• Registrarse
  • Iniciar sesión


  • Resultados 1 al 8 de 8

    Error al instalar cualquier antivirus

    Hola compas, Os cuento mi problema a ver si alguien puede echarme un cable. Yo tenía instalado en mi ordenador el ESET, pero me empezó a dar un error en la actualziación, por lo que ...

    1. #1
      Usuario Avatar de 3kantino
      Registrado
      ago 2006
      Ubicación
      españa
      Mensajes
      5

      Error al instalar cualquier antivirus

      Hola compas,

      Os cuento mi problema a ver si alguien puede echarme un cable.

      Yo tenía instalado en mi ordenador el ESET, pero me empezó a dar un error en la actualziación, por lo que decidí desinstalarlo y volverlo a instalar.

      Al volverlo a instalar daba error. Llegaba casi al final y luego revertía y se reiniciaba.
      Pasé a probar con el Nod32 y pasó lo mismo.

      Entre medias de estas movidas el ordenador empezó a ir más lento de lo normal, por lo que decidí pasarle el antimalware, y detectó bastantes cosas feas. Me bajé unos antivirus que recomendaban por internet para desinfectar, con lo que me cargué alco de los controladores de windows.

      Me bajé, como leí por ahí también, varios programas agresivos que en teoría devuelven todoa su cauce (he de decir que me dejó de funcionar la recuperación de sistema, obviamente).

      Cuando ya por fín parecía que todo estaba arreglado, decidí instalar el AVAS free, pero me daba error y decía que no estaba protegido. Le pulsaba en arreglar y no hacía nada. Lo desisntale, me bajé un limpiador para redesinstalar el ESET, el Nod32 y el AVAST para que no quedase nada y lo volví a instalar, pero me daba el mismo fallo.

      Entonces, cobarde de mí, decidí irme a la competencia, y me bajé el AVG, pero me dice lo mismo: "no está completamente protegido".

      El caso es que este amigo me da más pistas, y me dice que me falta un controlador, concretamente el de "kernel Anti-rootkit".

      Decido actualizar con windows update pero también falla porque le falta nosequé.

      Siguiendo los consejos de intenet me voy a servicios pero no encuentro el "Servicio de transferencia inteligente en segundo plano (BITS)" que me piden que compruebe.

      El Fix50202 no me solucionó nada ni en modo agresivo.

      He de decir que tengo un windows recortado, no sé is puede ser eso.

      Concretamente, el aviso que me da Windows Update es:

      "Windows update no puede buscar actualizaciones porque el servicio no se esta ejecutando"

      ¿Cómo lo veis?


      Muchísimas gracias!!!

    2. #2
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Error al instalar cualquier antivirus

      Hola 3kantino :

      Tenes una infección un toque nueva.

      Pega el informe de Malwarebytes por favor


      Descarga TDSSKiller.zip a tu escritorio.
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      • Si el equipo está infectado:
      • Mostrara:
      • Threats detected.
      • Select action for found objects:

      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón

      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de 3kantino
      Registrado
      ago 2006
      Ubicación
      españa
      Mensajes
      5

      Re: Error al instalar cualquier antivirus

      Hola Superlucas,
      ya hice todo lo que me dijiste y parece que se arregló todo bien. El antivirus no me da aviso de error, Windows Update funciona y ya me aparece el servicio desaparecido (BITS).

      El resumen de malaware es este:

      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.0.1400
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.09.23.04

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 8.0.7601.17514
      Gregorio :: JEREMÍAS [administrador]

      Protección: Personas de movilidad reducida

      24/09/2012 0:46:17
      mbam-log-2012-09-24 (00-46-17).txt

      Tipos de Análisis: Análisis Rápido
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 186673
      Tiempo transcurrido: 4 minuto(s), 24 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 0
      (No se han detectado elementos maliciosos)

      fin)


      En la carpeta del TDSSKILLER sólo hay un archivo en cuarentena. ¿Qué hago con ello?

      Me has salvado de una buena. Muchísimas gracias. Supongo que ahora podré instalarme cualquien antivirus, ¿no?

      Los pendrivres que usé este tiempo estarán también infectados?

      un abrazo

    4. #4
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Error al instalar cualquier antivirus

      Hola ,

      1. Pega el informe de Tdsskiller por favor
      2. Bien que pudimos arreglar todo de un solo tiro
      3. Realiza un análisis completo con Malwarebytes y nos pegas el informe
      4. Por el momento no hagas nada
      5. Proba instalar Cualquier AV
      6. Si queres lo podemos comprobar
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de 3kantino
      Registrado
      ago 2006
      Ubicación
      españa
      Mensajes
      5

      Re: Error al instalar cualquier antivirus

      Informe del TDSSKILLER, perdona pero no lo encontré antes. El Malware lo dejo escaneando y lo reporto mañana, que aquí son ya la 1 y media de la madrugada. Gracias por todo y buenas noches!

