• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 15

    NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x800705b4

    Hola, Como lo dice el titulo del tema, cuando intento activar la protección en tiempo real del antivirus security essential me marca el error 0x800705b. decidi eliminar ese antivirus e instalar otro pero no tuve ...

    1. #1
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x800705b4

      Hola,

      Como lo dice el titulo del tema, cuando intento activar la protección en tiempo real del antivirus security essential me marca el error 0x800705b.

      decidi eliminar ese antivirus e instalar otro pero no tuve éxito, ya no me permite instalar ningún otro antivirus.

      Por lo que leí en una consulta similar en este blog, creo que mi equipo tiene un virus.

      Seguí los pasos sugeridos al otro usuario con el problema similar al mio, sin embargo aún no ejecuto el combofix debido a la advertencias que marcan, que la verdad me hicieron dudar en ejecutarlo.

      Espero puedan ayudarme a encontar solución a mi problema.

      Cabe señalar que ya ejecute el Malwarebytes y no obtuve solución.
      También hice limpieza con tune up, ésto ustedes no lo sugirieron pero de cualquier manera ya lo realice.

      Les dejo la dirección del tema al que hago referencia

      Problema con activar update windows y microsoft security essential


      Agradezco de antemano su valiosa ayuda.

    2. #2
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      Hola Ucan bienvenido al foro :

      Pega el informe de Malwarebytes por favor

      Descarga TDSSKiller.zip a tu escritorio.
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip
      • Ejecuta el archivo TDSSKiller.exe Si usas Vista o 7 presiona clic derecho ejecutar como administrador.
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo.
      • Si el equipo no está infectado:
      • Mostrara
      • No threats found.
      • Presiona clic sobre el botón "Close"
      • Si el equipo está infectado:
      • Mostrara:
      • Threats detected.
      • Select action for found objects:

      • Malware object, high risk. La acción predeterminada es "Cure" o "Delete".
      • Suspicious object, medium risk. Usa siempre la opción "Skip"
      • El programa selecciona de forma automática la acción a tomar.
      • Presiona clic sobre el botón "Continue"
      • Para desinfectar correctamente el Sistema, puede solicitarle reiniciar el equipo.
      • Presiona clic sobre el botón

      • Abre el reporte de TDSSKiller, ubicado en C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt, donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora.
      • Copia y pega su contenido en tu próxima respuesta.


      Saludos y felices fiestas
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      Les dejo los reportes de Malwarebytes son tres diferentes, no sé cual sea el que necesiten.
      Saludos!

      2012/12/24 11:32:40 -0600 OMYLAP (null) MESSAGE Executing scheduled update: Daily
      2012/12/24 11:32:41 -0600 OMYLAP (null) ERROR Scheduled update failed: Host not found failed with error code 0
      ________________________________________________________________________________________________________
      2012/12/23 15:53:33 -0600 OMYLAP Omar L. Ucán MESSAGE Executing scheduled update: Daily
      2012/12/23 15:57:20 -0600 OMYLAP Omar L. Ucán MESSAGE Scheduled update executed successfully: database updated from version v2012.09.29.05 to version v2012.12.23.07
      ________________________________________________________________________________________________________


      Malwarebytes Anti-Malware (Versión de Prueba) 1.65.1.1000
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.12.23.07

      Windows Vista Service Pack 2 x86 NTFS
      Internet Explorer 9.0.8112.16421
      Omar L. Ucán :: OMYLAP [administrador]

      Protección: Personas de movilidad reducida

      23/12/2012 03:58:11 p.m.
      mbam-log-2012-12-23 (15-58-11).txt

      Tipos de Análisis: Análisis Completo (C:\|D:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 444932
      Tiempo transcurrido: 1 hora(s), 49 minuto(s), 47 segundo(s)

      Procesos en Memoria Detectados: 1
      c:\windows\installer\{ed1bd309-2650-1b5f-ca43-5f14a9dd7b8a}\syshost.exe (Trojan.Agent) -> 2376 -> Se eliminarán al reiniciar.

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 1
      HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSHOST32 (Trojan.Agent) -> En cuarentena y eliminado con éxito.

