteraid ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0808 3768 C:\Windows\system32\DRIVERS\kbdclass.sys - copied to quarantine
      01:12:59.0808 3768 kbdclass ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0833 3768 C:\Windows\system32\DRIVERS\kbdhid.sys - copied to quarantine
      01:12:59.0834 3768 kbdhid ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0870 3768 C:\Windows\system32\DRIVERS\KMWDFILTER.sys - copied to quarantine
      01:12:59.0871 3768 KMWDFILTER ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0914 3768 C:\Windows\system32\Drivers\ksecdd.sys - copied to quarantine
      01:12:59.0914 3768 KSecDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0952 3768 C:\Windows\system32\DRIVERS\L8042Kbd.sys - copied to quarantine
      01:12:59.0953 3768 L8042Kbd ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:12:59.0984 3768 C:\Windows\system32\DRIVERS\L8042mou.Sys - copied to quarantine
      01:12:59.0984 3768 L8042mou ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0009 3768 C:\Windows\system32\DRIVERS\lgbtport.sys - copied to quarantine
      01:13:00.0009 3768 LgBttPort ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0027 3768 C:\Windows\system32\DRIVERS\lgbtbus.sys - copied to quarantine
      01:13:00.0027 3768 lgbusenum ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0037 3768 C:\Windows\system32\DRIVERS\lgvmodem.sys - copied to quarantine
      01:13:00.0037 3768 LGVMODEM ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0065 3768 C:\Windows\system32\drivers\libusb0.sys - copied to quarantine
      01:13:00.0065 3768 libusb0 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0090 3768 C:\Windows\system32\DRIVERS\lltdio.sys - copied to quarantine
      01:13:00.0090 3768 lltdio ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0114 3768 C:\Windows\system32\DRIVERS\LMouKE.Sys - copied to quarantine
      01:13:00.0115 3768 LMouKE ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0136 3768 C:\Windows\system32\drivers\lsi_fc.sys - copied to quarantine
      01:13:00.0136 3768 LSI_FC ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0206 3768 C:\Windows\system32\drivers\lsi_sas.sys - copied to quarantine
      01:13:00.0206 3768 LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0251 3768 C:\Windows\system32\drivers\lsi_scsi.sys - copied to quarantine
      01:13:00.0252 3768 LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0276 3768 C:\Windows\system32\drivers\luafv.sys - copied to quarantine
      01:13:00.0276 3768 luafv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0331 3768 C:\Windows\system32\Drivers\LVPr2Mon.sys - copied to quarantine
      01:13:00.0331 3768 LVPr2Mon ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0456 3768 C:\Windows\system32\DRIVERS\lvrs.sys - copied to quarantine
      01:13:00.0457 3768 LVRS ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0485 3768 C:\Windows\system32\drivers\LVUSBSta.sys - copied to quarantine
      01:13:00.0485 3768 LVUSBSta ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0519 3768 C:\Windows\system32\DRIVERS\mcdbus.sys - copied to quarantine
      01:13:00.0520 3768 mcdbus ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0550 3768 C:\Windows\system32\drivers\megasas.sys - copied to quarantine
      01:13:00.0550 3768 megasas ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0576 3768 C:\Windows\system32\DRIVERS\MIPDISKPNPv5.sys - copied to quarantine
      01:13:00.0576 3768 MIPDISKPNPv5 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0606 3768 C:\Windows\system32\drivers\MIPDISKv532.sys - copied to quarantine
      01:13:00.0606 3768 MIPDISKv532 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0631 3768 C:\Windows\system32\DRIVERS\MIPFSv5.sys - copied to quarantine
      01:13:00.0632 3768 MIPFSv5 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0662 3768 C:\Windows\system32\DRIVERS\qscnusb.sys - copied to quarantine
      01:13:00.0662 3768 MobileAdapter ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0692 3768 C:\Windows\system32\drivers\modem.sys - copied to quarantine
      01:13:00.0692 3768 Modem ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0727 3768 C:\Windows\system32\DRIVERS\monitor.sys - copied to quarantine
      01:13:00.0727 3768 monitor ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0770 3768 C:\Windows\system32\DRIVERS\MijXfilt.sys - copied to quarantine
      01:13:00.0771 3768 MotioninJoyXFilter ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0794 3768 C:\Windows\system32\DRIVERS\mouclass.sys - copied to quarantine
      01:13:00.0794 3768 mouclass ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0819 3768 C:\Windows\system32\DRIVERS\mouhid.sys - copied to quarantine