      00:53:05.0836 1500 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
      00:53:05.0847 1500 ============================================================
      00:53:05.0847 1500 Current date / time: 2012/09/24 00:53:05.0847
      00:53:05.0847 1500 SystemInfo:
      00:53:05.0847 1500
      00:53:05.0847 1500 OS Version: 6.1.7601 ServicePack: 1.0
      00:53:05.0847 1500 Product type: Workstation
      00:53:05.0847 1500 ComputerName: JEREMÍAS
      00:53:05.0847 1500 UserName: Gregorio
      00:53:05.0847 1500 Windows directory: C:\Windows
      00:53:05.0847 1500 System windows directory: C:\Windows
      00:53:05.0847 1500 Processor architecture: Intel x86
      00:53:05.0847 1500 Number of processors: 2
      00:53:05.0847 1500 Page size: 0x1000
      00:53:05.0847 1500 Boot type: Normal boot
      00:53:05.0847 1500 ============================================================
      00:53:08.0768 1500 !crdlk
      00:53:08.0770 1500 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
      00:53:08.0787 1500 ============================================================
      00:53:08.0787 1500 \Device\Harddisk0\DR0:
      00:53:08.0787 1500 MBR partitions:
      00:53:08.0787 1500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x11D4D000
      00:53:08.0787 1500 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x130D5800, BlocksNum 0x11D58800
      00:53:08.0787 1500 ============================================================
      00:53:08.0803 1500 C: <-> \Device\Harddisk0\DR0\Partition1
      00:53:08.0847 1500 D: <-> \Device\Harddisk0\DR0\Partition2
      00:53:08.0848 1500 ============================================================
      00:53:08.0848 1500 Initialize success
      00:53:08.0848 1500 ============================================================
      00:53:29.0403 1012 ============================================================
      00:53:29.0404 1012 Scan started
      00:53:29.0404 1012 Mode: Manual; SigCheck; TDLFS;
      00:53:29.0404 1012 ============================================================
      00:53:29.0698 1012 ================ Scan system memory ========================
      00:53:29.0698 1012 System memory - ok
      00:53:29.0698 1012 ================ Scan services =============================
      00:53:29.0927 1012 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      00:55:15.0969 1012 1394ohci ( UnsignedFile.Multi.Generic ) - warning
      00:55:15.0969 1012 1394ohci - detected UnsignedFile.Multi.Generic (1)
      00:55:16.0697 1012 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      00:55:16.0747 1012 ACPI - ok
      00:55:16.0795 1012 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      00:55:16.0872 1012 AcpiPmi - ok
      00:55:16.0931 1012 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
      00:55:16.0956 1012 adp94xx - ok
      00:55:16.0997 1012 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
      00:55:17.0017 1012 adpahci - ok
      00:55:17.0051 1012 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
      00:55:17.0068 1012 adpu320 - ok
      00:55:17.0133 1012 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      00:55:17.0147 1012 AeLookupSvc - ok
      00:55:17.0243 1012 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
      00:55:17.0263 1012 AFD - ok
      00:55:17.0378 1012 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
      00:55:17.0428 1012 AgereSoftModem - ok
      00:55:17.0463 1012 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
      00:55:17.0477 1012 agp440 - ok
      00:55:17.0521 1012 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
      00:55:17.0535 1012 aic78xx - ok
      00:55:17.0570 1012 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
      00:55:17.0584 1012 ALG - ok
      00:55:17.0623 1012 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
      00:55:17.0636 1012 aliide - ok
      00:55:17.0679 1012 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
      00:55:17.0693 1012 amdagp - ok
      00:55:17.0722 1012 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
      00:55:17.0735 1012 amdide - ok
      00:55:17.0776 1012 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
      00:55:17.0790 1012 AmdK8 - ok
      00:55:17.0808 1012 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
      00:55:17.0822 1012 AmdPPM - ok
      00:55:17.0865 1012 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
      00:55:17.0879 1012 amdsata - ok
      00:55:17.0914 1012 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
      00:55:17.0930 1012 amdsbs - ok
      00:55:17.0952 1012 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      00:55:17.0966 1012 amdxata - ok
      00:55:18.0009 1012 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
      00:55:18.0036 1012 AppID - ok
      00:55:18.0089 1012 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      00:55:18.0115 1012 AppIDSvc - ok
      00:55:18.0160 1012 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
      00:55:18.0187 1012 Appinfo - ok
      00:55:18.0231 1012 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
      00:55:18.0246 1012 AppMgmt - ok
      00:55:18.0273 1012 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
      00:55:18.0288 1012 arc - ok
      00:55:18.0315 1012 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
      00:55:18.0331 1012 arcsas - ok
      00:55:18.0421 1012 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      00:55:18.0488 1012 AsyncMac - ok
      00:55:18.0557 1012 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
      00:55:18.0573 1012 atapi - ok
      00:55:18.0688 1012 [ BEFE54E9BC648A3C79C917A63B6EE7DA ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
      00:55:18.0721 1012 ATSwpWDF - ok
      00:55:18.0795 1012 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      00:55:18.0830 1012 AudioEndpointBuilder - ok
      00:55:18.0855 1012 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
      00:55:18.0885 1012 Audiosrv - ok
      00:55:19.0530 1012 [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
      00:55:19.0796 1012 AVGIDSAgent - ok
      00:55:20.0073 1012 [ 9E42E8B6BB7FD68F840003A9FC8F24C8 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
      00:55:20.0089 1012 AVGIDSDriver - ok
      00:55:20.0206 1012 [ CB77A9743A033E33F8409D235C683D99 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
      00:55:20.0221 1012 AVGIDSHX - ok
      00:55:20.0286 1012 [ 240F106B07CD9B522E2CD9E621618367 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
      00:55:20.0300 1012 AVGIDSShim - ok
      00:55:20.0384 1012 [ 7023142C545896D3538C9D36DDC57406 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
      00:55:20.0400 1012 Avgldx86 - ok
      00:55:20.0481 1012 [ 87E88A36279C8E5869270CC87F5BB7CD ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
      00:55:20.0549 1012 Avglogx - ok
      00:55:20.0619 1012 [ DACC0743F5313045D5CCA23F8A7CDF68 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
      00:55:20.0634 1012 Avgmfx86 - ok
      00:55:21.0586 1012 [ B8392B63D795A3DE866793220D3559EF ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
      00:55:21.0601 1012 Avgrkx86 - ok
      00:55:21.0695 1012 [ 69A4DF4CD2A15AACC0E8D2005D6A04BA ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
      00:55:21.0711 1012 Avgtdix - ok
      00:55:21.0776 1012 [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
      00:55:21.0794 1012 avgwd - ok
      00:55:21.0844 1012 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
      00:55:21.0862 1012 AxInstSV - ok
      00:55:21.0923 1012 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
      00:55:21.0958 1012 b06bdrv - ok
      00:55:22.0008 1012 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
      00:55:22.0026 1012 b57nd60x - ok
      00:55:22.0077 1012 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
      00:55:22.0091 1012 BDESVC - ok
      00:55:22.0163 1012 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
      00:55:22.0221 1012 Beep - ok
      00:55:22.0584 1012 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
      00:55:22.0620 1012 BFE - ok
      00:55:22.0729 1012 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
      00:55:22.0767 1012 BITS - ok
      00:55:22.0802 1012 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      00:55:22.0826 1012 blbdrive - ok
      00:55:22.0875 1012 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      00:55:22.0889 1012 bowser - ok
      00:55:22.0930 1012 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
      00:55:22.0946 1012 BrFiltLo - ok
      00:55:22.0965 1012 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
      00:55:22.0981 1012 BrFiltUp - ok
      00:55:23.0034 1012 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
      00:55:23.0052 1012 Browser - ok
      00:55:23.0091 1012 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      00:55:23.0109 1012 Brserid - ok
      00:55:23.0149 1012 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      00:55:23.0165 1012 BrSerWdm - ok
      00:55:23.0189 1012 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      00:55:23.0208 1012 BrUsbMdm - ok
      00:55:23.0232 1012 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      00:55:23.0246 1012 BrUsbSer - ok
      00:55:23.0273 1012 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      00:55:23.0289 1012 BTHMODEM - ok
      00:55:23.0338 1012 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
      00:55:23.0367 1012 bthserv - ok
      00:55:23.0431 1012 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      00:55:23.0461 1012 cdfs - ok
      00:55:23.0516 1012 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
      00:55:23.0516 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\cdrom.sys. md5: BE167ED0FDB9C1FA1133953C18D5A6C9
      00:55:23.0549 1012 cdrom ( LockedFile.Multi.Generic ) - warning
      00:55:23.0549 1012 cdrom - detected LockedFile.Multi.Generic (1)
      00:55:23.0595 1012 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
      00:55:23.0622 1012 CertPropSvc - ok
      00:55:23.0643 1012 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      00:55:23.0644 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\circlass.sys. md5: 3FE3FE94A34DF6FB06E6418D0F6A0060
      00:55:23.0666 1012 circlass ( LockedFile.Multi.Generic ) - warning
      00:55:23.0666 1012 circlass - detected LockedFile.Multi.Generic (1)
      00:55:23.0731 1012 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
      00:55:23.0732 1012 Suspicious file (NoAccess): C:\Windows\system32\CLFS.sys. md5: 635181E0E9BBF16871BF5380D71DB02D
      00:55:23.0740 1012 CLFS ( LockedFile.Multi.Generic ) - warning
      00:55:23.0740 1012 CLFS - detected LockedFile.Multi.Generic (1)
      00:55:23.0842 1012 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      00:55:23.0855 1012 clr_optimization_v2.0.50727_32 - ok
      00:55:23.0937 1012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      00:55:23.0951 1012 clr_optimization_v4.0.30319_32 - ok
      00:55:23.0994 1012 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      00:55:23.0994 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\CmBatt.sys. md5: DEA805815E587DAD1DD2C502220B5616
      00:55:24.0065 1012 CmBatt ( LockedFile.Multi.Generic ) - warning
      00:55:24.0065 1012 CmBatt - detected LockedFile.Multi.Generic (1)
      00:55:24.0094 1012 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
      00:55:24.0094 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\cmdide.sys. md5: C537B1DB64D495B9B4717B4D6D9EDBF2
      00:55:24.0099 1012 cmdide ( LockedFile.Multi.Generic ) - warning
      00:55:24.0099 1012 cmdide - detected LockedFile.Multi.Generic (1)
      00:55:24.0146 1012 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
      00:55:24.0146 1012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\cng.sys. md5: 247B4CE2DAB1160CD422D532D5241E1F
      00:55:24.0150 1012 CNG ( LockedFile.Multi.Generic ) - warning
      00:55:24.0150 1012 CNG - detected LockedFile.Multi.Generic (1)
      00:55:24.0189 1012 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      00:55:24.0189 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\compbatt.sys. md5: A6023D3823C37043986713F118A89BEE
      00:55:24.0194 1012 Compbatt ( LockedFile.Multi.Generic ) - warning
      00:55:24.0194 1012 Compbatt - detected LockedFile.Multi.Generic (1)
      00:55:24.0237 1012 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
      00:55:24.0237 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\CompositeBus.sys. md5: CBE8C58A8579CFE5FCCF809E6F114E89
      00:55:24.0242 1012 CompositeBus ( LockedFile.Multi.Generic ) - warning
      00:55:24.0242 1012 CompositeBus - detected LockedFile.Multi.Generic (1)
      00:55:24.0256 1012 COMSysApp - ok
      00:55:24.0286 1012 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
      00:55:24.0287 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\crcdisk.sys. md5: 2C4EBCFC84A9B44F209DFF6C6E6C61D1
      00:55:24.0291 1012 crcdisk ( LockedFile.Multi.Generic ) - warning
      00:55:24.0291 1012 crcdisk - detected LockedFile.Multi.Generic (1)
      00:55:24.0344 1012 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
      00:55:24.0361 1012 CryptSvc - ok
      00:55:24.0454 1012 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
      00:55:24.0454 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\csc.sys. md5: 3C2177A897B4CA2788C6FB0C3FD81D4B
      00:55:24.0461 1012 CSC ( LockedFile.Multi.Generic ) - warning
      00:55:24.0461 1012 CSC - detected LockedFile.Multi.Generic (1)
      00:55:24.0538 1012 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
      00:55:24.0560 1012 CscService - ok
      00:55:24.0605 1012 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
      00:55:24.0636 1012 DcomLaunch - ok
      00:55:24.0689 1012 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
      00:55:24.0720 1012 defragsvc - ok
      00:55:24.0800 1012 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      00:55:24.0800 1012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: F024449C97EC1E464AAFFDA18593DB88
      00:55:24.0825 1012 DfsC ( LockedFile.Multi.Generic ) - warning
      00:55:24.0826 1012 DfsC - detected LockedFile.Multi.Generic (1)
      00:55:24.0879 1012 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
      00:55:24.0908 1012 Dhcp - ok
      00:55:24.0948 1012 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
      00:55:24.0948 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\discache.sys. md5: 1A050B0274BFB3890703D490F330C0DA
      00:55:24.0953 1012 discache ( LockedFile.Multi.Generic ) - warning
      00:55:24.0953 1012 discache - detected LockedFile.Multi.Generic (1)
      00:55:24.0975 1012 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
      00:55:24.0975 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\disk.sys. md5: 565003F326F99802E68CA78F2A68E9FF
      00:55:24.0980 1012 Disk ( LockedFile.Multi.Generic ) - warning
      00:55:24.0980 1012 Disk - detected LockedFile.Multi.Generic (1)
      00:55:25.0029 1012 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      00:55:25.0044 1012 Dnscache - ok
      00:55:25.0105 1012 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
      00:55:25.0134 1012 dot3svc - ok
      00:55:25.0181 1012 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
      00:55:25.0209 1012 DPS - ok
      00:55:25.0260 1012 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      00:55:25.0261 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\drmkaud.sys. md5: B918E7C5F9BF77202F89E1A9539F2EB4
      00:55:25.0265 1012 drmkaud ( LockedFile.Multi.Generic ) - warning
      00:55:25.0265 1012 drmkaud - detected LockedFile.Multi.Generic (1)
      00:55:25.0324 1012 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      00:55:25.0325 1012 Suspicious file (NoAccess): C:\Windows\System32\drivers\dxgkrnl.sys. md5: 23F5D28378A160352BA8F817BD8C71CB
      00:55:25.0330 1012 DXGKrnl ( LockedFile.Multi.Generic ) - warning
      00:55:25.0330 1012 DXGKrnl - detected LockedFile.Multi.Generic (1)
      00:55:25.0334 1012 Suspicious service (NoAccess): e8603dbf42c113e2
      00:55:25.0378 1012 [ 075F1F21FD1DCF6C7F1144CC2E9FE3B6 ] e8603dbf42c113e2 C:\Windows\System32\Drivers\e8603dbf42c113e2.sys
      00:55:25.0378 1012 Suspicious file (NoAccess): C:\Windows\System32\Drivers\e8603dbf42c113e2.sys. md5: 075F1F21FD1DCF6C7F1144CC2E9FE3B6
      00:55:25.0385 1012 e8603dbf42c113e2 ( Rootkit.Win32.Necurs.gen ) - infected
      00:55:25.0385 1012 e8603dbf42c113e2 - detected Rootkit.Win32.Necurs.gen (0)
      00:55:25.0433 1012 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
      00:55:25.0463 1012 EapHost - ok
      00:55:25.0572 1012 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
      00:55:25.0573 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\evbdx.sys. md5: 024E1B5CAC09731E4D868E64DBFB4AB0
      00:55:25.0582 1012 ebdrv ( LockedFile.Multi.Generic ) - warning
      00:55:25.0582 1012 ebdrv - detected LockedFile.Multi.Generic (1)
      00:55:25.0633 1012 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
      00:55:25.0647 1012 EFS - ok
      00:55:25.0729 1012 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      00:55:25.0749 1012 ehRecvr - ok