      Valores del Registro Detectados: 2
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_Application (Hijacker.Application) -> datos: http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> En cuarentena y eliminado con éxito.
      HKLM\SYSTEM\CurrentControlSet\Services\syshost32|ImagePath (Trojan.Agent) -> datos: "C:\Windows\Installer\{ED1BD309-2650-1B5F-CA43-5F14A9DD7B8A}\syshost.exe" /service -> En cuarentena y eliminado con éxito.

      Elementos de Datos del Registro Detectados: 1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|Application (Hijacker.Application) -> Malo: (http://www.helpmeopen.com/?n=app&ext=%s) Bueno: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> En cuarentena y reparado con éxito.

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 8
      C:\Users\Omar L. Ucán\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\5106c113-7b870312 (Trojan.FakeMS) -> En cuarentena y eliminado con éxito.
      c:\windows\syshost.exe (Trojan.Downloader) -> Se eliminarán al reiniciar.
      c:\users\omar l. ucán\appdata\local\temp\syshost.exe (Spyware.Agent) -> Se eliminarán al reiniciar.
      c:\users\omarl~1~ucn\appdata\local\temp\syshost.exe (Spyware.Agent) -> Se eliminarán al reiniciar.
      c:\windows\serviceprofiles\localservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Se eliminarán al reiniciar.
      c:\windows\serviceprofiles\networkservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Se eliminarán al reiniciar.
      c:\windows\temp\syshost.exe (Spyware.Agent) -> Se eliminarán al reiniciar.
      c:\windows\installer\{ed1bd309-2650-1b5f-ca43-5f14a9dd7b8a}\syshost.exe (Trojan.Agent) -> Se eliminarán al reiniciar.

      fin)

    4. #4
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      Ya instalé TDSSKiller, seguí los pasos correspondientes les dejo el reporte generado.
      Nuevamente gracias, quedó en espera de sus comentarios.
      Saludos!

      Se los mando en dos partes porque no me permitio enviarlo en un solo mensaje.