      01:13:00.0819 3768 mouhid ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0851 3768 C:\Windows\system32\drivers\mountmgr.sys - copied to quarantine
      01:13:00.0851 3768 MountMgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0889 3768 C:\Windows\system32\drivers\mpio.sys - copied to quarantine
      01:13:00.0889 3768 mpio ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0912 3768 C:\Windows\system32\drivers\mpsdrv.sys - copied to quarantine
      01:13:00.0912 3768 mpsdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0945 3768 C:\Windows\system32\drivers\mqac.sys - copied to quarantine
      01:13:00.0946 3768 MQAC ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0966 3768 C:\Windows\system32\drivers\mraid35x.sys - copied to quarantine
      01:13:00.0966 3768 Mraid35x ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:00.0993 3768 C:\Windows\system32\drivers\mrxdav.sys - copied to quarantine
      01:13:00.0993 3768 MRxDAV ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0019 3768 C:\Windows\system32\DRIVERS\mrxsmb.sys - copied to quarantine
      01:13:01.0019 3768 mrxsmb ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0037 3768 C:\Windows\system32\DRIVERS\mrxsmb10.sys - copied to quarantine
      01:13:01.0037 3768 mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0059 3768 C:\Windows\system32\DRIVERS\mrxsmb20.sys - copied to quarantine
      01:13:01.0059 3768 mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0096 3768 C:\Windows\system32\drivers\msahci.sys - copied to quarantine
      01:13:01.0096 3768 msahci ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0116 3768 C:\Windows\system32\drivers\msdsm.sys - copied to quarantine
      01:13:01.0117 3768 msdsm ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0147 3768 C:\Windows\system32\drivers\Msfs.sys - copied to quarantine
      01:13:01.0147 3768 Msfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0192 3768 C:\Windows\system32\drivers\msisadrv.sys - copied to quarantine
      01:13:01.0192 3768 msisadrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0231 3768 C:\Windows\system32\drivers\MSKSSRV.sys - copied to quarantine
      01:13:01.0231 3768 MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0241 3768 C:\Windows\system32\drivers\MSPCLOCK.sys - copied to quarantine
      01:13:01.0242 3768 MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0263 3768 C:\Windows\system32\drivers\MSPQM.sys - copied to quarantine
      01:13:01.0263 3768 MSPQM ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0308 3768 C:\Windows\system32\drivers\MsRPC.sys - copied to quarantine
      01:13:01.0308 3768 MsRPC ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0356 3768 C:\Windows\system32\DRIVERS\mssmbios.sys - copied to quarantine
      01:13:01.0356 3768 mssmbios ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0380 3768 C:\Windows\system32\drivers\MSTEE.sys - copied to quarantine
      01:13:01.0380 3768 MSTEE ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0418 3768 C:\Windows\system32\Drivers\mup.sys - copied to quarantine
      01:13:01.0418 3768 Mup ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0452 3768 C:\Windows\system32\DRIVERS\nwifi.sys - copied to quarantine
      01:13:01.0452 3768 NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0503 3768 C:\Windows\system32\drivers\ndis.sys - copied to quarantine
      01:13:01.0504 3768 NDIS ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0534 3768 C:\Windows\system32\DRIVERS\ndistapi.sys - copied to quarantine
      01:13:01.0534 3768 NdisTapi ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0551 3768 C:\Windows\system32\DRIVERS\ndisuio.sys - copied to quarantine
      01:13:01.0551 3768 Ndisuio ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0574 3768 C:\Windows\system32\DRIVERS\ndiswan.sys - copied to quarantine
      01:13:01.0574 3768 NdisWan ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0592 3768 C:\Windows\system32\drivers\NDProxy.sys - copied to quarantine
      01:13:01.0592 3768 NDProxy ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0622 3768 C:\Windows\system32\DRIVERS\netbios.sys - copied to quarantine
      01:13:01.0622 3768 NetBIOS ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0661 3768 C:\Windows\system32\DRIVERS\netbt.sys - copied to quarantine
      01:13:01.0661 3768 netbt ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0695 3768 C:\Windows\system32\drivers\nfrd960.sys - copied to quarantine
      01:13:01.0695 3768 nfrd960 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0719 3768 C:\Windows\system32\drivers\nocashio.sys - copied to quarantine
      01:13:01.0719 3768 nocashio ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0761 3768 C:\Windows\system32\drivers\Npfs.sys - copied to quarantine