      00:55:25.0796 1012 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
      00:55:25.0810 1012 ehSched - ok
      00:55:25.0860 1012 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
      00:55:25.0860 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\elxstor.sys. md5: 0ED67910C8C326796FAA00B2BF6D9D3C
      00:55:25.0868 1012 elxstor ( LockedFile.Multi.Generic ) - warning
      00:55:25.0868 1012 elxstor - detected LockedFile.Multi.Generic (1)
      00:55:25.0896 1012 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
      00:55:25.0896 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\errdev.sys. md5: 8FC3208352DD3912C94367A206AB3F11
      00:55:25.0901 1012 ErrDev ( LockedFile.Multi.Generic ) - warning
      00:55:25.0901 1012 ErrDev - detected LockedFile.Multi.Generic (1)
      00:55:25.0972 1012 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
      00:55:26.0004 1012 EventSystem - ok
      00:55:26.0034 1012 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
      00:55:26.0034 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\exfat.sys. md5: 2DC9108D74081149CC8B651D3A26207F
      00:55:26.0039 1012 exfat ( LockedFile.Multi.Generic ) - warning
      00:55:26.0039 1012 exfat - detected LockedFile.Multi.Generic (1)
      00:55:26.0112 1012 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
      00:55:26.0112 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\fastfat.sys. md5: 7E0AB74553476622FB6AE36F73D97D35
      00:55:26.0116 1012 fastfat ( LockedFile.Multi.Generic ) - warning
      00:55:26.0116 1012 fastfat - detected LockedFile.Multi.Generic (1)
      00:55:26.0167 1012 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
      00:55:26.0186 1012 Fax - ok
      00:55:26.0215 1012 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      00:55:26.0215 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fdc.sys. md5: E817A017F82DF2A1F8CFDBDA29388B29
      00:55:26.0220 1012 fdc ( LockedFile.Multi.Generic ) - warning
      00:55:26.0220 1012 fdc - detected LockedFile.Multi.Generic (1)
      00:55:26.0251 1012 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
      00:55:26.0282 1012 fdPHost - ok
      00:55:26.0310 1012 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
      00:55:26.0338 1012 FDResPub - ok
      00:55:26.0426 1012 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      00:55:26.0426 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\fileinfo.sys. md5: 6CF00369C97F3CF563BE99BE983D13D8
      00:55:26.0431 1012 FileInfo ( LockedFile.Multi.Generic ) - warning
      00:55:26.0431 1012 FileInfo - detected LockedFile.Multi.Generic (1)
      00:55:26.0456 1012 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      00:55:26.0457 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\filetrace.sys. md5: 42C51DC94C91DA21CB9196EB64C45DB9
      00:55:26.0463 1012 Filetrace ( LockedFile.Multi.Generic ) - warning
      00:55:26.0463 1012 Filetrace - detected LockedFile.Multi.Generic (1)
      00:55:26.0490 1012 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      00:55:26.0490 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\flpydisk.sys. md5: 87907AA70CB3C56600F1C2FB8841579B
      00:55:26.0494 1012 flpydisk ( LockedFile.Multi.Generic ) - warning
      00:55:26.0494 1012 flpydisk - detected LockedFile.Multi.Generic (1)
      00:55:26.0530 1012 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      00:55:26.0530 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\fltmgr.sys. md5: 7520EC808E0C35E0EE6F841294316653
      00:55:26.0535 1012 FltMgr ( LockedFile.Multi.Generic ) - warning
      00:55:26.0535 1012 FltMgr - detected LockedFile.Multi.Generic (1)
      00:55:26.0606 1012 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
      00:55:26.0641 1012 FontCache - ok
      00:55:26.0718 1012 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      00:55:26.0728 1012 FontCache3.0.0.0 - ok
      00:55:26.0763 1012 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      00:55:26.0763 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\FsDepends.sys. md5: 1A16B57943853E598CFF37FE2B8CBF1D
      00:55:26.0771 1012 FsDepends ( LockedFile.Multi.Generic ) - warning
      00:55:26.0771 1012 FsDepends - detected LockedFile.Multi.Generic (1)
      00:55:26.0846 1012 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      00:55:26.0846 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\Fs_Rec.sys. md5: 7DAE5EBCC80E45D3253F4923DC424D05
      00:55:26.0850 1012 Fs_Rec ( LockedFile.Multi.Generic ) - warning
      00:55:26.0850 1012 Fs_Rec - detected LockedFile.Multi.Generic (1)
      00:55:26.0897 1012 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      00:55:26.0897 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fvevol.sys. md5: 8A73E79089B282100B9393B644CB853B
      00:55:26.0902 1012 fvevol ( LockedFile.Multi.Generic ) - warning
      00:55:26.0902 1012 fvevol - detected LockedFile.Multi.Generic (1)
      00:55:26.0963 1012 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
      00:55:26.0963 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\gagp30kx.sys. md5: 65EE0C7A58B65E74AE05637418153938
      00:55:26.0970 1012 gagp30kx ( LockedFile.Multi.Generic ) - warning
      00:55:26.0970 1012 gagp30kx - detected LockedFile.Multi.Generic (1)
      00:55:27.0023 1012 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
      00:55:27.0057 1012 gpsvc - ok
      00:55:27.0090 1012 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      00:55:27.0090 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\hcw85cir.sys. md5: C44E3C2BAB6837DB337DDEE7544736DB
      00:55:27.0096 1012 hcw85cir ( LockedFile.Multi.Generic ) - warning
      00:55:27.0096 1012 hcw85cir - detected LockedFile.Multi.Generic (1)
      00:55:27.0158 1012 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      00:55:27.0158 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\HdAudio.sys. md5: A5EF29D5315111C80A5C1ABAD14C8972
      00:55:27.0163 1012 HdAudAddService ( LockedFile.Multi.Generic ) - warning
      00:55:27.0163 1012 HdAudAddService - detected LockedFile.Multi.Generic (1)
      00:55:27.0183 1012 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
      00:55:27.0183 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\HDAudBus.sys. md5: 9036377B8A6C15DC2EEC53E489D159B5
      00:55:27.0188 1012 HDAudBus ( LockedFile.Multi.Generic ) - warning
      00:55:27.0188 1012 HDAudBus - detected LockedFile.Multi.Generic (1)
      00:55:27.0212 1012 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
      00:55:27.0212 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HidBatt.sys. md5: 1D58A7F3E11A9731D0EAAAA8405ACC36
      00:55:27.0216 1012 HidBatt ( LockedFile.Multi.Generic ) - warning
      00:55:27.0216 1012 HidBatt - detected LockedFile.Multi.Generic (1)
      00:55:27.0235 1012 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      00:55:27.0236 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidbth.sys. md5: 89448F40E6DF260C206A193A4683BA78
      00:55:27.0240 1012 HidBth ( LockedFile.Multi.Generic ) - warning
      00:55:27.0240 1012 HidBth - detected LockedFile.Multi.Generic (1)
      00:55:27.0266 1012 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      00:55:27.0266 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidir.sys. md5: CF50B4CF4A4F229B9F3C08351F99CA5E
      00:55:27.0274 1012 HidIr ( LockedFile.Multi.Generic ) - warning
      00:55:27.0274 1012 HidIr - detected LockedFile.Multi.Generic (1)
      00:55:27.0324 1012 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
      00:55:27.0353 1012 hidserv - ok
      00:55:27.0393 1012 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
      00:55:27.0394 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidusb.sys. md5: 10C19F8290891AF023EAEC0832E1EB4D
      00:55:27.0398 1012 HidUsb ( LockedFile.Multi.Generic ) - warning
      00:55:27.0398 1012 HidUsb - detected LockedFile.Multi.Generic (1)
      00:55:27.0478 1012 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
      00:55:27.0506 1012 hkmsvc - ok
      00:55:27.0710 1012 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      00:55:27.0726 1012 HomeGroupListener - ok
      00:55:27.0778 1012 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      00:55:27.0793 1012 HomeGroupProvider - ok
      00:55:27.0835 1012 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
      00:55:27.0836 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\HpSAMD.sys. md5: 295FDC419039090EB8B49FFDBB374549
      00:55:27.0842 1012 HpSAMD ( LockedFile.Multi.Generic ) - warning
      00:55:27.0842 1012 HpSAMD - detected LockedFile.Multi.Generic (1)
      00:55:27.0902 1012 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      00:55:27.0902 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: 871917B07A141BFF43D76D8844D48106
      00:55:27.0911 1012 HTTP ( LockedFile.Multi.Generic ) - warning
      00:55:27.0911 1012 HTTP - detected LockedFile.Multi.Generic (1)
      00:55:27.0973 1012 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      00:55:27.0973 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\hwpolicy.sys. md5: 0C4E035C7F105F1299258C90886C64C5
      00:55:27.0978 1012 hwpolicy ( LockedFile.Multi.Generic ) - warning
      00:55:27.0978 1012 hwpolicy - detected LockedFile.Multi.Generic (1)
      00:55:28.0039 1012 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
      00:55:28.0039 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\i8042prt.sys. md5: F151F0BDC47F4A28B1B20A0818EA36D6
      00:55:28.0046 1012 i8042prt ( LockedFile.Multi.Generic ) - warning
      00:55:28.0046 1012 i8042prt - detected LockedFile.Multi.Generic (1)
      00:55:28.0079 1012 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      00:55:28.0079 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\iaStorV.sys. md5: 5CD5F9A5444E6CDCB0AC89BD62D8B76E
      00:55:28.0086 1012 iaStorV ( LockedFile.Multi.Generic ) - warning
      00:55:28.0086 1012 iaStorV - detected LockedFile.Multi.Generic (1)
      00:55:28.0162 1012 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      00:55:28.0185 1012 idsvc - ok
      00:55:28.0237 1012 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
      00:55:28.0237 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\iirsp.sys. md5: 4173FF5708F3236CF25195FECD742915
      00:55:28.0242 1012 iirsp ( LockedFile.Multi.Generic ) - warning
      00:55:28.0242 1012 iirsp - detected LockedFile.Multi.Generic (1)
      00:55:28.0312 1012 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
      00:55:28.0352 1012 IKEEXT - ok
      00:55:28.0379 1012 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
      00:55:28.0379 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\intelide.sys. md5: A0F12F2C9BA6C72F3987CE780E77C130
      00:55:28.0384 1012 intelide ( LockedFile.Multi.Generic ) - warning
      00:55:28.0384 1012 intelide - detected LockedFile.Multi.Generic (1)
      00:55:28.0439 1012 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      00:55:28.0439 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: 3B514D27BFC4ACCB4037BC6685F766E0
      00:55:28.0444 1012 intelppm ( LockedFile.Multi.Generic ) - warning
      00:55:28.0444 1012 intelppm - detected LockedFile.Multi.Generic (1)
      00:55:28.0495 1012 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      00:55:28.0526 1012 IPBusEnum - ok
      00:55:28.0555 1012 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      00:55:28.0556 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: 709D1761D3B19A932FF0238EA6D50200
      00:55:28.0560 1012 IpFilterDriver ( LockedFile.Multi.Generic ) - warning
      00:55:28.0560 1012 IpFilterDriver - detected LockedFile.Multi.Generic (1)
      00:55:28.0672 1012 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      00:55:28.0704 1012 iphlpsvc - ok
      00:55:28.0751 1012 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
      00:55:28.0751 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\IPMIDrv.sys. md5: 4BD7134618C1D2A27466A099062547BF
      00:55:28.0755 1012 IPMIDRV ( LockedFile.Multi.Generic ) - warning
      00:55:28.0755 1012 IPMIDRV - detected LockedFile.Multi.Generic (1)
      00:55:28.0792 1012 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      00:55:28.0792 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\ipnat.sys. md5: A5FA468D67ABCDAA36264E463A7BB0CD
      00:55:28.0796 1012 IPNAT ( LockedFile.Multi.Generic ) - warning
      00:55:28.0796 1012 IPNAT - detected LockedFile.Multi.Generic (1)
      00:55:28.0830 1012 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
      00:55:28.0830 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: 42996CFF20A3084A56017B7902307E9F
      00:55:28.0834 1012 IRENUM ( LockedFile.Multi.Generic ) - warning
      00:55:28.0834 1012 IRENUM - detected LockedFile.Multi.Generic (1)
      00:55:28.0863 1012 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      00:55:28.0863 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\isapnp.sys. md5: 1F32BB6B38F62F7DF1A7AB7292638A35
      00:55:28.0867 1012 isapnp ( LockedFile.Multi.Generic ) - warning
      00:55:28.0867 1012 isapnp - detected LockedFile.Multi.Generic (1)
      00:55:28.0921 1012 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
      00:55:28.0921 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\msiscsi.sys. md5: CB7A9ABB12B8415BCE5D74994C7BA3AE
      00:55:28.0928 1012 iScsiPrt ( LockedFile.Multi.Generic ) - warning
      00:55:28.0928 1012 iScsiPrt - detected LockedFile.Multi.Generic (1)
      00:55:28.0969 1012 [ FA4A5B32CAE6074205B26971191EFEE4 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
      00:55:28.0969 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\jmcr.sys. md5: FA4A5B32CAE6074205B26971191EFEE4
      00:55:28.0977 1012 JMCR ( LockedFile.Multi.Generic ) - warning
      00:55:28.0977 1012 JMCR - detected LockedFile.Multi.Generic (1)
      00:55:29.0019 1012 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
      00:55:29.0020 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\kbdclass.sys. md5: ADEF52CA1AEAE82B50DF86B56413107E
      00:55:29.0026 1012 kbdclass ( LockedFile.Multi.Generic ) - warning
      00:55:29.0026 1012 kbdclass - detected LockedFile.Multi.Generic (1)
      00:55:29.0093 1012 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
      00:55:29.0093 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\kbdhid.sys. md5: 9E3CED91863E6EE98C24794D05E27A71
      00:55:29.0099 1012 kbdhid ( LockedFile.Multi.Generic ) - warning
      00:55:29.0099 1012 kbdhid - detected LockedFile.Multi.Generic (1)
      00:55:29.0124 1012 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
      00:55:29.0139 1012 KeyIso - ok
      00:55:29.0174 1012 [ 4635935FC972C582632BF45C26BFCB0E ] KMService C:\Windows\system32\srvany.exe
      00:55:29.0180 1012 KMService ( UnsignedFile.Multi.Generic ) - warning
      00:55:29.0180 1012 KMService - detected UnsignedFile.Multi.Generic (1)
      00:55:29.0252 1012 [ 4476FE98AAF505ACDCD3EE6360AABEC1 ] KMWDFILTERx86 C:\Windows\system32\DRIVERS\KMWDFILTER.sys
      00:55:29.0253 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\KMWDFILTER.sys. md5: 4476FE98AAF505ACDCD3EE6360AABEC1
      00:55:29.0257 1012 KMWDFILTERx86 ( LockedFile.Multi.Generic ) - warning
      00:55:29.0257 1012 KMWDFILTERx86 - detected LockedFile.Multi.Generic (1)
      00:55:29.0303 1012 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      00:55:29.0303 1012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: B7895B4182C0D16F6EFADEB8081E8D36
      00:55:29.0308 1012 KSecDD ( LockedFile.Multi.Generic ) - warning
      00:55:29.0308 1012 KSecDD - detected LockedFile.Multi.Generic (1)
      00:55:29.0355 1012 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      00:55:29.0355 1012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecpkg.sys. md5: D30159AC9237519FBC62C6EC247D2D46
      00:55:29.0360 1012 KSecPkg ( LockedFile.Multi.Generic ) - warning
      00:55:29.0360 1012 KSecPkg - detected LockedFile.Multi.Generic (1)
      00:55:29.0404 1012 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
      00:55:29.0437 1012 KtmRm - ok
      00:55:29.0472 1012 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
      00:55:29.0501 1012 LanmanServer - ok
      00:55:29.0528 1012 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      00:55:29.0556 1012 LanmanWorkstation - ok
      00:55:29.0635 1012 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      00:55:29.0636 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: F7611EC07349979DA9B0AE1F18CCC7A6
      00:55:29.0664 1012 lltdio ( LockedFile.Multi.Generic ) - warning
      00:55:29.0664 1012 lltdio - detected LockedFile.Multi.Generic (1)
      00:55:29.0715 1012 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
      00:55:29.0747 1012 lltdsvc - ok
      00:55:29.0776 1012 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
      00:55:29.0803 1012 lmhosts - ok
      00:55:29.0839 1012 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
      00:55:29.0839 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_fc.sys. md5: EB119A53CCF2ACC000AC71B065B78FEF
      00:55:29.0845 1012 LSI_FC ( LockedFile.Multi.Generic ) - warning