      11:54:27.0865 4452 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      11:54:27.0883 4452 ============================================================
      11:54:27.0883 4452 Current date / time: 2012/12/24 11:54:27.0883
      11:54:27.0883 4452 SystemInfo:
      11:54:27.0883 4452
      11:54:27.0884 4452 OS Version: 6.0.6002 ServicePack: 2.0
      11:54:27.0884 4452 Product type: Workstation
      11:54:27.0884 4452 ComputerName: OMYLAP
      11:54:27.0884 4452 UserName: Omar L. Ucán
      11:54:27.0884 4452 Windows directory: C:\Windows
      11:54:27.0884 4452 System windows directory: C:\Windows
      11:54:27.0884 4452 Processor architecture: Intel x86
      11:54:27.0884 4452 Number of processors: 2
      11:54:27.0884 4452 Page size: 0x1000
      11:54:27.0884 4452 Boot type: Normal boot
      11:54:27.0884 4452 ============================================================
      11:54:34.0899 4452 !crdlk
      11:54:35.0120 4452 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
      11:54:35.0149 4452 ============================================================
      11:54:35.0149 4452 \Device\Harddisk0\DR0:
      11:54:35.0150 4452 MBR partitions:
      11:54:35.0150 4452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
      11:54:35.0150 4452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0xC6F83B0
      11:54:35.0188 4452 ============================================================
      11:54:35.0236 4452 C: <-> \Device\Harddisk0\DR0\Partition2
      11:54:35.0284 4452 D: <-> \Device\Harddisk0\DR0\Partition1
      11:54:35.0284 4452 ============================================================
      11:54:35.0284 4452 Initialize success
      11:54:35.0284 4452 ============================================================
      11:55:14.0020 4528 ============================================================
      11:55:14.0020 4528 Scan started
      11:55:14.0020 4528 Mode: Manual; SigCheck; TDLFS;
      11:55:14.0020 4528 ============================================================
      11:55:14.0215 4528 ================ Scan system memory ========================
      11:55:14.0215 4528 System memory - ok
      11:55:14.0216 4528 ================ Scan services =============================
      11:55:14.0311 4528 Suspicious service (NoAccess): 5af9880ab55a59a8
      11:55:14.0547 4528 [ 6DB2CACB4793F9A7C72F65D26B03D362 ] 5af9880ab55a59a8 C:\Windows\System32\Drivers\5af9880ab55a59a8.sys
      11:55:14.0548 4528 Suspicious file (NoAccess): C:\Windows\System32\Drivers\5af9880ab55a59a8.sys. md5: 6DB2CACB4793F9A7C72F65D26B03D362
      11:55:14.0767 4528 5af9880ab55a59a8 ( Rootkit.Win32.Necurs.gen ) - infected
      11:55:14.0767 4528 5af9880ab55a59a8 - detected Rootkit.Win32.Necurs.gen (0)
      11:55:14.0846 4528 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
      11:55:14.0888 4528 ACPI - ok
      11:55:14.0968 4528 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
      11:55:14.0985 4528 AdobeFlashPlayerUpdateSvc - ok
      11:55:15.0078 4528 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
      11:55:15.0119 4528 adp94xx - ok
      11:55:15.0175 4528 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
      11:55:15.0194 4528 adpahci - ok
      11:55:15.0272 4528 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
      11:55:15.0287 4528 adpu160m - ok
      11:55:15.0381 4528 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
      11:55:15.0397 4528 adpu320 - ok
      11:55:15.0459 4528 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      11:55:15.0578 4528 AeLookupSvc - ok
      11:55:15.0634 4528 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe
      11:55:15.0707 4528 AESTFilters - ok
      11:55:15.0792 4528 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
      11:55:15.0866 4528 AFD - ok
      11:55:15.0977 4528 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
      11:55:15.0996 4528 agp440 - ok
      11:55:16.0041 4528 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
      11:55:16.0061 4528 aic78xx - ok
      11:55:16.0134 4528 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
      11:55:16.0296 4528 ALG - ok
      11:55:16.0337 4528 [ DC67A153FDB8105B25D05334B5E1D8E2 ] aliide C:\Windows\system32\drivers\aliide.sys
      11:55:16.0349 4528 aliide - ok
      11:55:16.0400 4528 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
      11:55:16.0412 4528 amdagp - ok
      11:55:16.0496 4528 [ 835C4C3355088298A5EBD818FA31430F ] amdide C:\Windows\system32\drivers\amdide.sys
      11:55:16.0508 4528 amdide - ok
      11:55:16.0560 4528 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
      11:55:16.0777 4528 AmdK7 - ok
      11:55:16.0810 4528 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
      11:55:16.0897 4528 AmdK8 - ok
      11:55:16.0964 4528 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
      11:55:17.0058 4528 androidusb - ok
      11:55:17.0110 4528 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
      11:55:17.0168 4528 ApfiltrService - ok
      11:55:17.0249 4528 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