      01:13:01.0762 3768 Npfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0793 3768 C:\Windows\system32\drivers\nsiproxy.sys - copied to quarantine
      01:13:01.0794 3768 nsiproxy ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0857 3768 C:\Windows\system32\drivers\Ntfs.sys - copied to quarantine
      01:13:01.0857 3768 Ntfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0910 3768 C:\Windows\system32\drivers\ntrigdigi.sys - copied to quarantine
      01:13:01.0911 3768 ntrigdigi ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0933 3768 C:\Windows\system32\drivers\Null.sys - copied to quarantine
      01:13:01.0934 3768 Null ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:01.0978 3768 C:\Windows\system32\drivers\nvraid.sys - copied to quarantine
      01:13:01.0978 3768 nvraid ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0001 3768 C:\Windows\system32\drivers\nvstor.sys - copied to quarantine
      01:13:02.0002 3768 nvstor ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0027 3768 C:\Windows\system32\drivers\nv_agp.sys - copied to quarantine
      01:13:02.0027 3768 nv_agp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0044 3768 C:\Windows\system32\drivers\ohci1394.sys - copied to quarantine
      01:13:02.0044 3768 ohci1394 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0065 3768 C:\Windows\system32\DRIVERS\parport.sys - copied to quarantine
      01:13:02.0065 3768 Parport ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0094 3768 C:\Windows\system32\drivers\partmgr.sys - copied to quarantine
      01:13:02.0094 3768 partmgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0115 3768 C:\Windows\system32\DRIVERS\parvdm.sys - copied to quarantine
      01:13:02.0116 3768 Parvdm ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0139 3768 C:\Windows\system32\drivers\pci.sys - copied to quarantine
      01:13:02.0139 3768 pci ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0177 3768 C:\Windows\system32\drivers\pciide.sys - copied to quarantine
      01:13:02.0177 3768 pciide ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0249 3768 C:\Windows\system32\drivers\pcmcia.sys - copied to quarantine
      01:13:02.0249 3768 pcmcia ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0375 3768 C:\Windows\system32\drivers\peauth.sys - copied to quarantine
      01:13:02.0376 3768 PEAUTH ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0402 3768 C:\Windows\system32\DRIVERS\lv302af.sys - copied to quarantine
      01:13:02.0403 3768 pepifilter ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0433 3768 C:\Windows\system32\drivers\pfc.sys - copied to quarantine
      01:13:02.0434 3768 pfc ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0551 3768 C:\Windows\system32\DRIVERS\LV302V32.SYS - copied to quarantine
      01:13:02.0551 3768 PID_PEPI ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0589 3768 C:\Windows\system32\drivers\PPJoyBus.sys - copied to quarantine
      01:13:02.0590 3768 PPJoyBus ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0616 3768 C:\Windows\system32\drivers\PPortJoy.sys - copied to quarantine
      01:13:02.0617 3768 PPortJoystick ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0641 3768 C:\Windows\system32\DRIVERS\raspptp.sys - copied to quarantine
      01:13:02.0642 3768 PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0663 3768 C:\Windows\system32\drivers\processr.sys - copied to quarantine
      01:13:02.0664 3768 Processor ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0702 3768 C:\Windows\system32\DRIVERS\pacer.sys - copied to quarantine
      01:13:02.0702 3768 PSched ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0753 3768 C:\Windows\system32\drivers\ql2300.sys - copied to quarantine
      01:13:02.0754 3768 ql2300 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0785 3768 C:\Windows\system32\drivers\ql40xx.sys - copied to quarantine
      01:13:02.0786 3768 ql40xx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0808 3768 C:\Windows\system32\drivers\qwavedrv.sys - copied to quarantine
      01:13:02.0808 3768 QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0834 3768 C:\Windows\system32\DRIVERS\rasacd.sys - copied to quarantine
      01:13:02.0834 3768 RasAcd ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0847 3768 C:\Windows\system32\DRIVERS\rasl2tp.sys - copied to quarantine
      01:13:02.0848 3768 Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0868 3768 C:\Windows\system32\DRIVERS\raspppoe.sys - copied to quarantine
      01:13:02.0869 3768 RasPppoe ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0892 3768 C:\Windows\system32\DRIVERS\rassstp.sys - copied to quarantine