      00:55:29.0845 1012 LSI_FC - detected LockedFile.Multi.Generic (1)
      00:55:29.0867 1012 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
      00:55:29.0867 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_sas.sys. md5: 8ADE1C877256A22E49B75D1CC9161F9C
      00:55:29.0873 1012 LSI_SAS ( LockedFile.Multi.Generic ) - warning
      00:55:29.0873 1012 LSI_SAS - detected LockedFile.Multi.Generic (1)
      00:55:29.0901 1012 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
      00:55:29.0901 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_sas2.sys. md5: DC9DC3D3DAA0E276FD2EC262E38B11E9
      00:55:29.0908 1012 LSI_SAS2 ( LockedFile.Multi.Generic ) - warning
      00:55:29.0908 1012 LSI_SAS2 - detected LockedFile.Multi.Generic (1)
      00:55:29.0939 1012 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
      00:55:29.0939 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_scsi.sys. md5: 0A036C7D7CAB643A7F07135AC47E0524
      00:55:29.0945 1012 LSI_SCSI ( LockedFile.Multi.Generic ) - warning
      00:55:29.0945 1012 LSI_SCSI - detected LockedFile.Multi.Generic (1)
      00:55:30.0044 1012 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
      00:55:30.0045 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 6703E366CC18D3B6E534F5CF7DF39CEE
      00:55:30.0053 1012 luafv ( LockedFile.Multi.Generic ) - warning
      00:55:30.0053 1012 luafv - detected LockedFile.Multi.Generic (1)
      00:55:30.0115 1012 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
      00:55:30.0132 1012 MBAMProtector - ok
      00:55:30.0203 1012 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      00:55:30.0221 1012 MBAMScheduler - ok
      00:55:30.0282 1012 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      00:55:30.0301 1012 MBAMService - ok
      00:55:30.0359 1012 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      00:55:30.0376 1012 Mcx2Svc - ok
      00:55:30.0426 1012 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
      00:55:30.0426 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\megasas.sys. md5: 0FFF5B045293002AB38EB1FD1FC2FB74
      00:55:30.0453 1012 megasas ( LockedFile.Multi.Generic ) - warning
      00:55:30.0453 1012 megasas - detected LockedFile.Multi.Generic (1)
      00:55:30.0491 1012 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
      00:55:30.0491 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MegaSR.sys. md5: DCBAB2920C75F390CAF1D29F675D03D6
      00:55:30.0497 1012 MegaSR ( LockedFile.Multi.Generic ) - warning
      00:55:30.0497 1012 MegaSR - detected LockedFile.Multi.Generic (1)
      00:55:30.0588 1012 Microsoft SharePoint Workspace Audit Service - ok
      00:55:30.0625 1012 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
      00:55:30.0654 1012 MMCSS - ok
      00:55:30.0709 1012 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
      00:55:30.0709 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: F001861E5700EE84E2D4E52C712F4964
      00:55:30.0714 1012 Modem ( LockedFile.Multi.Generic ) - warning
      00:55:30.0714 1012 Modem - detected LockedFile.Multi.Generic (1)
      00:55:30.0811 1012 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      00:55:30.0811 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: 79D10964DE86B292320E9DFE02282A23
      00:55:30.0818 1012 monitor ( LockedFile.Multi.Generic ) - warning
      00:55:30.0818 1012 monitor - detected LockedFile.Multi.Generic (1)
      00:55:30.0900 1012 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
      00:55:30.0900 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\mouclass.sys. md5: FB18CC1D4C2E716B6B903B0AC0CC0609
      00:55:30.0904 1012 mouclass ( LockedFile.Multi.Generic ) - warning
      00:55:30.0904 1012 mouclass - detected LockedFile.Multi.Generic (1)
      00:55:30.0961 1012 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      00:55:30.0961 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouhid.sys. md5: 2C388D2CD01C9042596CF3C8F3C7B24D
      00:55:30.0967 1012 mouhid ( LockedFile.Multi.Generic ) - warning
      00:55:30.0967 1012 mouhid - detected LockedFile.Multi.Generic (1)
      00:55:31.0017 1012 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      00:55:31.0017 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: FC8771F45ECCCFD89684E38842539B9B
      00:55:31.0021 1012 mountmgr ( LockedFile.Multi.Generic ) - warning
      00:55:31.0021 1012 mountmgr - detected LockedFile.Multi.Generic (1)
      00:55:31.0102 1012 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
      00:55:31.0114 1012 MozillaMaintenance - ok
      00:55:31.0165 1012 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
      00:55:31.0165 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpio.sys. md5: 2D699FB6E89CE0D8DA14ECC03B3EDFE0
      00:55:31.0169 1012 mpio ( LockedFile.Multi.Generic ) - warning
      00:55:31.0169 1012 mpio - detected LockedFile.Multi.Generic (1)
      00:55:31.0254 1012 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      00:55:31.0254 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: AD2723A7B53DD1AACAE6AD8C0BFBF4D0
      00:55:31.0261 1012 mpsdrv ( LockedFile.Multi.Generic ) - warning
      00:55:31.0261 1012 mpsdrv - detected LockedFile.Multi.Generic (1)
      00:55:31.0379 1012 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
      00:55:31.0420 1012 MpsSvc - ok
      00:55:31.0470 1012 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      00:55:31.0471 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: CEB46AB7C01C9F825F8CC6BABC18166A
      00:55:31.0480 1012 MRxDAV ( LockedFile.Multi.Generic ) - warning
      00:55:31.0480 1012 MRxDAV - detected LockedFile.Multi.Generic (1)
      00:55:31.0560 1012 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      00:55:31.0561 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: 5D16C921E3671636C0EBA3BBAAC5FD25
      00:55:31.0565 1012 mrxsmb ( LockedFile.Multi.Generic ) - warning
      00:55:31.0565 1012 mrxsmb - detected LockedFile.Multi.Generic (1)
      00:55:31.0627 1012 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      00:55:31.0627 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: 6D17A4791ACA19328C685D256349FEFC
      00:55:31.0631 1012 mrxsmb10 ( LockedFile.Multi.Generic ) - warning
      00:55:31.0631 1012 mrxsmb10 - detected LockedFile.Multi.Generic (1)
      00:55:31.0678 1012 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      00:55:31.0678 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: B81F204D146000BE76651A50670A5E9E
      00:55:31.0682 1012 mrxsmb20 ( LockedFile.Multi.Generic ) - warning
      00:55:31.0682 1012 mrxsmb20 - detected LockedFile.Multi.Generic (1)
      00:55:31.0736 1012 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
      00:55:31.0736 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\msahci.sys. md5: 012C5F4E9349E711E11E0F19A8589F0A
      00:55:31.0741 1012 msahci ( LockedFile.Multi.Generic ) - warning
      00:55:31.0741 1012 msahci - detected LockedFile.Multi.Generic (1)
      00:55:31.0771 1012 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      00:55:31.0772 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\msdsm.sys. md5: 55055F8AD8BE27A64C831322A780A228
      00:55:31.0778 1012 msdsm ( LockedFile.Multi.Generic ) - warning
      00:55:31.0778 1012 msdsm - detected LockedFile.Multi.Generic (1)
      00:55:31.0844 1012 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
      00:55:31.0860 1012 MSDTC - ok
      00:55:31.0930 1012 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
      00:55:31.0930 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: DAEFB28E3AF5A76ABCC2C3078C07327F
      00:55:31.0934 1012 Msfs ( LockedFile.Multi.Generic ) - warning
      00:55:31.0934 1012 Msfs - detected LockedFile.Multi.Generic (1)
      00:55:31.0962 1012 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      00:55:31.0962 1012 Suspicious file (NoAccess): C:\Windows\System32\drivers\mshidkmdf.sys. md5: 3E1E5767043C5AF9367F0056295E9F84
      00:55:31.0966 1012 mshidkmdf ( LockedFile.Multi.Generic ) - warning
      00:55:31.0966 1012 mshidkmdf - detected LockedFile.Multi.Generic (1)
      00:55:32.0001 1012 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      00:55:32.0001 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\msisadrv.sys. md5: 0A4E5757AE09FA9622E3158CC1AEF114
      00:55:32.0006 1012 msisadrv ( LockedFile.Multi.Generic ) - warning
      00:55:32.0006 1012 msisadrv - detected LockedFile.Multi.Generic (1)
      00:55:32.0053 1012 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      00:55:32.0083 1012 MSiSCSI - ok
      00:55:32.0097 1012 msiserver - ok
      00:55:32.0121 1012 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      00:55:32.0121 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: 8C0860D6366AAFFB6C5BB9DF9448E631
      00:55:32.0125 1012 MSKSSRV ( LockedFile.Multi.Generic ) - warning
      00:55:32.0125 1012 MSKSSRV - detected LockedFile.Multi.Generic (1)
      00:55:32.0141 1012 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      00:55:32.0141 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: 3EA8B949F963562CEDBB549EAC0C11CE
      00:55:32.0145 1012 MSPCLOCK ( LockedFile.Multi.Generic ) - warning
      00:55:32.0145 1012 MSPCLOCK - detected LockedFile.Multi.Generic (1)
      00:55:32.0168 1012 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      00:55:32.0169 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: F456E973590D663B1073E9C463B40932
      00:55:32.0173 1012 MSPQM ( LockedFile.Multi.Generic ) - warning
      00:55:32.0173 1012 MSPQM - detected LockedFile.Multi.Generic (1)
      00:55:32.0198 1012 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      00:55:32.0198 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: 0E008FC4819D238C51D7C93E7B41E560
      00:55:32.0202 1012 MsRPC ( LockedFile.Multi.Generic ) - warning
      00:55:32.0202 1012 MsRPC - detected LockedFile.Multi.Generic (1)
      00:55:32.0222 1012 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
      00:55:32.0223 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\mssmbios.sys. md5: FC6B9FF600CC585EA38B12589BD4E246
      00:55:32.0226 1012 mssmbios ( LockedFile.Multi.Generic ) - warning
      00:55:32.0226 1012 mssmbios - detected LockedFile.Multi.Generic (1)
      00:55:32.0256 1012 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      00:55:32.0256 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: B42C6B921F61A6E55159B8BE6CD54A36
      00:55:32.0260 1012 MSTEE ( LockedFile.Multi.Generic ) - warning
      00:55:32.0260 1012 MSTEE - detected LockedFile.Multi.Generic (1)
      00:55:32.0292 1012 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
      00:55:32.0292 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MTConfig.sys. md5: 33599130F44E1F34631CEA241DE8AC84
      00:55:32.0296 1012 MTConfig ( LockedFile.Multi.Generic ) - warning
      00:55:32.0296 1012 MTConfig - detected LockedFile.Multi.Generic (1)
      00:55:32.0334 1012 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
      00:55:32.0335 1012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: 159FAD02F64E6381758C990F753BCC80
      00:55:32.0342 1012 Mup ( LockedFile.Multi.Generic ) - warning
      00:55:32.0343 1012 Mup - detected LockedFile.Multi.Generic (1)
      00:55:32.0409 1012 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
      00:55:32.0442 1012 napagent - ok
      00:55:32.0567 1012 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      00:55:32.0568 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 26384429FCD85D83746F63E798AB1480
      00:55:32.0574 1012 NativeWifiP ( LockedFile.Multi.Generic ) - warning
      00:55:32.0574 1012 NativeWifiP - detected LockedFile.Multi.Generic (1)
      00:55:32.0632 1012 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
      00:55:32.0632 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: E7C54812A2AAF43316EB6930C1FFA108
      00:55:32.0641 1012 NDIS ( LockedFile.Multi.Generic ) - warning
      00:55:32.0642 1012 NDIS - detected LockedFile.Multi.Generic (1)
      00:55:32.0720 1012 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      00:55:32.0720 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiscap.sys. md5: 0E1787AA6C9191D3D319E8BAFE86F80C
      00:55:32.0904 1012 NdisCap ( LockedFile.Multi.Generic ) - warning
      00:55:32.0904 1012 NdisCap - detected LockedFile.Multi.Generic (1)
      00:55:32.0921 1012 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      00:55:32.0921 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: E4A8AEC125A2E43A9E32AFEEA7C9C888
      00:55:32.0927 1012 NdisTapi ( LockedFile.Multi.Generic ) - warning
      00:55:32.0927 1012 NdisTapi - detected LockedFile.Multi.Generic (1)
      00:55:32.0973 1012 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      00:55:32.0973 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: D8A65DAFB3EB41CBB622745676FCD072
      00:55:32.0979 1012 Ndisuio ( LockedFile.Multi.Generic ) - warning
      00:55:32.0979 1012 Ndisuio - detected LockedFile.Multi.Generic (1)
      00:55:33.0029 1012 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      00:55:33.0029 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 38FBE267E7E6983311179230FACB1017
      00:55:33.0037 1012 NdisWan ( LockedFile.Multi.Generic ) - warning
      00:55:33.0037 1012 NdisWan - detected LockedFile.Multi.Generic (1)
      00:55:33.0104 1012 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      00:55:33.0104 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: A4BDC541E69674FBFF1A8FF00BE913F2
      00:55:33.0108 1012 NDProxy ( LockedFile.Multi.Generic ) - warning
      00:55:33.0108 1012 NDProxy - detected LockedFile.Multi.Generic (1)
      00:55:33.0134 1012 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      00:55:33.0134 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: 80B275B1CE3B0E79909DB7B39AF74D51
      00:55:33.0142 1012 NetBIOS ( LockedFile.Multi.Generic ) - warning
      00:55:33.0142 1012 NetBIOS - detected LockedFile.Multi.Generic (1)
      00:55:33.0215 1012 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      00:55:33.0215 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: 280122DDCF04B378EDD1AD54D71C1E54
      00:55:33.0225 1012 NetBT ( LockedFile.Multi.Generic ) - warning
      00:55:33.0225 1012 NetBT - detected LockedFile.Multi.Generic (1)
      00:55:33.0249 1012 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
      00:55:33.0263 1012 Netlogon - ok
      00:55:33.0322 1012 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
      00:55:33.0354 1012 Netman - ok
      00:55:33.0374 1012 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
      00:55:33.0407 1012 netprofm - ok
      00:55:33.0453 1012 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      00:55:33.0465 1012 NetTcpPortSharing - ok
      00:55:33.0617 1012 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
      00:55:33.0617 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netw5v32.sys. md5: 58218EC6B61B1169CF54AAB0D00F5FE2
      00:55:33.0658 1012 netw5v32 ( LockedFile.Multi.Generic ) - warning
      00:55:33.0658 1012 netw5v32 - detected LockedFile.Multi.Generic (1)
      00:55:33.0868 1012 [ 71A154AE95A5C17A51CB414135E92C6B ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
      00:55:33.0960 1012 NETwNs32 - ok
      00:55:34.0017 1012 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
      00:55:34.0017 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nfrd960.sys. md5: 1D85C4B390B0EE09C7A46B91EFB2C097
      00:55:34.0023 1012 nfrd960 ( LockedFile.Multi.Generic ) - warning
      00:55:34.0023 1012 nfrd960 - detected LockedFile.Multi.Generic (1)
      00:55:34.0076 1012 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
      00:55:34.0105 1012 NlaSvc - ok
      00:55:34.0154 1012 [ D21FEE8DB254BA762656878168AC1DB6 ] NPF C:\Windows\system32\drivers\npf.sys
      00:55:34.0154 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\npf.sys. md5: D21FEE8DB254BA762656878168AC1DB6
      00:55:34.0159 1012 NPF ( LockedFile.Multi.Generic ) - warning
      00:55:34.0159 1012 NPF - detected LockedFile.Multi.Generic (1)
      00:55:34.0221 1012 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
      00:55:34.0221 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: 1DB262A9F8C087E8153D89BEF3D2235F
      00:55:34.0227 1012 Npfs ( LockedFile.Multi.Generic ) - warning
      00:55:34.0227 1012 Npfs - detected LockedFile.Multi.Generic (1)
      00:55:34.0268 1012 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
      00:55:34.0297 1012 nsi - ok
      00:55:34.0360 1012 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      00:55:34.0360 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: E9A0A4D07E53D8FEA2BB8387A3293C58
      00:55:34.0370 1012 nsiproxy ( LockedFile.Multi.Generic ) - warning
      00:55:34.0370 1012 nsiproxy - detected LockedFile.Multi.Generic (1)
      00:55:34.0465 1012 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      00:55:34.0465 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: 81189C3D7763838E55C397759D49007A
      00:55:34.0473 1012 Ntfs ( LockedFile.Multi.Generic ) - warning
      00:55:34.0473 1012 Ntfs - detected LockedFile.Multi.Generic (1)
      00:55:34.0553 1012 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys

    6. #6
      Usuario Avatar de 3kantino
      Registrado
      ago 2006
      Ubicación
      españa
      Mensajes
      5

      Re: Error al instalar cualquier antivirus

      00:55:34.0553 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: F9756A98D69098DCA8945D62858A812C
      00:55:34.0557 1012 Null ( LockedFile.Multi.Generic ) - warning
      00:55:34.0557 1012 Null - detected LockedFile.Multi.Generic (1)
      00:55:34.0612 1012 [ 3D7FB57354703809B5F0C23287FAC1D6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
      00:55:34.0613 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvhda32v.sys. md5: 3D7FB57354703809B5F0C23287FAC1D6
      00:55:34.0617 1012 NVHDA ( LockedFile.Multi.Generic ) - warning
      00:55:34.0617 1012 NVHDA - detected LockedFile.Multi.Generic (1)
      00:55:34.0898 1012 [ E891B3979F0CF2740C1B073F834221FE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
      00:55:34.0898 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nvlddmkm.sys. md5: E891B3979F0CF2740C1B073F834221FE
      00:55:34.0935 1012 nvlddmkm ( LockedFile.Multi.Generic ) - warning
      00:55:34.0935 1012 nvlddmkm - detected LockedFile.Multi.Generic (1)
      00:55:34.0977 1012 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
      00:55:34.0977 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvraid.sys. md5: B3E25EE28883877076E0E1FF877D02E0
      00:55:34.0983 1012 nvraid ( LockedFile.Multi.Generic ) - warning
      00:55:34.0983 1012 nvraid - detected LockedFile.Multi.Generic (1)
      00:55:35.0011 1012 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
      00:55:35.0011 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvstor.sys. md5: 4380E59A170D88C4F1022EFF6719A8A4
      00:55:35.0017 1012 nvstor ( LockedFile.Multi.Generic ) - warning
      00:55:35.0018 1012 nvstor - detected LockedFile.Multi.Generic (1)
      00:55:35.0073 1012 [ AE2DE8E165DCB93A66B21748E6F913DF ] nvsvc C:\Windows\system32\nvvsvc.exe
      00:55:35.0098 1012 nvsvc - ok
      00:55:35.0124 1012 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      00:55:35.0125 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\nv_agp.sys. md5: 5A0983915F02BAE73267CC2A041F717D
      00:55:35.0129 1012 nv_agp ( LockedFile.Multi.Generic ) - warning
      00:55:35.0129 1012 nv_agp - detected LockedFile.Multi.Generic (1)
      00:55:35.0243 1012 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      00:55:35.0259 1012 odserv - ok
      00:55:35.0297 1012 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      00:55:35.0298 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\ohci1394.sys. md5: 08A70A1F2CDDE9BB49B885CB817A66EB
      00:55:35.0302 1012 ohci1394 ( LockedFile.Multi.Generic ) - warning
      00:55:35.0302 1012 ohci1394 - detected LockedFile.Multi.Generic (1)
      00:55:35.0353 1012 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      00:55:35.0364 1012 ose - ok
      00:55:35.0535 1012 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      00:55:35.0622 1012 osppsvc - ok
      00:55:35.0705 1012 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      00:55:35.0721 1012 p2pimsvc - ok
      00:55:35.0762 1012 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
      00:55:35.0780 1012 p2psvc - ok
      00:55:35.0835 1012 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      00:55:35.0836 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\parport.sys. md5: 2EA877ED5DD9713C5AC74E8EA7348D14
      00:55:35.0867 1012 Parport ( LockedFile.Multi.Generic ) - warning
      00:55:35.0867 1012 Parport - detected LockedFile.Multi.Generic (1)
      00:55:35.0917 1012 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
      00:55:35.0917 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: 3F34A1B4C5F6475F320C275E63AFCE9B
      00:55:35.0923 1012 partmgr ( LockedFile.Multi.Generic ) - warning
      00:55:35.0923 1012 partmgr - detected LockedFile.Multi.Generic (1)
      00:55:35.0945 1012 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
      00:55:35.0945 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\parvdm.sys. md5: EB0A59F29C19B86479D36B35983DAADC
      00:55:35.0951 1012 Parvdm ( LockedFile.Multi.Generic ) - warning
      00:55:35.0951 1012 Parvdm - detected LockedFile.Multi.Generic (1)
      00:55:35.0988 1012 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
      00:55:36.0006 1012 PcaSvc - ok
      00:55:36.0052 1012 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
      00:55:36.0052 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\pci.sys. md5: 673E55C3498EB970088E812EA820AA8F
      00:55:36.0057 1012 pci ( LockedFile.Multi.Generic ) - warning
      00:55:36.0057 1012 pci - detected LockedFile.Multi.Generic (1)
      00:55:36.0094 1012 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
      00:55:36.0094 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: AFE86F419014DB4E5593F69FFE26CE0A
      00:55:36.0098 1012 pciide ( LockedFile.Multi.Generic ) - warning
      00:55:36.0098 1012 pciide - detected LockedFile.Multi.Generic (1)
      00:55:36.0130 1012 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      00:55:36.0130 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pcmcia.sys. md5: F396431B31693E71E8A80687EF523506
      00:55:36.0134 1012 pcmcia ( LockedFile.Multi.Generic ) - warning
      00:55:36.0134 1012 pcmcia - detected LockedFile.Multi.Generic (1)
      00:55:36.0178 1012 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
      00:55:36.0178 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcw.sys. md5: 250F6B43D2B613172035C6747AEEB19F
      00:55:36.0182 1012 pcw ( LockedFile.Multi.Generic ) - warning
      00:55:36.0182 1012 pcw - detected LockedFile.Multi.Generic (1)
      00:55:36.0240 1012 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      00:55:36.0240 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 9E0104BA49F4E6973749A02BF41344ED
      00:55:36.0248 1012 PEAUTH ( LockedFile.Multi.Generic ) - warning
      00:55:36.0248 1012 PEAUTH - detected LockedFile.Multi.Generic (1)
      00:55:36.0311 1012 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
      00:55:36.0336 1012 PeerDistSvc - ok
      00:55:36.0441 1012 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
      00:55:36.0485 1012 pla - ok
      00:55:36.0545 1012 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      00:55:36.0561 1012 PlugPlay - ok
      00:55:36.0609 1012 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      00:55:36.0623 1012 PNRPAutoReg - ok
      00:55:36.0661 1012 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      00:55:36.0679 1012 PNRPsvc - ok
      00:55:36.0721 1012 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      00:55:36.0751 1012 PolicyAgent - ok
      00:55:36.0813 1012 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
      00:55:36.0841 1012 Power - ok
      00:55:36.0905 1012 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      00:55:36.0906 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: 631E3E205AD6D86F2AED6A4A8E69F2DB
      00:55:36.0934 1012 PptpMiniport ( LockedFile.Multi.Generic ) - warning
      00:55:36.0934 1012 PptpMiniport - detected LockedFile.Multi.Generic (1)
      00:55:36.0961 1012 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
      00:55:36.0961 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\processr.sys. md5: 85B1E3A0C7585BC4AAE6899EC6FCF011
      00:55:36.0965 1012 Processor ( LockedFile.Multi.Generic ) - warning
      00:55:36.0965 1012 Processor - detected LockedFile.Multi.Generic (1)
      00:55:37.0022 1012 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
      00:55:37.0038 1012 ProfSvc - ok
      00:55:37.0063 1012 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
      00:55:37.0077 1012 ProtectedStorage - ok
      00:55:37.0137 1012 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      00:55:37.0138 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: 6270CCAE2A86DE6D146529FE55B3246A
      00:55:37.0144 1012 Psched ( LockedFile.Multi.Generic ) - warning
      00:55:37.0144 1012 Psched - detected LockedFile.Multi.Generic (1)
      00:55:37.0216 1012 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
      00:55:37.0216 1012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\PxHelp20.sys. md5: 40FEDD328F98245AD201CF5F9F311724
      00:55:37.0220 1012 PxHelp20 ( LockedFile.Multi.Generic ) - warning
      00:55:37.0220 1012 PxHelp20 - detected LockedFile.Multi.Generic (1)
      00:55:37.0282 1012 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
      00:55:37.0283 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ql2300.sys. md5: AB95ECF1F6659A60DDC166D8315B0751
      00:55:37.0291 1012 ql2300 ( LockedFile.Multi.Generic ) - warning
      00:55:37.0291 1012 ql2300 - detected LockedFile.Multi.Generic (1)
      00:55:37.0317 1012 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
      00:55:37.0317 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ql40xx.sys. md5: B4DD51DD25182244B86737DC51AF2270
      00:55:37.0323 1012 ql40xx ( LockedFile.Multi.Generic ) - warning
      00:55:37.0323 1012 ql40xx - detected LockedFile.Multi.Generic (1)
      00:55:37.0376 1012 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
      00:55:37.0395 1012 QWAVE - ok
      00:55:37.0423 1012 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      00:55:37.0423 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: 584078CA1B95CA72DF2A27C336F9719D
      00:55:37.0429 1012 QWAVEdrv ( LockedFile.Multi.Generic ) - warning
      00:55:37.0429 1012 QWAVEdrv - detected LockedFile.Multi.Generic (1)
      00:55:37.0456 1012 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      00:55:37.0456 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: 30A81B53C766D0133BB86D234E5556AB
      00:55:37.0465 1012 RasAcd ( LockedFile.Multi.Generic ) - warning
      00:55:37.0465 1012 RasAcd - detected LockedFile.Multi.Generic (1)
      00:55:37.0497 1012 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      00:55:37.0497 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\AgileVpn.sys. md5: 57EC4AEF73660166074D8F7F31C0D4FD
      00:55:37.0501 1012 RasAgileVpn ( LockedFile.Multi.Generic ) - warning
      00:55:37.0501 1012 RasAgileVpn - detected LockedFile.Multi.Generic (1)
      00:55:37.0530 1012 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
      00:55:37.0562 1012 RasAuto - ok
      00:55:37.0594 1012 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      00:55:37.0595 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: D9F91EAFEC2815365CBE6D167E4E332A
      00:55:37.0598 1012 Rasl2tp ( LockedFile.Multi.Generic ) - warning
      00:55:37.0598 1012 Rasl2tp - detected LockedFile.Multi.Generic (1)
      00:55:37.0647 1012 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
      00:55:37.0678 1012 RasMan - ok
      00:55:37.0708 1012 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      00:55:37.0709 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: 0FE8B15916307A6AC12BFB6A63E45507
      00:55:37.0714 1012 RasPppoe ( LockedFile.Multi.Generic ) - warning
      00:55:37.0714 1012 RasPppoe - detected LockedFile.Multi.Generic (1)
      00:55:37.0770 1012 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      00:55:37.0770 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rassstp.sys. md5: 44101F495A83EA6401D886E7FD70096B
      00:55:37.0778 1012 RasSstp ( LockedFile.Multi.Generic ) - warning
      00:55:37.0778 1012 RasSstp - detected LockedFile.Multi.Generic (1)
      00:55:37.0870 1012 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      00:55:37.0870 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: D528BC58A489409BA40334EBF96A311B
      00:55:37.0874 1012 rdbss ( LockedFile.Multi.Generic ) - warning
      00:55:37.0874 1012 rdbss - detected LockedFile.Multi.Generic (1)
      00:55:37.0910 1012 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
      00:55:37.0911 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdpbus.sys. md5: 0D8F05481CB76E70E1DA06EE9F0DA9DF
      00:55:38.0074 1012 rdpbus ( LockedFile.Multi.Generic ) - warning
      00:55:38.0074 1012 rdpbus - detected LockedFile.Multi.Generic (1)
      00:55:38.0366 1012 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      00:55:38.0366 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: 23DAE03F29D253AE74C44F99E515F9A1
      00:55:38.0432 1012 RDPCDD ( LockedFile.Multi.Generic ) - warning
      00:55:38.0432 1012 RDPCDD - detected LockedFile.Multi.Generic (1)
      00:55:38.0510 1012 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
      00:55:38.0510 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpdr.sys. md5: B973FCFC50DC1434E1970A146F7E3885
      00:55:38.0514 1012 RDPDR ( LockedFile.Multi.Generic ) - warning
      00:55:38.0514 1012 RDPDR - detected LockedFile.Multi.Generic (1)
      00:55:38.0601 1012 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      00:55:38.0601 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: 5A53CA1598DD4156D44196D200C94B8A
      00:55:38.0609 1012 RDPENCDD ( LockedFile.Multi.Generic ) - warning
      00:55:38.0609 1012 RDPENCDD - detected LockedFile.Multi.Generic (1)
      00:55:38.0678 1012 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      00:55:38.0679 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdprefmp.sys. md5: 44B0A53CD4F27D50ED461DAE0C0B4E1F
      00:55:38.0689 1012 RDPREFMP ( LockedFile.Multi.Generic ) - warning
      00:55:38.0689 1012 RDPREFMP - detected LockedFile.Multi.Generic (1)
      00:55:38.0818 1012 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
      00:55:38.0818 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpvideominiport.sys. md5: 68A0387F58E226DEEE23D9715955572A
      00:55:38.0824 1012 RdpVideoMiniport ( LockedFile.Multi.Generic ) - warning
      00:55:38.0824 1012 RdpVideoMiniport - detected LockedFile.Multi.Generic (1)
      00:55:38.0980 1012 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      00:55:38.0981 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: F031683E6D1FEA157ABB2FF260B51E61
      00:55:38.0985 1012 RDPWD ( LockedFile.Multi.Generic ) - warning
      00:55:38.0985 1012 RDPWD - detected LockedFile.Multi.Generic (1)
      00:55:39.0119 1012 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      00:55:39.0119 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdyboost.sys. md5: 518395321DC96FE2C9F0E96AC743B656
      00:55:39.0130 1012 rdyboost ( LockedFile.Multi.Generic ) - warning
      00:55:39.0130 1012 rdyboost - detected LockedFile.Multi.Generic (1)
      00:55:39.0183 1012 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
      00:55:39.0211 1012 RemoteAccess - ok
      00:55:39.0260 1012 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      00:55:39.0294 1012 RemoteRegistry - ok
      00:55:39.0367 1012 [ 67C607857CCD6EBFFE768DAD5B2CA239 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
      00:55:39.0371 1012 rpcapd ( UnsignedFile.Multi.Generic ) - warning
      00:55:39.0371 1012 rpcapd - detected UnsignedFile.Multi.Generic (1)
      00:55:39.0404 1012 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      00:55:39.0434 1012 RpcEptMapper - ok
      00:55:39.0473 1012 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
      00:55:39.0488 1012 RpcLocator - ok
      00:55:39.0526 1012 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
      00:55:39.0561 1012 RpcSs - ok
      00:55:39.0663 1012 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      00:55:39.0663 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rspndr.sys. md5: 032B0D36AD92B582D869879F5AF5B928