      11:55:17.0316 4528 Appinfo - ok
      11:55:17.0429 4528 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      11:55:17.0447 4528 Apple Mobile Device - ok
      11:55:17.0510 4528 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
      11:55:17.0530 4528 arc - ok
      11:55:17.0613 4528 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
      11:55:17.0633 4528 arcsas - ok
      11:55:17.0719 4528 [ D0C8B41A2690CD3B57783C759B3B72D5 ] AresChatServer C:\Program Files\Ares\chatServer.exe
      11:55:17.0760 4528 AresChatServer ( UnsignedFile.Multi.Generic ) - warning
      11:55:17.0760 4528 AresChatServer - detected UnsignedFile.Multi.Generic (1)
      11:55:17.0835 4528 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      11:55:17.0905 4528 AsyncMac - ok
      11:55:17.0979 4528 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
      11:55:18.0011 4528 atapi - ok
      11:55:18.0085 4528 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      11:55:18.0166 4528 AudioEndpointBuilder - ok
      11:55:18.0199 4528 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
      11:55:18.0222 4528 Audiosrv - ok
      11:55:18.0302 4528 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
      11:55:18.0361 4528 Beep - ok
      11:55:18.0426 4528 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
      11:55:18.0496 4528 BFE - ok
      11:55:18.0593 4528 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
      11:55:18.0687 4528 BITS - ok
      11:55:18.0727 4528 blbdrive - ok
      11:55:18.0824 4528 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
      11:55:18.0846 4528 Bonjour Service - ok
      11:55:18.0893 4528 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      11:55:18.0960 4528 bowser - ok
      11:55:19.0027 4528 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
      11:55:19.0073 4528 BrFiltLo - ok
      11:55:19.0116 4528 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
      11:55:19.0162 4528 BrFiltUp - ok
      11:55:19.0224 4528 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
      11:55:19.0267 4528 Browser - ok
      11:55:19.0340 4528 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
      11:55:19.0444 4528 Brserid - ok
      11:55:19.0478 4528 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
      11:55:19.0549 4528 BrSerWdm - ok
      11:55:19.0624 4528 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
      11:55:19.0706 4528 BrUsbMdm - ok
      11:55:19.0759 4528 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
      11:55:19.0839 4528 BrUsbSer - ok
      11:55:19.0912 4528 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
      11:55:19.0995 4528 BTHMODEM - ok
      11:55:20.0115 4528 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
      11:55:20.0191 4528 BthServ - ok
      11:55:20.0287 4528 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      11:55:20.0361 4528 cdfs - ok
      11:55:20.0457 4528 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      11:55:20.0524 4528 cdrom - ok
      11:55:20.0599 4528 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
      11:55:20.0648 4528 CertPropSvc - ok
      11:55:20.0715 4528 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
      11:55:20.0773 4528 circlass - ok
      11:55:20.0845 4528 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
      11:55:20.0864 4528 CLFS - ok
      11:55:20.0956 4528 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      11:55:20.0968 4528 clr_optimization_v2.0.50727_32 - ok
      11:55:21.0058 4528 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      11:55:21.0109 4528 CmBatt - ok
      11:55:21.0142 4528 [ E79CBB2195E965F6E3256E2C1B23FD1C ] cmdide C:\Windows\system32\drivers\cmdide.sys
      11:55:21.0155 4528 cmdide - ok
      11:55:21.0196 4528 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      11:55:21.0209 4528 Compbatt - ok
      11:55:21.0260 4528 COMSysApp - ok
      11:55:21.0283 4528 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
      11:55:21.0298 4528 crcdisk - ok
      11:55:21.0344 4528 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
      11:55:21.0420 4528 Crusoe - ok
      11:55:21.0525 4528 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
      11:55:21.0587 4528 CryptSvc - ok
      11:55:21.0680 4528 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
      11:55:21.0770 4528 DcomLaunch - ok
      11:55:21.0846 4528 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      11:55:21.0913 4528 DfsC - ok
      11:55:22.0098 4528 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
      11:55:22.0310 4528 DFSR - ok
      11:55:22.0378 4528 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
      11:55:22.0420 4528 Dhcp - ok
      11:55:22.0495 4528 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
      11:55:22.0508 4528 disk - ok
      11:55:22.0556 4528 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
      11:55:22.0621 4528 Dnscache - ok
      11:55:22.0730 4528 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