      01:13:02.0893 3768 RasSstp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0939 3768 C:\Windows\system32\DRIVERS\rdbss.sys - copied to quarantine
      01:13:02.0940 3768 rdbss ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:02.0959 3768 C:\Windows\system32\DRIVERS\RDPCDD.sys - copied to quarantine
      01:13:02.0959 3768 RDPCDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0014 3768 C:\Windows\system32\DRIVERS\rdpdr.sys - copied to quarantine
      01:13:03.0015 3768 rdpdr ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0057 3768 C:\Windows\system32\drivers\rdpencdd.sys - copied to quarantine
      01:13:03.0058 3768 RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0098 3768 C:\Windows\system32\drivers\RDPWD.sys - copied to quarantine
      01:13:03.0098 3768 RDPWD ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0141 3768 C:\Windows\system32\DRIVERS\rfcomm.sys - copied to quarantine
      01:13:03.0141 3768 RFCOMM ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0231 3768 C:\Windows\system32\Drivers\RimUsb.sys - copied to quarantine
      01:13:03.0232 3768 RimUsb ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0334 3768 C:\Windows\system32\DRIVERS\RimSerial.sys - copied to quarantine
      01:13:03.0335 3768 RimVSerPort ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0376 3768 C:\Windows\system32\DRIVERS\RMCAST.sys - copied to quarantine
      01:13:03.0376 3768 RMCAST ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0418 3768 C:\Windows\system32\Drivers\RootMdm.sys - copied to quarantine
      01:13:03.0419 3768 ROOTMODEM ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0460 3768 C:\Windows\system32\DRIVERS\RsFx0103.sys - copied to quarantine
      01:13:03.0461 3768 RsFx0103 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0494 3768 C:\Windows\system32\DRIVERS\Rtlh86.sys - copied to quarantine
      01:13:03.0494 3768 RTL8169 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0528 3768 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS - copied to quarantine
      01:13:03.0528 3768 SASDIFSV ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0544 3768 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - copied to quarantine
      01:13:03.0545 3768 SASKUTIL ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0578 3768 C:\Windows\system32\drivers\sbp2port.sys - copied to quarantine
      01:13:03.0579 3768 sbp2port ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0613 3768 C:\Windows\system32\drivers\secdrv.sys - copied to quarantine
      01:13:03.0613 3768 secdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0641 3768 C:\Windows\system32\DRIVERS\serenum.sys - copied to quarantine
      01:13:03.0641 3768 Serenum ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0653 3768 C:\Windows\system32\DRIVERS\serial.sys - copied to quarantine
      01:13:03.0653 3768 Serial ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0681 3768 C:\Windows\system32\drivers\sermouse.sys - copied to quarantine
      01:13:03.0681 3768 sermouse ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0706 3768 C:\Windows\system32\drivers\sffdisk.sys - copied to quarantine
      01:13:03.0706 3768 sffdisk ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0742 3768 C:\Windows\system32\drivers\sffp_mmc.sys - copied to quarantine
      01:13:03.0742 3768 sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0760 3768 C:\Windows\system32\drivers\sffp_sd.sys - copied to quarantine
      01:13:03.0760 3768 sffp_sd ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0781 3768 C:\Windows\system32\drivers\sfloppy.sys - copied to quarantine
      01:13:03.0782 3768 sfloppy ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0799 3768 C:\Windows\system32\drivers\sisagp.sys - copied to quarantine
      01:13:03.0799 3768 sisagp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0844 3768 C:\Windows\system32\drivers\sisraid2.sys - copied to quarantine
      01:13:03.0844 3768 SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0865 3768 C:\Windows\system32\drivers\sisraid4.sys - copied to quarantine
      01:13:03.0865 3768 SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0903 3768 C:\Windows\system32\DRIVERS\smb.sys - copied to quarantine
      01:13:03.0904 3768 Smb ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0930 3768 C:\Windows\system32\drivers\spldr.sys - copied to quarantine
      01:13:03.0931 3768 spldr ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:03.0979 3768 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
      01:13:03.0979 3768 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0018 3768 C:\Windows\system32\DRIVERS\srv.sys - copied to quarantine
      01:13:04.0018 3768 srv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0045 3768 C:\Windows\system32\DRIVERS\srv2.sys - copied to quarantine