      00:55:39.0693 1012 rspndr ( LockedFile.Multi.Generic ) - warning
      00:55:39.0693 1012 rspndr - detected LockedFile.Multi.Generic (1)
      00:55:39.0726 1012 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
      00:55:39.0726 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\vms3cap.sys. md5: 7FA7F2E249A5DCBB7970630E15E1F482
      00:55:39.0732 1012 s3cap ( LockedFile.Multi.Generic ) - warning
      00:55:39.0732 1012 s3cap - detected LockedFile.Multi.Generic (1)
      00:55:39.0765 1012 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
      00:55:39.0778 1012 SamSs - ok
      00:55:39.0817 1012 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      00:55:39.0817 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\sbp2port.sys. md5: 05D860DA1040F111503AC416CCEF2BCA
      00:55:39.0821 1012 sbp2port ( LockedFile.Multi.Generic ) - warning
      00:55:39.0821 1012 sbp2port - detected LockedFile.Multi.Generic (1)
      00:55:39.0875 1012 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
      00:55:39.0905 1012 SCardSvr - ok
      00:55:39.0940 1012 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      00:55:39.0940 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\scfilter.sys. md5: 0693B5EC673E34DC147E195779A4DCF6
      00:55:39.0947 1012 scfilter ( LockedFile.Multi.Generic ) - warning
      00:55:39.0947 1012 scfilter - detected LockedFile.Multi.Generic (1)
      00:55:40.0059 1012 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
      00:55:40.0095 1012 Schedule - ok
      00:55:40.0184 1012 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
      00:55:40.0210 1012 SCPolicySvc - ok
      00:55:40.0287 1012 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
      00:55:40.0287 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\sdbus.sys. md5: 0328BE1C7F1CBA23848179F8762E391C
      00:55:40.0340 1012 sdbus ( LockedFile.Multi.Generic ) - warning
      00:55:40.0340 1012 sdbus - detected LockedFile.Multi.Generic (1)
      00:55:40.0404 1012 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      00:55:40.0419 1012 SDRSVC - ok
      00:55:40.0629 1012 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      00:55:40.0629 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\secdrv.sys. md5: 90A3935D05B494A5A39D37E71F09A677
      00:55:40.0671 1012 secdrv ( LockedFile.Multi.Generic ) - warning
      00:55:40.0671 1012 secdrv - detected LockedFile.Multi.Generic (1)
      00:55:40.0772 1012 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
      00:55:40.0800 1012 seclogon - ok
      00:55:40.0898 1012 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
      00:55:40.0927 1012 SENS - ok
      00:55:41.0005 1012 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
      00:55:41.0019 1012 SensrSvc - ok
      00:55:41.0099 1012 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      00:55:41.0099 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serenum.sys. md5: 9AD8B8B515E3DF6ACD4212EF465DE2D1
      00:55:41.0148 1012 Serenum ( LockedFile.Multi.Generic ) - warning
      00:55:41.0148 1012 Serenum - detected LockedFile.Multi.Generic (1)
      00:55:41.0230 1012 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      00:55:41.0230 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serial.sys. md5: 5FB7FCEA0490D821F26F39CC5EA3D1E2
      00:55:41.0234 1012 Serial ( LockedFile.Multi.Generic ) - warning
      00:55:41.0234 1012 Serial - detected LockedFile.Multi.Generic (1)
      00:55:41.0297 1012 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
      00:55:41.0298 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sermouse.sys. md5: 79BFFB520327FF916A582DFEA17AA813
      00:55:41.0302 1012 sermouse ( LockedFile.Multi.Generic ) - warning
      00:55:41.0302 1012 sermouse - detected LockedFile.Multi.Generic (1)
      00:55:41.0436 1012 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
      00:55:41.0464 1012 SessionEnv - ok
      00:55:41.0632 1012 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      00:55:41.0632 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffdisk.sys. md5: 9F976E1EB233DF46FCE808D9DEA3EB9C
      00:55:41.0682 1012 sffdisk ( LockedFile.Multi.Generic ) - warning
      00:55:41.0682 1012 sffdisk - detected LockedFile.Multi.Generic (1)
      00:55:41.0696 1012 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      00:55:41.0696 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_mmc.sys. md5: 932A68EE27833CFD57C1639D375F2731
      00:55:41.0701 1012 sffp_mmc ( LockedFile.Multi.Generic ) - warning
      00:55:41.0701 1012 sffp_mmc - detected LockedFile.Multi.Generic (1)
      00:55:41.0750 1012 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      00:55:41.0751 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_sd.sys. md5: 6D4CCAEDC018F1CF52866BBBAA235982
      00:55:41.0757 1012 sffp_sd ( LockedFile.Multi.Generic ) - warning
      00:55:41.0757 1012 sffp_sd - detected LockedFile.Multi.Generic (1)
      00:55:41.0839 1012 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      00:55:41.0840 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sfloppy.sys. md5: DB96666CC8312EBC45032F30B007A547
      00:55:41.0844 1012 sfloppy ( LockedFile.Multi.Generic ) - warning
      00:55:41.0844 1012 sfloppy - detected LockedFile.Multi.Generic (1)
      00:55:42.0006 1012 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
      00:55:42.0041 1012 SharedAccess - ok
      00:55:42.0128 1012 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      00:55:42.0158 1012 ShellHWDetection - ok
      00:55:42.0246 1012 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
      00:55:42.0247 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisagp.sys. md5: 2565CAC0DC9FE0371BDCE60832582B2E
      00:55:42.0270 1012 sisagp ( LockedFile.Multi.Generic ) - warning
      00:55:42.0271 1012 sisagp - detected LockedFile.Multi.Generic (1)
      00:55:42.0354 1012 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
      00:55:42.0354 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SiSRaid2.sys. md5: A9F0486851BECB6DDA1D89D381E71055
      00:55:42.0361 1012 SiSRaid2 ( LockedFile.Multi.Generic ) - warning
      00:55:42.0361 1012 SiSRaid2 - detected LockedFile.Multi.Generic (1)
      00:55:42.0402 1012 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
      00:55:42.0403 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sisraid4.sys. md5: 3727097B55738E2F554972C3BE5BC1AA
      00:55:42.0409 1012 SiSRaid4 ( LockedFile.Multi.Generic ) - warning
      00:55:42.0409 1012 SiSRaid4 - detected LockedFile.Multi.Generic (1)
      00:55:42.0491 1012 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
      00:55:42.0491 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: 3E21C083B8A01CB70BA1F09303010FCE
      00:55:42.0497 1012 Smb ( LockedFile.Multi.Generic ) - warning
      00:55:42.0497 1012 Smb - detected LockedFile.Multi.Generic (1)
      00:55:42.0619 1012 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      00:55:42.0635 1012 SNMPTRAP - ok
      00:55:42.0873 1012 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
      00:55:42.0873 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: 95CF1AE7527FB70F7816563CBC09D942
      00:55:43.0187 1012 spldr ( LockedFile.Multi.Generic ) - warning
      00:55:43.0188 1012 spldr - detected LockedFile.Multi.Generic (1)
      00:55:43.0373 1012 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
      00:55:43.0390 1012 Spooler - ok
      00:55:43.0796 1012 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
      00:55:43.0864 1012 sppsvc - ok
      00:55:43.0916 1012 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      00:55:43.0944 1012 sppuinotify - ok
      00:55:44.0025 1012 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
      00:55:44.0026 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: E4C2764065D66EA1D2D3EBC28FE99C46
      00:55:44.0061 1012 srv ( LockedFile.Multi.Generic ) - warning
      00:55:44.0062 1012 srv - detected LockedFile.Multi.Generic (1)
      00:55:44.0121 1012 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      00:55:44.0122 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: 03F0545BD8D4C77FA0AE1CEEDFCC71AB
      00:55:44.0126 1012 srv2 ( LockedFile.Multi.Generic ) - warning
      00:55:44.0126 1012 srv2 - detected LockedFile.Multi.Generic (1)
      00:55:44.0179 1012 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      00:55:44.0179 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: BE6BD660CAA6F291AE06A718A4FA8ABC
      00:55:44.0183 1012 srvnet ( LockedFile.Multi.Generic ) - warning
      00:55:44.0183 1012 srvnet - detected LockedFile.Multi.Generic (1)
      00:55:44.0235 1012 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      00:55:44.0266 1012 SSDPSRV - ok
      00:55:44.0299 1012 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
      00:55:44.0393 1012 SstpSvc - ok
      00:55:44.0453 1012 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
      00:55:44.0453 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\stexstor.sys. md5: DB32D325C192B801DF274BFD12A7E72B
      00:55:44.0508 1012 stexstor ( LockedFile.Multi.Generic ) - warning
      00:55:44.0508 1012 stexstor - detected LockedFile.Multi.Generic (1)
      00:55:44.0575 1012 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
      00:55:44.0599 1012 StiSvc - ok
      00:55:44.0725 1012 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
      00:55:44.0725 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\vmstorfl.sys. md5: 472AF0311073DCECEAA8FA18BA2BDF89
      00:55:44.0729 1012 storflt ( LockedFile.Multi.Generic ) - warning
      00:55:44.0729 1012 storflt - detected LockedFile.Multi.Generic (1)
      00:55:44.0774 1012 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
      00:55:44.0774 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\storvsc.sys. md5: DCAFFD62259E0BDB433DD67B5BB37619
      00:55:44.0778 1012 storvsc ( LockedFile.Multi.Generic ) - warning
      00:55:44.0778 1012 storvsc - detected LockedFile.Multi.Generic (1)
      00:55:44.0935 1012 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
      00:55:44.0936 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\swenum.sys. md5: E58C78A848ADD9610A4DB6D214AF5224
      00:55:44.0941 1012 swenum ( LockedFile.Multi.Generic ) - warning
      00:55:44.0941 1012 swenum - detected LockedFile.Multi.Generic (1)
      00:55:45.0136 1012 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      00:55:45.0162 1012 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
      00:55:45.0162 1012 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
      00:55:45.0224 1012 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
      00:55:45.0259 1012 swprv - ok
      00:55:45.0276 1012 Synth3dVsc - ok
      00:55:45.0380 1012 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
      00:55:45.0411 1012 SysMain - ok
      00:55:45.0509 1012 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
      00:55:45.0528 1012 TabletInputService - ok
      00:55:45.0613 1012 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
      00:55:45.0645 1012 TapiSrv - ok
      00:55:45.0739 1012 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
      00:55:45.0768 1012 TBS - ok
      00:55:45.0867 1012 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      00:55:45.0867 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: 7FA2E0F8B072BD04B77B421480B6CC22
      00:55:45.0959 1012 Tcpip ( LockedFile.Multi.Generic ) - warning
      00:55:45.0959 1012 Tcpip - detected LockedFile.Multi.Generic (1)
      00:55:46.0017 1012 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      00:55:46.0018 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: 7FA2E0F8B072BD04B77B421480B6CC22
      00:55:46.0028 1012 TCPIP6 ( LockedFile.Multi.Generic ) - warning
      00:55:46.0028 1012 TCPIP6 - detected LockedFile.Multi.Generic (1)
      00:55:46.0152 1012 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      00:55:46.0152 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: CCA24162E055C3714CE5A88B100C64ED
      00:55:46.0157 1012 tcpipreg ( LockedFile.Multi.Generic ) - warning
      00:55:46.0157 1012 tcpipreg - detected LockedFile.Multi.Generic (1)
      00:55:46.0285 1012 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      00:55:46.0286 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 1CB91B2BD8F6DD367DFC2EF26FD751B2
      00:55:46.0290 1012 TDPIPE ( LockedFile.Multi.Generic ) - warning
      00:55:46.0290 1012 TDPIPE - detected LockedFile.Multi.Generic (1)
      00:55:46.0304 1012 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      00:55:46.0304 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 2C2C5AFE7EE4F620D69C23C0617651A8
      00:55:46.0308 1012 TDTCP ( LockedFile.Multi.Generic ) - warning
      00:55:46.0308 1012 TDTCP - detected LockedFile.Multi.Generic (1)
      00:55:46.0398 1012 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      00:55:46.0398 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: B459575348C20E8121D6039DA063C704
      00:55:46.0404 1012 tdx ( LockedFile.Multi.Generic ) - warning
      00:55:46.0404 1012 tdx - detected LockedFile.Multi.Generic (1)
      00:55:46.0494 1012 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
      00:55:46.0494 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\termdd.sys. md5: 04DBF4B01EA4BF25A9A3E84AFFAC9B20
      00:55:46.0498 1012 TermDD ( LockedFile.Multi.Generic ) - warning
      00:55:46.0498 1012 TermDD - detected LockedFile.Multi.Generic (1)
      00:55:46.0566 1012 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
      00:55:46.0606 1012 TermService - ok
      00:55:46.0660 1012 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
      00:55:46.0680 1012 Themes - ok
      00:55:46.0713 1012 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
      00:55:46.0743 1012 THREADORDER - ok
      00:55:46.0774 1012 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
      00:55:46.0805 1012 TrkWks - ok
      00:55:46.0951 1012 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      00:55:46.0979 1012 TrustedInstaller - ok
      00:55:47.0041 1012 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      00:55:47.0041 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: 254BB140EEE3C59D6114C1A86B636877
      00:55:47.0074 1012 tssecsrv ( LockedFile.Multi.Generic ) - warning
      00:55:47.0074 1012 tssecsrv - detected LockedFile.Multi.Generic (1)
      00:55:47.0115 1012 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
      00:55:47.0115 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\tsusbflt.sys. md5: FD1D6C73E6333BE727CBCC6054247654
      00:55:47.0119 1012 TsUsbFlt ( LockedFile.Multi.Generic ) - warning
      00:55:47.0119 1012 TsUsbFlt - detected LockedFile.Multi.Generic (1)
      00:55:47.0133 1012 tsusbhub - ok
      00:55:47.0203 1012 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      00:55:47.0203 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: B2FA25D9B17A68BB93D58B0556E8C90D
      00:55:47.0208 1012 tunnel ( LockedFile.Multi.Generic ) - warning
      00:55:47.0208 1012 tunnel - detected LockedFile.Multi.Generic (1)
      00:55:47.0244 1012 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
      00:55:47.0244 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\uagp35.sys. md5: 750FBCB269F4D7DD2E420C56B795DB6D
      00:55:47.0250 1012 uagp35 ( LockedFile.Multi.Generic ) - warning
      00:55:47.0250 1012 uagp35 - detected LockedFile.Multi.Generic (1)
      00:55:47.0298 1012 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      00:55:47.0298 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: EE43346C7E4B5E63E54F927BABBB32FF