      11:55:22.0772 4528 dot3svc - ok
      11:55:22.0836 4528 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
      11:55:22.0893 4528 DPS - ok
      11:55:22.0953 4528 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      11:55:22.0999 4528 drmkaud - ok
      11:55:23.0098 4528 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      11:55:23.0129 4528 DXGKrnl - ok
      11:55:23.0242 4528 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
      11:55:23.0346 4528 e1express - ok
      11:55:23.0396 4528 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
      11:55:23.0494 4528 E1G60 - ok
      11:55:23.0548 4528 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
      11:55:23.0604 4528 EapHost - ok
      11:55:23.0692 4528 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
      11:55:23.0718 4528 Ecache - ok
      11:55:23.0810 4528 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      11:55:23.0850 4528 ehRecvr - ok
      11:55:23.0928 4528 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
      11:55:23.0992 4528 ehSched - ok
      11:55:24.0032 4528 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
      11:55:24.0066 4528 ehstart - ok
      11:55:24.0133 4528 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
      11:55:24.0151 4528 elxstor - ok
      11:55:24.0269 4528 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
      11:55:24.0381 4528 EMDMgmt - ok
      11:55:24.0500 4528 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
      11:55:24.0545 4528 EventSystem - ok
      11:55:24.0642 4528 [ E71B03FF6B819AE1A286AA27E956D523 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      11:55:24.0703 4528 EvtEng ( UnsignedFile.Multi.Generic ) - warning
      11:55:24.0703 4528 EvtEng - detected UnsignedFile.Multi.Generic (1)
      11:55:24.0802 4528 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
      11:55:24.0869 4528 exfat - ok
      11:55:24.0986 4528 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
      11:55:25.0039 4528 fastfat - ok
      11:55:25.0098 4528 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      11:55:25.0182 4528 fdc - ok
      11:55:25.0235 4528 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
      11:55:25.0288 4528 fdPHost - ok
      11:55:25.0355 4528 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
      11:55:25.0419 4528 FDResPub - ok
      11:55:25.0492 4528 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      11:55:25.0505 4528 FileInfo - ok
      11:55:25.0569 4528 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      11:55:25.0594 4528 Filetrace - ok
      11:55:25.0727 4528 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      11:55:25.0800 4528 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
      11:55:25.0800 4528 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
      11:55:25.0862 4528 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      11:55:25.0934 4528 flpydisk - ok
      11:55:26.0003 4528 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      11:55:26.0024 4528 FltMgr - ok
      11:55:26.0133 4528 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
      11:55:26.0237 4528 FontCache - ok
      11:55:26.0362 4528 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
      11:55:26.0381 4528 FontCache3.0.0.0 - ok
      11:55:26.0426 4528 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
      11:55:26.0443 4528 fssfltr - ok
      11:55:26.0651 4528 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
      11:55:26.0794 4528 fsssvc - ok
      11:55:26.0871 4528 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      11:55:26.0924 4528 Fs_Rec - ok
      11:55:26.0989 4528 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
      11:55:27.0000 4528 gagp30kx - ok
      11:55:27.0104 4528 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
      11:55:27.0112 4528 GEARAspiWDM - ok
      11:55:27.0178 4528 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
      11:55:27.0178 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ggflt.sys. md5: 007AEA2E06E7CEF7372E40C277163959
      11:55:27.0220 4528 ggflt ( LockedFile.Multi.Generic ) - warning
      11:55:27.0220 4528 ggflt - detected LockedFile.Multi.Generic (1)
      11:55:27.0237 4528 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
      11:55:27.0238 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ggsemc.sys. md5: C73DE35960CA75C5AB4AE636B127C64E
      11:55:27.0247 4528 ggsemc ( LockedFile.Multi.Generic ) - warning
      11:55:27.0247 4528 ggsemc - detected LockedFile.Multi.Generic (1)
      11:55:27.0337 4528 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
      11:55:27.0446 4528 gpsvc - ok
      11:55:27.0557 4528 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
      11:55:27.0570 4528 gupdate - ok
      11:55:27.0607 4528 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
      11:55:27.0620 4528 gupdatem - ok
      11:55:27.0687 4528 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      11:55:27.0703 4528 gusvc - ok