      01:13:04.0045 3768 srv2 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0076 3768 C:\Windows\system32\DRIVERS\srvnet.sys - copied to quarantine
      01:13:04.0077 3768 srvnet ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0117 3768 C:\Windows\system32\DRIVERS\ssm_bus.sys - copied to quarantine
      01:13:04.0118 3768 ssm_bus ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0164 3768 C:\Windows\system32\DRIVERS\ss_bbus.sys - copied to quarantine
      01:13:04.0164 3768 ss_bbus ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0243 3768 C:\Windows\system32\drivers\StarOpen.sys - copied to quarantine
      01:13:04.0244 3768 StarOpen ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0330 3768 C:\Windows\system32\DRIVERS\swenum.sys - copied to quarantine
      01:13:04.0330 3768 swenum ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0395 3768 C:\Windows\system32\drivers\symc8xx.sys - copied to quarantine
      01:13:04.0395 3768 Symc8xx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0423 3768 C:\Windows\system32\drivers\sym_hi.sys - copied to quarantine
      01:13:04.0423 3768 Sym_hi ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0464 3768 C:\Windows\system32\drivers\sym_u3.sys - copied to quarantine
      01:13:04.0464 3768 Sym_u3 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0565 3768 C:\Windows\system32\drivers\tcpip.sys - copied to quarantine
      01:13:04.0566 3768 Tcpip ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0636 3768 C:\Windows\system32\DRIVERS\tcpip.sys - copied to quarantine
      01:13:04.0636 3768 Tcpip6 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0673 3768 C:\Windows\system32\drivers\tcpipreg.sys - copied to quarantine
      01:13:04.0673 3768 tcpipreg ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0714 3768 C:\Windows\system32\drivers\tdpipe.sys - copied to quarantine
      01:13:04.0714 3768 TDPIPE ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0729 3768 C:\Windows\system32\drivers\tdtcp.sys - copied to quarantine
      01:13:04.0730 3768 TDTCP ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0759 3768 C:\Windows\system32\DRIVERS\tdx.sys - copied to quarantine
      01:13:04.0760 3768 tdx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0792 3768 C:\Windows\system32\DRIVERS\teamviewervpn.sys - copied to quarantine
      01:13:04.0793 3768 teamviewervpn ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0817 3768 C:\Windows\system32\DRIVERS\termdd.sys - copied to quarantine
      01:13:04.0818 3768 TermDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0851 3768 C:\Windows\system32\DRIVERS\tssecsrv.sys - copied to quarantine
      01:13:04.0852 3768 tssecsrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0905 3768 C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys - copied to quarantine
      01:13:04.0906 3768 TuneUpUtilitiesDrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0948 3768 C:\Windows\system32\DRIVERS\tunmp.sys - copied to quarantine
      01:13:04.0949 3768 tunmp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:04.0989 3768 C:\Windows\system32\DRIVERS\tunnel.sys - copied to quarantine
      01:13:04.0990 3768 tunnel ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0023 3768 C:\Windows\system32\drivers\uagp35.sys - copied to quarantine
      01:13:05.0024 3768 uagp35 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0073 3768 C:\Windows\system32\DRIVERS\udfs.sys - copied to quarantine
      01:13:05.0073 3768 udfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0124 3768 C:\Windows\system32\drivers\uliagpkx.sys - copied to quarantine
      01:13:05.0124 3768 uliagpkx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0147 3768 C:\Windows\system32\drivers\uliahci.sys - copied to quarantine
      01:13:05.0148 3768 uliahci ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0241 3768 C:\Windows\system32\drivers\ulsata.sys - copied to quarantine
      01:13:05.0241 3768 UlSata ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0290 3768 C:\Windows\system32\drivers\ulsata2.sys - copied to quarantine
      01:13:05.0291 3768 ulsata2 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0341 3768 C:\Windows\system32\DRIVERS\umbus.sys - copied to quarantine
      01:13:05.0341 3768 umbus ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0377 3768 C:\Windows\system32\Drivers\usbaapl.sys - copied to quarantine
      01:13:05.0377 3768 USBAAPL ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0449 3768 C:\Windows\system32\drivers\usbaudio.sys - copied to quarantine
      01:13:05.0449 3768 usbaudio ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0493 3768 C:\Windows\system32\DRIVERS\usbccgp.sys - copied to quarantine