      00:55:47.0302 1012 udfs ( LockedFile.Multi.Generic ) - warning
      00:55:47.0302 1012 udfs - detected LockedFile.Multi.Generic (1)
      00:55:47.0359 1012 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      00:55:47.0377 1012 UI0Detect - ok
      00:55:47.0415 1012 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      00:55:47.0415 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliagpkx.sys. md5: 44E8048ACE47BEFBFDC2E9BE4CBC8880
      00:55:47.0419 1012 uliagpkx ( LockedFile.Multi.Generic ) - warning
      00:55:47.0419 1012 uliagpkx - detected LockedFile.Multi.Generic (1)
      00:55:47.0464 1012 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
      00:55:47.0465 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\umbus.sys. md5: D295BED4B898F0FD999FCFA9B32B071B
      00:55:47.0469 1012 umbus ( LockedFile.Multi.Generic ) - warning
      00:55:47.0469 1012 umbus - detected LockedFile.Multi.Generic (1)
      00:55:47.0501 1012 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
      00:55:47.0501 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umpass.sys. md5: 7550AD0C6998BA1CB4843E920EE0FEAC
      00:55:47.0505 1012 UmPass ( LockedFile.Multi.Generic ) - warning
      00:55:47.0505 1012 UmPass - detected LockedFile.Multi.Generic (1)
      00:55:47.0547 1012 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
      00:55:47.0564 1012 UmRdpService - ok
      00:55:47.0603 1012 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
      00:55:47.0635 1012 upnphost - ok
      00:55:47.0709 1012 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      00:55:47.0710 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: BD9C55D7023C5DE374507ACC7A14E2AC
      00:55:47.0714 1012 usbccgp ( LockedFile.Multi.Generic ) - warning
      00:55:47.0714 1012 usbccgp - detected LockedFile.Multi.Generic (1)
      00:55:47.0755 1012 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      00:55:47.0756 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: 04EC7CEC62EC3B6D9354EEE93327FC82
      00:55:47.0764 1012 usbcir ( LockedFile.Multi.Generic ) - warning
      00:55:47.0764 1012 usbcir - detected LockedFile.Multi.Generic (1)
      00:55:47.0787 1012 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      00:55:47.0787 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbehci.sys. md5: F92DE757E4B7CE9C07C5E65423F3AE3B
      00:55:47.0792 1012 usbehci ( LockedFile.Multi.Generic ) - warning
      00:55:47.0792 1012 usbehci - detected LockedFile.Multi.Generic (1)
      00:55:47.0842 1012 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      00:55:47.0842 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: 8DC94AEC6A7E644A06135AE7506DC2E9
      00:55:47.0850 1012 usbhub ( LockedFile.Multi.Generic ) - warning
      00:55:47.0850 1012 usbhub - detected LockedFile.Multi.Generic (1)
      00:55:47.0894 1012 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
      00:55:47.0894 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbohci.sys. md5: E185D44FAC515A18D9DEDDC23C2CDF44
      00:55:47.0898 1012 usbohci ( LockedFile.Multi.Generic ) - warning
      00:55:47.0898 1012 usbohci - detected LockedFile.Multi.Generic (1)
      00:55:47.0933 1012 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      00:55:47.0933 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: 797D862FE0875E75C7CC4C1AD7B30252
      00:55:47.0937 1012 usbprint ( LockedFile.Multi.Generic ) - warning
      00:55:47.0937 1012 usbprint - detected LockedFile.Multi.Generic (1)
      00:55:47.0981 1012 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      00:55:47.0982 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: F991AB9CC6B908DB552166768176896A
      00:55:47.0986 1012 USBSTOR ( LockedFile.Multi.Generic ) - warning
      00:55:47.0986 1012 USBSTOR - detected LockedFile.Multi.Generic (1)
      00:55:48.0054 1012 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
      00:55:48.0055 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbuhci.sys. md5: 68DF884CF41CDADA664BEB01DAF67E3D
      00:55:48.0059 1012 usbuhci ( LockedFile.Multi.Generic ) - warning
      00:55:48.0059 1012 usbuhci - detected LockedFile.Multi.Generic (1)
      00:55:48.0134 1012 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
      00:55:48.0135 1012 Suspicious file (NoAccess): C:\Windows\System32\Drivers\usbvideo.sys. md5: 45F4E7BF43DB40A6C6B4D92C76CBC3F2
      00:55:48.0139 1012 usbvideo ( LockedFile.Multi.Generic ) - warning
      00:55:48.0139 1012 usbvideo - detected LockedFile.Multi.Generic (1)
      00:55:48.0198 1012 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
      00:55:48.0225 1012 UxSms - ok
      00:55:48.0249 1012 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
      00:55:48.0262 1012 VaultSvc - ok
      00:55:48.0282 1012 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
      00:55:48.0282 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\vdrvroot.sys. md5: A059C4C3EDB09E07D21A8E5C0AABD3CB
      00:55:48.0286 1012 vdrvroot ( LockedFile.Multi.Generic ) - warning
      00:55:48.0286 1012 vdrvroot - detected LockedFile.Multi.Generic (1)
      00:55:48.0338 1012 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
      00:55:48.0370 1012 vds - ok
      00:55:48.0416 1012 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      00:55:48.0416 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: 17C408214EA61696CEC9C66E388B14F3
      00:55:48.0424 1012 vga ( LockedFile.Multi.Generic ) - warning
      00:55:48.0424 1012 vga - detected LockedFile.Multi.Generic (1)
      00:55:48.0467 1012 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
      00:55:48.0468 1012 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 8E38096AD5C8570A6F1570A61E251561
      00:55:48.0476 1012 VgaSave ( LockedFile.Multi.Generic ) - warning
      00:55:48.0476 1012 VgaSave - detected LockedFile.Multi.Generic (1)
      00:55:48.0489 1012 VGPU - ok
      00:55:48.0541 1012 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
      00:55:48.0542 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\vhdmp.sys. md5: 5461686CCA2FDA57B024547733AB42E3
      00:55:48.0548 1012 vhdmp ( LockedFile.Multi.Generic ) - warning
      00:55:48.0548 1012 vhdmp - detected LockedFile.Multi.Generic (1)
      00:55:48.0577 1012 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
      00:55:48.0577 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaagp.sys. md5: C829317A37B4BEA8F39735D4B076E923
      00:55:48.0581 1012 viaagp ( LockedFile.Multi.Generic ) - warning
      00:55:48.0581 1012 viaagp - detected LockedFile.Multi.Generic (1)
      00:55:48.0608 1012 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
      00:55:48.0608 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\viac7.sys. md5: E02F079A6AA107F06B16549C6E5C7B74
      00:55:48.0613 1012 ViaC7 ( LockedFile.Multi.Generic ) - warning
      00:55:48.0613 1012 ViaC7 - detected LockedFile.Multi.Generic (1)
      00:55:48.0674 1012 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
      00:55:48.0674 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: E43574F6A56A0EE11809B48C09E4FD3C
      00:55:48.0821 1012 viaide ( LockedFile.Multi.Generic ) - warning
      00:55:48.0821 1012 viaide - detected LockedFile.Multi.Generic (1)
      00:55:48.0861 1012 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
      00:55:48.0862 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\vmbus.sys. md5: C2F2911156FDC7817C52829C86DA494E
      00:55:48.0866 1012 vmbus ( LockedFile.Multi.Generic ) - warning
      00:55:48.0866 1012 vmbus - detected LockedFile.Multi.Generic (1)
      00:55:48.0906 1012 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
      00:55:48.0906 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\VMBusHID.sys. md5: D4D77455211E204F370D08F4963063CE
      00:55:48.0910 1012 VMBusHID ( LockedFile.Multi.Generic ) - warning
      00:55:48.0911 1012 VMBusHID - detected LockedFile.Multi.Generic (1)
      00:55:48.0943 1012 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      00:55:48.0944 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: 4C63E00F2F4B5F86AB48A58CD990F212
      00:55:48.0948 1012 volmgr ( LockedFile.Multi.Generic ) - warning
      00:55:48.0948 1012 volmgr - detected LockedFile.Multi.Generic (1)
      00:55:48.0978 1012 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      00:55:48.0979 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: B5BB72067DDDDBBFB04B2F89FF8C3C87
      00:55:48.0983 1012 volmgrx ( LockedFile.Multi.Generic ) - warning
      00:55:48.0983 1012 volmgrx - detected LockedFile.Multi.Generic (1)
      00:55:49.0008 1012 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      00:55:49.0008 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: F497F67932C6FA693D7DE2780631CFE7
      00:55:49.0012 1012 volsnap ( LockedFile.Multi.Generic ) - warning
      00:55:49.0013 1012 volsnap - detected LockedFile.Multi.Generic (1)
      00:55:49.0039 1012 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
      00:55:49.0039 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vsmraid.sys. md5: 9DFA0CC2F8855A04816729651175B631
      00:55:49.0053 1012 vsmraid ( LockedFile.Multi.Generic ) - warning
      00:55:49.0053 1012 vsmraid - detected LockedFile.Multi.Generic (1)
      00:55:49.0129 1012 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
      00:55:49.0167 1012 VSS - ok
      00:55:49.0232 1012 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      00:55:49.0233 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 90567B1E658001E79D7C8BBD3DDE5AA6
      00:55:49.0237 1012 vwifibus ( LockedFile.Multi.Generic ) - warning
      00:55:49.0237 1012 vwifibus - detected LockedFile.Multi.Generic (1)
      00:55:49.0266 1012 [ 7090D3436EEB4E7DA3373090A23448F7 ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
      00:55:49.0266 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 7090D3436EEB4E7DA3373090A23448F7
      00:55:49.0272 1012 VWiFiFlt ( LockedFile.Multi.Generic ) - warning
      00:55:49.0272 1012 VWiFiFlt - detected LockedFile.Multi.Generic (1)
      00:55:49.0327 1012 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
      00:55:49.0359 1012 W32Time - ok
      00:55:49.0405 1012 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
      00:55:49.0406 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wacompen.sys. md5: DE3721E89C653AA281428C8A69745D90
      00:55:49.0410 1012 WacomPen ( LockedFile.Multi.Generic ) - warning
      00:55:49.0410 1012 WacomPen - detected LockedFile.Multi.Generic (1)
      00:55:49.0460 1012 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      00:55:49.0460 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E
      00:55:49.0466 1012 WANARP ( LockedFile.Multi.Generic ) - warning
      00:55:49.0466 1012 WANARP - detected LockedFile.Multi.Generic (1)
      00:55:49.0478 1012 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      00:55:49.0478 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E
      00:55:49.0484 1012 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
      00:55:49.0484 1012 Wanarpv6 - detected LockedFile.Multi.Generic (1)
      00:55:49.0567 1012 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
      00:55:49.0601 1012 WatAdminSvc - ok
      00:55:49.0659 1012 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
      00:55:49.0687 1012 wbengine - ok
      00:55:49.0721 1012 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      00:55:49.0741 1012 WbioSrvc - ok
      00:55:49.0799 1012 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
      00:55:49.0820 1012 wcncsvc - ok
      00:55:49.0891 1012 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      00:55:49.0906 1012 WcsPlugInService - ok
      00:55:49.0955 1012 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
      00:55:49.0955 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wd.sys. md5: 1112A9BADACB47B7C0BB0392E3158DFF
      00:55:49.0988 1012 Wd ( LockedFile.Multi.Generic ) - warning
      00:55:49.0988 1012 Wd - detected LockedFile.Multi.Generic (1)
      00:55:50.0052 1012 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      00:55:50.0053 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 9950E3D0F08141C7E89E64456AE7DC73
      00:55:50.0057 1012 Wdf01000 ( LockedFile.Multi.Generic ) - warning
      00:55:50.0057 1012 Wdf01000 - detected LockedFile.Multi.Generic (1)
      00:55:50.0081 1012 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
      00:55:50.0100 1012 WdiServiceHost - ok
      00:55:50.0120 1012 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
      00:55:50.0138 1012 WdiSystemHost - ok
      00:55:50.0196 1012 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
      00:55:50.0217 1012 WebClient - ok
      00:55:50.0264 1012 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
      00:55:50.0295 1012 Wecsvc - ok
      00:55:50.0328 1012 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
      00:55:50.0358 1012 wercplsupport - ok
      00:55:50.0390 1012 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
      00:55:50.0423 1012 WerSvc - ok
      00:55:50.0496 1012 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      00:55:50.0497 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 8B9A943F3B53861F2BFAF6C186168F79
      00:55:50.0523 1012 WfpLwf ( LockedFile.Multi.Generic ) - warning
      00:55:50.0523 1012 WfpLwf - detected LockedFile.Multi.Generic (1)
      00:55:50.0572 1012 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      00:55:50.0572 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\wimmount.sys. md5: 5CF95B35E59E2A38023836FFF31BE64C
      00:55:50.0578 1012 WIMMount ( LockedFile.Multi.Generic ) - warning
      00:55:50.0578 1012 WIMMount - detected LockedFile.Multi.Generic (1)
      00:55:50.0738 1012 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
      00:55:50.0761 1012 WinDefend - ok
      00:55:50.0784 1012 WinHttpAutoProxySvc - ok
      00:55:50.0868 1012 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      00:55:50.0896 1012 Winmgmt - ok
      00:55:50.0964 1012 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
      00:55:51.0004 1012 WinRM - ok
      00:55:51.0072 1012 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
      00:55:51.0072 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WinUsb.sys. md5: A67E5F9A400F3BD1BE3D80613B45F708
      00:55:51.0099 1012 WinUsb ( LockedFile.Multi.Generic ) - warning
      00:55:51.0100 1012 WinUsb - detected LockedFile.Multi.Generic (1)
      00:55:51.0163 1012 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
      00:55:51.0192 1012 Wlansvc - ok
      00:55:51.0282 1012 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      00:55:51.0282 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\wmiacpi.sys. md5: 0217679B8FCA58714C3BF2726D2CA84E
      00:55:51.0286 1012 WmiAcpi ( LockedFile.Multi.Generic ) - warning
      00:55:51.0286 1012 WmiAcpi - detected LockedFile.Multi.Generic (1)
      00:55:51.0336 1012 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      00:55:51.0350 1012 wmiApSrv - ok
      00:55:51.0463 1012 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      00:55:51.0513 1012 WMPNetworkSvc - ok
      00:55:51.0575 1012 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
      00:55:51.0590 1012 WPCSvc - ok
      00:55:51.0635 1012 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      00:55:51.0651 1012 WPDBusEnum - ok
      00:55:51.0713 1012 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