      11:55:27.0775 4528 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
      11:55:27.0837 4528 HDAudBus - ok
      11:55:27.0905 4528 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
      11:55:27.0905 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidbth.sys. md5: 1338520E78D90154ED6BE8F84DE5FCEB
      11:55:27.0933 4528 HidBth ( LockedFile.Multi.Generic ) - warning
      11:55:27.0933 4528 HidBth - detected LockedFile.Multi.Generic (1)
      11:55:27.0980 4528 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
      11:55:27.0981 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidir.sys. md5: FF3160C3A2445128C5A6D9B076DA519E
      11:55:27.0990 4528 HidIr ( LockedFile.Multi.Generic ) - warning
      11:55:27.0990 4528 HidIr - detected LockedFile.Multi.Generic (1)
      11:55:28.0067 4528 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
      11:55:28.0113 4528 hidserv - ok
      11:55:28.0176 4528 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      11:55:28.0177 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidusb.sys. md5: 3C64042B95E583B366BA4E5D2450235E
      11:55:28.0186 4528 HidUsb ( LockedFile.Multi.Generic ) - warning
      11:55:28.0186 4528 HidUsb - detected LockedFile.Multi.Generic (1)
      11:55:28.0268 4528 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
      11:55:28.0337 4528 hkmsvc - ok
      11:55:28.0377 4528 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
      11:55:28.0396 4528 HpCISSs - ok
      11:55:28.0492 4528 [ E9E589C9AB799F52E18F057635A2B362 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
      11:55:28.0493 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HSX_DPV.sys. md5: E9E589C9AB799F52E18F057635A2B362
      11:55:28.0547 4528 HSF_DPV ( LockedFile.Multi.Generic ) - warning
      11:55:28.0547 4528 HSF_DPV - detected LockedFile.Multi.Generic (1)
      11:55:28.0604 4528 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
      11:55:28.0605 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HSXHWAZL.sys. md5: 7845D2385F4DC7DFB3CCAF0C2FA4948E
      11:55:28.0613 4528 HSXHWAZL ( LockedFile.Multi.Generic ) - warning
      11:55:28.0614 4528 HSXHWAZL - detected LockedFile.Multi.Generic (1)
      11:55:28.0672 4528 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
      11:55:28.0672 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: F870AA3E254628EBEAFE754108D664DE
      11:55:28.0707 4528 HTTP ( LockedFile.Multi.Generic ) - warning
      11:55:28.0708 4528 HTTP - detected LockedFile.Multi.Generic (1)
      11:55:28.0772 4528 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
      11:55:28.0772 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\i2omp.sys. md5: 324C2152FF2C61ABAE92D09F3CCA4D63
      11:55:28.0781 4528 i2omp ( LockedFile.Multi.Generic ) - warning
      11:55:28.0781 4528 i2omp - detected LockedFile.Multi.Generic (1)
      11:55:28.0825 4528 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      11:55:28.0825 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\i8042prt.sys. md5: 22D56C8184586B7A1F6FA60BE5F5A2BD
      11:55:28.0834 4528 i8042prt ( LockedFile.Multi.Generic ) - warning
      11:55:28.0834 4528 i8042prt - detected LockedFile.Multi.Generic (1)
      11:55:28.0888 4528 [ AE38A12F79A4980DDB88F36514F8A1DA ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
      11:55:28.0911 4528 IAANTMON - ok
      11:55:29.0003 4528 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32\drivers\iastor.sys
      11:55:29.0003 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\iastor.sys. md5: 997E8F5939F2D12CD9F2E6B395724C16
      11:55:29.0058 4528 iaStor ( LockedFile.Multi.Generic ) - warning
      11:55:29.0058 4528 iaStor - detected LockedFile.Multi.Generic (1)
      11:55:29.0104 4528 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
      11:55:29.0104 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\iastorv.sys. md5: C957BF4B5D80B46C5017BF0101E6C906
      11:55:29.0114 4528 iaStorV ( LockedFile.Multi.Generic ) - warning
      11:55:29.0114 4528 iaStorV - detected LockedFile.Multi.Generic (1)
      11:55:29.0228 4528 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      11:55:29.0250 4528 IDriverT ( UnsignedFile.Multi.Generic ) - warning
      11:55:29.0250 4528 IDriverT - detected UnsignedFile.Multi.Generic (1)
      11:55:29.0387 4528 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
      11:55:29.0475 4528 idsvc - ok
      11:55:29.0663 4528 [ F7ECD4B9E7FAD4A01A0ED889D40E2494 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
      11:55:29.0663 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\igdkmd32.sys. md5: F7ECD4B9E7FAD4A01A0ED889D40E2494
      11:55:29.0717 4528 igfx ( LockedFile.Multi.Generic ) - warning
      11:55:29.0717 4528 igfx - detected LockedFile.Multi.Generic (1)
      11:55:29.0761 4528 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
      11:55:29.0761 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\iirsp.sys. md5: 2D077BF86E843F901D8DB709C95B49A5
      11:55:29.0774 4528 iirsp ( LockedFile.Multi.Generic ) - warning
      11:55:29.0774 4528 iirsp - detected LockedFile.Multi.Generic (1)