      01:13:05.0493 3768 usbccgp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0541 3768 C:\Windows\system32\drivers\usbcir.sys - copied to quarantine
      01:13:05.0541 3768 usbcir ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0582 3768 C:\Windows\system32\DRIVERS\usbehci.sys - copied to quarantine
      01:13:05.0583 3768 usbehci ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0626 3768 C:\Windows\system32\DRIVERS\usbhub.sys - copied to quarantine
      01:13:05.0627 3768 usbhub ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0666 3768 C:\Windows\system32\drivers\usbohci.sys - copied to quarantine
      01:13:05.0666 3768 usbohci ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0696 3768 C:\Windows\system32\DRIVERS\usbprint.sys - copied to quarantine
      01:13:05.0697 3768 usbprint ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0743 3768 C:\Windows\system32\DRIVERS\USBSTOR.SYS - copied to quarantine
      01:13:05.0743 3768 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0768 3768 C:\Windows\system32\DRIVERS\usbuhci.sys - copied to quarantine
      01:13:05.0768 3768 usbuhci ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0810 3768 C:\Windows\system32\Drivers\usbvideo.sys - copied to quarantine
      01:13:05.0810 3768 usbvideo ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0850 3768 C:\Windows\system32\DRIVERS\usb8023x.sys - copied to quarantine
      01:13:05.0850 3768 usb_rndisx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0893 3768 C:\Windows\system32\DRIVERS\vgapnp.sys - copied to quarantine
      01:13:05.0894 3768 vga ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0914 3768 C:\Windows\System32\drivers\vga.sys - copied to quarantine
      01:13:05.0915 3768 VgaSave ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0960 3768 C:\Windows\system32\drivers\viaagp.sys - copied to quarantine
      01:13:05.0960 3768 viaagp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:05.0986 3768 C:\Windows\system32\drivers\viac7.sys - copied to quarantine
      01:13:05.0986 3768 ViaC7 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0018 3768 C:\Windows\system32\drivers\viaide.sys - copied to quarantine
      01:13:06.0019 3768 viaide ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0059 3768 C:\Windows\system32\drivers\volmgr.sys - copied to quarantine
      01:13:06.0059 3768 volmgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0102 3768 C:\Windows\system32\drivers\volmgrx.sys - copied to quarantine
      01:13:06.0102 3768 volmgrx ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0143 3768 C:\Windows\system32\drivers\volsnap.sys - copied to quarantine
      01:13:06.0143 3768 volsnap ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0243 3768 C:\Windows\system32\drivers\vsmraid.sys - copied to quarantine
      01:13:06.0243 3768 vsmraid ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0301 3768 C:\Windows\system32\drivers\wacompen.sys - copied to quarantine
      01:13:06.0302 3768 WacomPen ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0352 3768 C:\Windows\system32\DRIVERS\wanarp.sys - copied to quarantine
      01:13:06.0352 3768 Wanarp ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0363 3768 C:\Windows\system32\DRIVERS\wanarp.sys - copied to quarantine
      01:13:06.0364 3768 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0395 3768 C:\Windows\system32\drivers\wd.sys - copied to quarantine
      01:13:06.0395 3768 Wd ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0424 3768 C:\Windows\system32\drivers\Wdf01000.sys - copied to quarantine
      01:13:06.0424 3768 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0450 3768 C:\Windows\system32\DRIVERS\winusb.sys - copied to quarantine
      01:13:06.0450 3768 winusb ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0471 3768 C:\Windows\system32\drivers\wmiacpi.sys - copied to quarantine
      01:13:06.0471 3768 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0501 3768 C:\Windows\system32\DRIVERS\wpdusb.sys - copied to quarantine
      01:13:06.0502 3768 WpdUsb ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0522 3768 C:\Windows\system32\drivers\ws2ifsl.sys - copied to quarantine
      01:13:06.0522 3768 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0548 3768 C:\Windows\system32\DRIVERS\WUDFRd.sys - copied to quarantine
      01:13:06.0548 3768 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0588 3768 C:\Windows\system32\DRIVERS\xusb21.sys - copied to quarantine
      01:13:06.0588 3768 xusb21 ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:13:06.0621 3768 C:\Windows\system32\Drivers\ymidusb.sys - copied to quarantine
      01:13:06.0621 3768 YMIDUSB ( LockedFile.Multi.Generic ) - User select action: Quarantine
      01:16:43.0738 3380 Deinitialize success