    7. #7
      Usuario Avatar de 3kantino
      Registrado
      ago 2006
      Ubicación
      españa
      Mensajes
      5

      Re: Error al instalar cualquier antivirus

      00:55:51.0714 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6DB3276587B853BF886B69528FDB048C
      00:55:51.0746 1012 ws2ifsl ( LockedFile.Multi.Generic ) - warning
      00:55:51.0746 1012 ws2ifsl - detected LockedFile.Multi.Generic (1)
      00:55:51.0807 1012 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
      00:55:51.0829 1012 wscsvc - ok
      00:55:51.0844 1012 WSearch - ok
      00:55:51.0983 1012 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
      00:55:52.0027 1012 wuauserv - ok
      00:55:52.0105 1012 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      00:55:52.0106 1012 Suspicious file (NoAccess): C:\Windows\system32\drivers\WudfPf.sys. md5: E714A1C0354636837E20CCBF00888EE7
      00:55:52.0133 1012 WudfPf ( LockedFile.Multi.Generic ) - warning
      00:55:52.0133 1012 WudfPf - detected LockedFile.Multi.Generic (1)
      00:55:52.0189 1012 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      00:55:52.0190 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 1023EE888C9B47178C5293ED5336AB69
      00:55:52.0194 1012 WUDFRd ( LockedFile.Multi.Generic ) - warning
      00:55:52.0194 1012 WUDFRd - detected LockedFile.Multi.Generic (1)
      00:55:52.0254 1012 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      00:55:52.0286 1012 wudfsvc - ok
      00:55:52.0347 1012 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
      00:55:52.0368 1012 WwanSvc - ok
      00:55:52.0605 1012 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
      00:55:52.0605 1012 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\yk62x86.sys. md5: B07C5B7EFDF936FF93D4F540938725BE
      00:55:52.0884 1012 yukonw7 ( LockedFile.Multi.Generic ) - warning
      00:55:52.0884 1012 yukonw7 - detected LockedFile.Multi.Generic (1)
      00:55:53.0083 1012 ================ Scan global ===============================
      00:55:53.0474 1012 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
      00:55:53.0615 1012 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
      00:55:53.0624 1012 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
      00:55:53.0699 1012 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
      00:55:53.0771 1012 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
      00:55:53.0774 1012 [Global] - ok
      00:55:53.0775 1012 ================ Scan MBR ==================================
      00:55:53.0797 1012 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      00:55:56.0638 1012 \Device\Harddisk0\DR0 - ok
      00:55:56.0638 1012 ================ Scan VBR ==================================
      00:55:56.0666 1012 [ E6FFFECFD71791E6BD6D407801FA6A67 ] \Device\Harddisk0\DR0\Partition1
      00:55:56.0668 1012 \Device\Harddisk0\DR0\Partition1 - ok
      00:55:56.0745 1012 [ 3D11C63A69F3CC196C86F6322CAD5DFB ] \Device\Harddisk0\DR0\Partition2
      00:55:56.0747 1012 \Device\Harddisk0\DR0\Partition2 - ok
      00:55:56.0747 1012 ============================================================
      00:55:56.0747 1012 Scan finished
      00:55:56.0748 1012 ============================================================
      00:55:56.0749 2544 Detected object count: 221
      00:55:56.0749 2544 Actual detected object count: 221
      00:58:31.0967 2544 1394ohci ( UnsignedFile.Multi.Generic ) - skipped by user
      00:58:31.0967 2544 1394ohci ( UnsignedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0967 2544 cdrom ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0967 2544 cdrom ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0967 2544 circlass ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0967 2544 circlass ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0968 2544 CLFS ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0968 2544 CLFS ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0968 2544 CmBatt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0968 2544 CmBatt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0968 2544 cmdide ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0968 2544 cmdide ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0969 2544 CNG ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0969 2544 CNG ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0969 2544 Compbatt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0969 2544 Compbatt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0969 2544 CompositeBus ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0969 2544 CompositeBus ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0969 2544 crcdisk ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0969 2544 crcdisk ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0970 2544 CSC ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0970 2544 CSC ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0970 2544 DfsC ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0970 2544 DfsC ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0970 2544 discache ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0971 2544 discache ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0971 2544 Disk ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0971 2544 Disk ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0971 2544 drmkaud ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0971 2544 drmkaud ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:31.0972 2544 DXGKrnl ( LockedFile.Multi.Generic ) - skipped by user
      00:58:31.0972 2544 DXGKrnl ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0039 2544 C:\Windows\System32\Drivers\e8603dbf42c113e2.sys - copied to quarantine
      00:58:32.0090 2544 HKLM\SYSTEM\ControlSet001\services\e8603dbf42c113e2 - will be deleted on reboot
      00:58:32.0169 2544 HKLM\SYSTEM\ControlSet002\services\e8603dbf42c113e2 - will be deleted on reboot
      00:58:32.0249 2544 HKLM\SYSTEM\ControlSet003\services\e8603dbf42c113e2 - will be deleted on reboot
      00:58:32.0576 2544 C:\Windows\System32\Drivers\e8603dbf42c113e2.sys - will be deleted on reboot
      00:58:32.0576 2544 e8603dbf42c113e2 ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
      00:58:32.0576 2544 ebdrv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0576 2544 ebdrv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0577 2544 elxstor ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0577 2544 elxstor ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0577 2544 ErrDev ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0577 2544 ErrDev ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0577 2544 exfat ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0577 2544 exfat ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0578 2544 fastfat ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0578 2544 fastfat ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0578 2544 fdc ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0578 2544 fdc ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0579 2544 FileInfo ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0579 2544 FileInfo ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0579 2544 Filetrace ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0579 2544 Filetrace ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0580 2544 flpydisk ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0580 2544 flpydisk ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0580 2544 FltMgr ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0580 2544 FltMgr ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0580 2544 FsDepends ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0580 2544 FsDepends ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0581 2544 Fs_Rec ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0581 2544 Fs_Rec ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0581 2544 fvevol ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0581 2544 fvevol ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0582 2544 gagp30kx ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0582 2544 gagp30kx ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0582 2544 hcw85cir ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0582 2544 hcw85cir ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0582 2544 HdAudAddService ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0582 2544 HdAudAddService ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0583 2544 HDAudBus ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0583 2544 HDAudBus ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0583 2544 HidBatt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0583 2544 HidBatt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0583 2544 HidBth ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0583 2544 HidBth ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0584 2544 HidIr ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0584 2544 HidIr ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0584 2544 HidUsb ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0584 2544 HidUsb ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0584 2544 HpSAMD ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0584 2544 HpSAMD ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0585 2544 HTTP ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0585 2544 HTTP ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0585 2544 hwpolicy ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0585 2544 hwpolicy ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0585 2544 i8042prt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0586 2544 i8042prt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0586 2544 iaStorV ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0586 2544 iaStorV ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0586 2544 iirsp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0586 2544 iirsp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0587 2544 intelide ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0587 2544 intelide ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0587 2544 intelppm ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0587 2544 intelppm ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0588 2544 IpFilterDriver ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0588 2544 IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0588 2544 IPMIDRV ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0588 2544 IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0588 2544 IPNAT ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0588 2544 IPNAT ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0589 2544 IRENUM ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0589 2544 IRENUM ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0589 2544 isapnp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0589 2544 isapnp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0590 2544 iScsiPrt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0590 2544 iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0590 2544 JMCR ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0590 2544 JMCR ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0590 2544 kbdclass ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0591 2544 kbdclass ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0591 2544 kbdhid ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0591 2544 kbdhid ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0591 2544 KMService ( UnsignedFile.Multi.Generic ) - skipped by user
      00:58:32.0591 2544 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0591 2544 KMWDFILTERx86 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0591 2544 KMWDFILTERx86 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0592 2544 KSecDD ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0592 2544 KSecDD ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0592 2544 KSecPkg ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0592 2544 KSecPkg ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0592 2544 lltdio ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0592 2544 lltdio ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0593 2544 LSI_FC ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0593 2544 LSI_FC ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0593 2544 LSI_SAS ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0593 2544 LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0593 2544 LSI_SAS2 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0593 2544 LSI_SAS2 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0594 2544 LSI_SCSI ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0594 2544 LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0594 2544 luafv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0594 2544 luafv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0594 2544 megasas ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0594 2544 megasas ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0595 2544 MegaSR ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0595 2544 MegaSR ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0595 2544 Modem ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0595 2544 Modem ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0596 2544 monitor ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0596 2544 monitor ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0596 2544 mouclass ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0596 2544 mouclass ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0597 2544 mouhid ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0597 2544 mouhid ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0597 2544 mountmgr ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0597 2544 mountmgr ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0598 2544 mpio ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0598 2544 mpio ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0598 2544 mpsdrv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0598 2544 mpsdrv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0598 2544 MRxDAV ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0598 2544 MRxDAV ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0599 2544 mrxsmb ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0599 2544 mrxsmb ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0599 2544 mrxsmb10 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0599 2544 mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0599 2544 mrxsmb20 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0599 2544 mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0600 2544 msahci ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0600 2544 msahci ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0600 2544 msdsm ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0600 2544 msdsm ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0600 2544 Msfs ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0600 2544 Msfs ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0600 2544 mshidkmdf ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0601 2544 mshidkmdf ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0601 2544 msisadrv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0601 2544 msisadrv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0601 2544 MSKSSRV ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0601 2544 MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0601 2544 MSPCLOCK ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0601 2544 MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0602 2544 MSPQM ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0602 2544 MSPQM ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0602 2544 MsRPC ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0602 2544 MsRPC ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0603 2544 mssmbios ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0603 2544 mssmbios ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0603 2544 MSTEE ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0603 2544 MSTEE ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0603 2544 MTConfig ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0603 2544 MTConfig ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0604 2544 Mup ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0604 2544 Mup ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0604 2544 NativeWifiP ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0604 2544 NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0605 2544 NDIS ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0605 2544 NDIS ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0605 2544 NdisCap ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0605 2544 NdisCap ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0606 2544 NdisTapi ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0606 2544 NdisTapi ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0606 2544 Ndisuio ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0606 2544 Ndisuio ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0606 2544 NdisWan ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0606 2544 NdisWan ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0607 2544 NDProxy ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0607 2544 NDProxy ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0607 2544 NetBIOS ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0607 2544 NetBIOS ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0607 2544 NetBT ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0607 2544 NetBT ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0608 2544 netw5v32 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0608 2544 netw5v32 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0608 2544 nfrd960 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0608 2544 nfrd960 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0608 2544 NPF ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0608 2544 NPF ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0608 2544 Npfs ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0609 2544 Npfs ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0609 2544 nsiproxy ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0609 2544 nsiproxy ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0609 2544 Ntfs ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0609 2544 Ntfs ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0609 2544 Null ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0609 2544 Null ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0610 2544 NVHDA ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0610 2544 NVHDA ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0610 2544 nvlddmkm ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0610 2544 nvlddmkm ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0611 2544 nvraid ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0611 2544 nvraid ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0611 2544 nvstor ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0611 2544 nvstor ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0611 2544 nv_agp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0611 2544 nv_agp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0612 2544 ohci1394 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0612 2544 ohci1394 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0612 2544 Parport ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0612 2544 Parport ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0613 2544 partmgr ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0613 2544 partmgr ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0613 2544 Parvdm ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0613 2544 Parvdm ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0614 2544 pci ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0614 2544 pci ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0614 2544 pciide ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0614 2544 pciide ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0614 2544 pcmcia ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0614 2544 pcmcia ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0615 2544 pcw ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0615 2544 pcw ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0615 2544 PEAUTH ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0615 2544 PEAUTH ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0615 2544 PptpMiniport ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0615 2544 PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0615 2544 Processor ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0616 2544 Processor ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0616 2544 Psched ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0616 2544 Psched ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0616 2544 PxHelp20 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0616 2544 PxHelp20 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0616 2544 ql2300 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0616 2544 ql2300 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0617 2544 ql40xx ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0617 2544 ql40xx ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0617 2544 QWAVEdrv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0617 2544 QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0617 2544 RasAcd ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0617 2544 RasAcd ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0618 2544 RasAgileVpn ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0618 2544 RasAgileVpn ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0618 2544 Rasl2tp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0618 2544 Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0618 2544 RasPppoe ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0618 2544 RasPppoe ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0619 2544 RasSstp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0619 2544 RasSstp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0619 2544 rdbss ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0619 2544 rdbss ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0620 2544 rdpbus ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0620 2544 rdpbus ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0620 2544 RDPCDD ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0620 2544 RDPCDD ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0620 2544 RDPDR ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0620 2544 RDPDR ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0621 2544 RDPENCDD ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0621 2544 RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0621 2544 RDPREFMP ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0621 2544 RDPREFMP ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0622 2544 RdpVideoMiniport ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0622 2544 RdpVideoMiniport ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0622 2544 RDPWD ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0622 2544 RDPWD ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0622 2544 rdyboost ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0622 2544 rdyboost ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0623 2544 rpcapd ( UnsignedFile.Multi.Generic ) - skipped by user
      00:58:32.0623 2544 rpcapd ( UnsignedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0623 2544 rspndr ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0623 2544 rspndr ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0623 2544 s3cap ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0623 2544 s3cap ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0624 2544 sbp2port ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0624 2544 sbp2port ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0624 2544 scfilter ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0624 2544 scfilter ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0624 2544 sdbus ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0624 2544 sdbus ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0625 2544 secdrv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0625 2544 secdrv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0625 2544 Serenum ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0625 2544 Serenum ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0625 2544 Serial ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0625 2544 Serial ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0625 2544 sermouse ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0625 2544 sermouse ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0626 2544 sffdisk ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0626 2544 sffdisk ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0626 2544 sffp_mmc ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0626 2544 sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0626 2544 sffp_sd ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0626 2544 sffp_sd ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0627 2544 sfloppy ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0627 2544 sfloppy ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0627 2544 sisagp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0627 2544 sisagp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0628 2544 SiSRaid2 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0628 2544 SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0628 2544 SiSRaid4 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0628 2544 SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0629 2544 Smb ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0629 2544 Smb ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0629 2544 spldr ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0629 2544 spldr ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0630 2544 srv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0630 2544 srv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0630 2544 srv2 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0630 2544 srv2 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0630 2544 srvnet ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0630 2544 srvnet ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0631 2544 stexstor ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0631 2544 stexstor ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0631 2544 storflt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0631 2544 storflt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0631 2544 storvsc ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0631 2544 storvsc ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0631 2544 swenum ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0631 2544 swenum ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0632 2544 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
      00:58:32.0632 2544 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0632 2544 Tcpip ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0632 2544 Tcpip ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0633 2544 TCPIP6 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0633 2544 TCPIP6 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0633 2544 tcpipreg ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0633 2544 tcpipreg ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0633 2544 TDPIPE ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0633 2544 TDPIPE ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0634 2544 TDTCP ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0634 2544 TDTCP ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0634 2544 tdx ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0634 2544 tdx ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0635 2544 TermDD ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0635 2544 TermDD ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0635 2544 tssecsrv ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0635 2544 tssecsrv ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0636 2544 TsUsbFlt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0636 2544 TsUsbFlt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0636 2544 tunnel ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0636 2544 tunnel ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0637 2544 uagp35 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0637 2544 uagp35 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0637 2544 udfs ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0637 2544 udfs ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0638 2544 uliagpkx ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0638 2544 uliagpkx ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0638 2544 umbus ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0638 2544 umbus ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0638 2544 UmPass ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0638 2544 UmPass ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0639 2544 usbccgp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0639 2544 usbccgp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0639 2544 usbcir ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0639 2544 usbcir ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0639 2544 usbehci ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0639 2544 usbehci ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0639 2544 usbhub ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0640 2544 usbhub ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0640 2544 usbohci ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0640 2544 usbohci ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0640 2544 usbprint ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0640 2544 usbprint ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0640 2544 USBSTOR ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0640 2544 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0641 2544 usbuhci ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0641 2544 usbuhci ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0641 2544 usbvideo ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0641 2544 usbvideo ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0641 2544 vdrvroot ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0641 2544 vdrvroot ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0642 2544 vga ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0642 2544 vga ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0642 2544 VgaSave ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0642 2544 VgaSave ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0642 2544 vhdmp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0642 2544 vhdmp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0643 2544 viaagp ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0643 2544 viaagp ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0643 2544 ViaC7 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0643 2544 ViaC7 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0644 2544 viaide ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0644 2544 viaide ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0644 2544 vmbus ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0644 2544 vmbus ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0645 2544 VMBusHID ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0645 2544 VMBusHID ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0645 2544 volmgr ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0645 2544 volmgr ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0645 2544 volmgrx ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0645 2544 volmgrx ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0646 2544 volsnap ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0646 2544 volsnap ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0646 2544 vsmraid ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0646 2544 vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0646 2544 vwifibus ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0646 2544 vwifibus ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0647 2544 VWiFiFlt ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0647 2544 VWiFiFlt ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0647 2544 WacomPen ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0647 2544 WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0647 2544 WANARP ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0647 2544 WANARP ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0648 2544 Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0648 2544 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0648 2544 Wd ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0648 2544 Wd ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0648 2544 Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0648 2544 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0648 2544 WfpLwf ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0649 2544 WfpLwf ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0649 2544 WIMMount ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0649 2544 WIMMount ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0649 2544 WinUsb ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0649 2544 WinUsb ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0649 2544 WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0649 2544 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0650 2544 ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0650 2544 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0650 2544 WudfPf ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0650 2544 WudfPf ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0650 2544 WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0650 2544 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:32.0651 2544 yukonw7 ( LockedFile.Multi.Generic ) - skipped by user
      00:58:32.0651 2544 yukonw7 ( LockedFile.Multi.Generic ) - User select action: Skip
      00:58:41.0803 1124 Deinitialize success

    8. #8
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: Error al instalar cualquier antivirus

      Hola ,

      Acá estaba la infección:

      00:58:32.0039 2544 C:\Windows\System32\Drivers\e8603dbf42c113e2.sys - copied to quarantine
      00:58:32.0090 2544 HKLM\SYSTEM\ControlSet001\services\e8603dbf42c113e 2 - will be deleted on reboot
      00:58:32.0169 2544 HKLM\SYSTEM\ControlSet002\services\e8603dbf42c113e 2 - will be deleted on reboot
      00:58:32.0249 2544 HKLM\SYSTEM\ControlSet003\services\e8603dbf42c113e 2 - will be deleted on reboot
      00:58:32.0576 2544 C:\Windows\System32\Drivers\e8603dbf42c113e2.sys - will be deleted on reboot
      00:58:32.0576 2544 e8603dbf42c113e2 ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
      Entonces quedo esperando el reporte de Malwarebytes
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.