      11:55:29.0872 4528 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
      11:55:29.0957 4528 IKEEXT - ok
      11:55:30.0009 4528 [ CACE3BE2499CF00827A641869297CEA6 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
      11:55:30.0010 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\IntcHdmi.sys. md5: CACE3BE2499CF00827A641869297CEA6
      11:55:30.0016 4528 IntcHdmiAddService ( LockedFile.Multi.Generic ) - warning
      11:55:30.0016 4528 IntcHdmiAddService - detected LockedFile.Multi.Generic (1)
      11:55:30.0056 4528 [ 0084046C084D68E494F8CF36BCF08186 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
      11:55:30.0057 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelide.sys. md5: 0084046C084D68E494F8CF36BCF08186
      11:55:30.0089 4528 intelide ( LockedFile.Multi.Generic ) - warning
      11:55:30.0090 4528 intelide - detected LockedFile.Multi.Generic (1)
      11:55:30.0161 4528 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      11:55:30.0161 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: 224191001E78C89DFA78924C3EA595FF
      11:55:30.0174 4528 intelppm ( LockedFile.Multi.Generic ) - warning
      11:55:30.0175 4528 intelppm - detected LockedFile.Multi.Generic (1)
      11:55:30.0244 4528 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      11:55:30.0317 4528 IPBusEnum - ok
      11:55:30.0391 4528 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      11:55:30.0392 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: 62C265C38769B864CB25B4BCF62DF6C3
      11:55:30.0419 4528 IpFilterDriver ( LockedFile.Multi.Generic ) - warning
      11:55:30.0419 4528 IpFilterDriver - detected LockedFile.Multi.Generic (1)
      11:55:30.0488 4528 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      11:55:30.0586 4528 iphlpsvc - ok
      11:55:30.0604 4528 IpInIp - ok
      11:55:30.0655 4528 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
      11:55:30.0656 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ipmidrv.sys. md5: 40F34F8ABA2A015D780E4B09138B6C17
      11:55:30.0678 4528 IPMIDRV ( LockedFile.Multi.Generic ) - warning
      11:55:30.0678 4528 IPMIDRV - detected LockedFile.Multi.Generic (1)
      11:55:30.0751 4528 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
      11:55:30.0751 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipnat.sys. md5: 8793643A67B42CEC66490B2A0CF92D68
      11:55:30.0757 4528 IPNAT ( LockedFile.Multi.Generic ) - warning
      11:55:30.0757 4528 IPNAT - detected LockedFile.Multi.Generic (1)
      11:55:30.0900 4528 [ EF1C51222117B37AFBFF8F4642EA8C62 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
      11:55:30.0939 4528 iPod Service - ok
      11:55:31.0045 4528 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      11:55:31.0046 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: 109C0DFB82C3632FBD11949B73AEEAC9
      11:55:31.0089 4528 IRENUM ( LockedFile.Multi.Generic ) - warning
      11:55:31.0089 4528 IRENUM - detected LockedFile.Multi.Generic (1)
      11:55:31.0149 4528 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      11:55:31.0149 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\isapnp.sys. md5: 2F8ECE2699E7E2070545E9B0960A8ED2
      11:55:31.0156 4528 isapnp ( LockedFile.Multi.Generic ) - warning
      11:55:31.0156 4528 isapnp - detected LockedFile.Multi.Generic (1)
      11:55:31.0209 4528 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
      11:55:31.0209 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\msiscsi.sys. md5: 232FA340531D940AAC623B121A595034
      11:55:31.0219 4528 iScsiPrt ( LockedFile.Multi.Generic ) - warning
      11:55:31.0219 4528 iScsiPrt - detected LockedFile.Multi.Generic (1)
      11:55:31.0271 4528 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
      11:55:31.0271 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteatapi.sys. md5: BCED60D16156E428F8DF8CF27B0DF150
      11:55:31.0280 4528 iteatapi ( LockedFile.Multi.Generic ) - warning
      11:55:31.0280 4528 iteatapi - detected LockedFile.Multi.Generic (1)
      11:55:31.0310 4528 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
      11:55:31.0311 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\iteraid.sys. md5: 06FA654504A498C30ADCA8BEC4E87E7E
      11:55:31.0319 4528 iteraid ( LockedFile.Multi.Generic ) - warning
      11:55:31.0319 4528 iteraid - detected LockedFile.Multi.Generic (1)
      11:55:31.0384 4528 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      11:55:31.0385 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdclass.sys. md5: 37605E0A8CF00CBBA538E753E4344C6E
      11:55:31.0394 4528 kbdclass ( LockedFile.Multi.Generic ) - warning
      11:55:31.0394 4528 kbdclass - detected LockedFile.Multi.Generic (1)
      11:55:31.0436 4528 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
      11:55:31.0437 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdhid.sys. md5: D2600CB17B7408B4A83F231DC9A11AC3
      11:55:31.0446 4528 kbdhid ( LockedFile.Multi.Generic ) - warning
      11:55:31.0446 4528 kbdhid - detected LockedFile.Multi.Generic (1)