    6. #16
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: Nido de Malwares en mi pc!

      Hola Elisamuelps, ¿Qué has hecho, en qué páginas entras?

      A ver, cuando tengas un problema, aunque con una solución anterior te vaya bien, repórtalo de nuevo no apliques pasos porque aunque las lesiones pueden parecerte las mismas quizás los pasos sean diferentes (dependiendo de la infección o problema que tengas).

      Bueno, que sepas que no intento sermonearte, estoy aquí con toda mi buena voluntad para asesorarte y ayudarte.

      1.) Inicia/Actualiza el Malwarebytes pero no lo ejecutes aún. Bájate el Argente Utilities 1.0.3.1 | InfoSpyware. Bueno después de lo que es la instalación y actualización del mismo vas a configurarlo de esta manera: Funciones/Configuración/One Click Maintenance y me deseleccionas las 2 casillas últimas: Spyware Cleaner y Spyware Inmunice.

      2.) Reinicia en Modo Seguro y realizas un SCAN COMPLETO con el Malwarebytes. Borra lo que salga, GUARDAS REPORTE, le pasas el Ccleaner LIMPIADOR/REGISTRO y reinicias en Modo Normal.

      3.) Ejecuta RKill Rkill 2.0 | InfoSpyware y luego el AT AT-Destroyer 1.7 (by InfoSpyware) | InfoSpyware

      4.) A continuación Ejecuta el Argente, te vas a One click maintenance y reinicias. Borra todo lo que te salga. Reinicia en modo normal. Ejecuta con el complemento IE Tab instalado y configurado tal como te puse en un post anterior el Manual de Panda ActiveScan 2.0 Por cierto, ¿qué navegador usas por defecto?
      ¿Tienes instalado el SpywareBlaster?.
      Me guardas como las veces anteriores reportes de todo: Malware, RKill y AT.

      Saludos.
      Última edición por Gemsa_03 fecha: 04/10/12 a las 04:17:44 Razón: INCOMPLETO

    7. #17
      Usuario Avatar de elisamuelps
      Registrado
      sep 2012
      Ubicación
      Venezuela
      Mensajes
      13

      Re: Nido de Malwares en mi pc!

      uso por defecto el firefox para navegar, y el chrome para aplicaciones de ejecución de html 5, lo se no me esperaba al final que pasara eso, fue así de la nada que salio, y para prevenir antes de que se me vuelva a bloquear el mouse y el teclado preferí actuar rapido y por eso pase el tdss killer xD. Tengo el setup pero no he instalado el spywareblaster, de todas formas pase el tdsskiller en modo seguro y lo deje en modo seguro, ahorita ando pasando el malwarebytes y cuando termine voy al paso 3 con el rkill y el at-destroyer.

      y de verdad mil gracias por la ayuda y la paciencia :)

    8. #18
      Usuario Avatar de elisamuelps
      Registrado
      sep 2012
      Ubicación
      Venezuela
      Mensajes
      13

      Re: Nido de Malwares en mi pc!

      que extraño el malwarebytes no me detecto nada, igual que el rkill no encontro nada significante, pero aun sigo sin poder ejecutar el at destroyer O.o

      aca el log de malwarebytes

      Código:
      Malwarebytes Anti-Malware 1.65.0.1400
      www.malwarebytes.org
      
      Versión de la Base de Datos: v2012.10.04.04
      
      Windows Vista Service Pack 2 x86 NTFS (Modo Seguro/Red)
      Internet Explorer 8.0.6001.19088
      MY COMPUTERS :: G5SHB9 [administrador]
      
      10/4/2012 04:29:58 a.m.
      mbam-log-2012-10-04 (04-29-58).txt
      
      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 791101
      Tiempo transcurrido: 2 hora(s), 7 minuto(s), 42 segundo(s)
      
      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)
      
      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)
      
      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)
      
      fin)
      y aca el de rkill
      Código:
      Rkill 2.4.3 by Lawrence Abrams (Grinler)
      http://www.bleepingcomputer.com/
      Copyright 2008-2012 BleepingComputer.com
      More Information about Rkill can be found at this link:
       http://www.bleepingcomputer.com/forums/topic308364.html
      
      Program started at: 10/04/2012 10:36:33 AM in x86 mode.
      Windows Version: Windows Vista (TM) Ultimate Service Pack 2
      
      Checking for Windows services to stop:
      
       * No malware services found to stop.
      
      Checking for processes to terminate:
      
       * No malware processes found to kill.
      
      Checking Registry for malware related settings:
      
       * No issues found in the Registry.
      
      Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
      
      Performing miscellaneous checks:
      
       * Windows Defender Disabled
      
         [HKLM\SOFTWARE\Microsoft\Windows Defender]
         "DisableAntiSpyware" = dword:00000001
      
      Checking Windows Service Integrity: 
      
       * Windows Defender (WinDefend) is not Running.
         Startup Type set to: Automatic
      
       * Centro de seguridad (wscsvc) is not Running.
         Startup Type set to: Disabled
      
       * DFSR [Missing Service]
      
       * msiserver => %systemroot%\System32\msiexec.exe /V [Incorrect ImagePath]
       * gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]
      
      Searching for Missing Digital Signatures: 
      
       * No issues found.
      
      Checking HOSTS File: 
      
       * HOSTS file entries found: 
      
        127.0.0.1 serial.alcohol-soft.com
        127.0.0.1 www.alcohol-soft.com
        127.0.0.1 images.alcohol-soft.com
        127.0.0.1 trial.alcohol-soft.com
        127.0.0.1 alcohol-soft.com
      
      Program finished at: 10/04/2012 10:36:44 AM
      Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

    9. #19
      Ex-Colaborador Avatar de Gemsa_03
      Registrado
      feb 2012
      Ubicación
      Málaga-España
      Mensajes
      6.615

      Re: Nido de Malwares en mi pc!

      Hola!

      A ver, vamos a hacer una cosa:
      1.) Ejecuta una Restauración del sistema ANTES DEL 17 DE SEPTIEMBRE (No te va a efectuar cambios con los archivos). Si no tienes ninguno, reinicia tecla F8 y en el menú que te sale escoge Reparación/Ir a la ultima confiruración conocida en que el equipo funcionaba correctamente (no sé exactamente lo que pone ahora).

      2.) Actualiza/Ejecuta Malwarebytes Anti-Malware 1.65 | InfoSpyware. Ejecuta Ccleaner .

      3.) Abre el Mozilla (Descarga justo después este complemento: IniFox, Acelera el inicio de Firefox | InfoSpyware y lo instalas) y el IE Tab configurado IE Tab - Abrir Internet Explorer dentro de Firefox y Chrome Ejecuta el ESET http://www.forospyware.com/t133936.html cuando llegues al Menú de Scan, selecciona las 2 casillas visibles: Scan Archives y la otra, y, en avanzadas las 3. Después ejecuta el Ccleaner LIMPIADOR/REGISTRO CCleaner - Descargar | InfoSpyware con la casilla Servicios ACTIVADA pestaña Registros y es la última casilla .

      3.) Descarga/Ejecuta como Administrador esta herramienta: Manual de Argente Utilities configurado de esta manera: Configuración/One Click Maintenance y deseleccionas las 2 últimas casillas Spyware Cleaner/Spyware Inmunice.
      Reporta Informes.

      Un Saludo.
      Última edición por Gemsa_03 fecha: 04/10/12 a las 16:18:23 Razón: REEDICIÓN

    10. #20
      Usuario Avatar de elisamuelps
      Registrado
      sep 2012
      Ubicación
      Venezuela
      Mensajes
      13

      Re: Nido de Malwares en mi pc!

      no tengo ningun punto de restauración, precisamente lo deshabilite por que ocupa mucho espacio en el disco duro, pero vale voy a intentar