      11:55:31.0511 4528 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
      11:55:31.0581 4528 KeyIso - ok
      11:55:31.0674 4528 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      11:55:31.0674 4528 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: 4A1445EFA932A3BAF5BDB02D7131EE20
      11:55:31.0723 4528 KSecDD ( LockedFile.Multi.Generic ) - warning
      11:55:31.0723 4528 KSecDD - detected LockedFile.Multi.Generic (1)
      11:55:31.0753 4528 ktebhzmw - ok
      11:55:31.0841 4528 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
      11:55:31.0878 4528 KtmRm - ok
      11:55:31.0949 4528 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
      11:55:32.0003 4528 LanmanServer - ok
      11:55:32.0066 4528 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      11:55:32.0126 4528 LanmanWorkstation - ok
      11:55:32.0206 4528 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      11:55:32.0207 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: D1C5883087A0C3F1344D9D55A44901F6
      11:55:32.0259 4528 lltdio ( LockedFile.Multi.Generic ) - warning
      11:55:32.0259 4528 lltdio - detected LockedFile.Multi.Generic (1)
      11:55:32.0340 4528 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
      11:55:32.0394 4528 lltdsvc - ok
      11:55:32.0463 4528 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
      11:55:32.0540 4528 lmhosts - ok
      11:55:32.0637 4528 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
      11:55:32.0637 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_fc.sys. md5: A2262FB9F28935E862B4DB46438C80D2
      11:55:32.0646 4528 LSI_FC ( LockedFile.Multi.Generic ) - warning
      11:55:32.0646 4528 LSI_FC - detected LockedFile.Multi.Generic (1)
      11:55:32.0685 4528 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
      11:55:32.0685 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_sas.sys. md5: 30D73327D390F72A62F32C103DAF1D6D
      11:55:32.0716 4528 LSI_SAS ( LockedFile.Multi.Generic ) - warning
      11:55:32.0716 4528 LSI_SAS - detected LockedFile.Multi.Generic (1)
      11:55:32.0765 4528 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
      11:55:32.0765 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_scsi.sys. md5: E1E36FEFD45849A95F1AB81DE0159FE3
      11:55:32.0775 4528 LSI_SCSI ( LockedFile.Multi.Generic ) - warning
      11:55:32.0775 4528 LSI_SCSI - detected LockedFile.Multi.Generic (1)
      11:55:32.0855 4528 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
      11:55:32.0855 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 8F5C7426567798E62A3B3614965D62CC
      11:55:32.0907 4528 luafv ( LockedFile.Multi.Generic ) - warning
      11:55:32.0907 4528 luafv - detected LockedFile.Multi.Generic (1)
      11:55:33.0017 4528 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
      11:55:33.0039 4528 MBAMProtector - ok
      11:55:33.0149 4528 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
      11:55:33.0207 4528 MBAMScheduler - ok
      11:55:33.0281 4528 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      11:55:33.0348 4528 MBAMService - ok
      11:55:33.0445 4528 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      11:55:33.0482 4528 Mcx2Svc - ok
      11:55:33.0540 4528 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
      11:55:33.0541 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mdmxsdk.sys. md5: 0CEA2D0D3FA284B85ED5B68365114F76
      11:55:33.0573 4528 mdmxsdk ( LockedFile.Multi.Generic ) - warning
      11:55:33.0573 4528 mdmxsdk - detected LockedFile.Multi.Generic (1)
      11:55:33.0663 4528 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
      11:55:33.0664 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\megasas.sys. md5: D153B14FC6598EAE8422A2037553ADCE
      11:55:33.0673 4528 megasas ( LockedFile.Multi.Generic ) - warning
      11:55:33.0673 4528 megasas - detected LockedFile.Multi.Generic (1)
      11:55:33.0765 4528 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
      11:55:33.0776 4528 Microsoft Office Groove Audit Service - ok
      11:55:33.0872 4528 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
      11:55:33.0929 4528 MMCSS - ok
      11:55:34.0020 4528 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
      11:55:34.0020 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: E13B5EA0F51BA5B1512EC671393D09BA
      11:55:34.0027 4528 Modem ( LockedFile.Multi.Generic ) - warning
      11:55:34.0027 4528 Modem - detected LockedFile.Multi.Generic (1)
      11:55:34.0074 4528 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      11:55:34.0074 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: 0A9BB33B56E294F686ABB7C1E4E2D8A8
      11:55:34.0113 4528 monitor ( LockedFile.Multi.Generic ) - warning
      11:55:34.0113 4528 monitor - detected LockedFile.Multi.Generic (1)
      11:55:34.0169 4528 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      11:55:34.0169 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouclass.sys. md5: 5BF6A1326A335C5298477754A506D263
      11:55:34.0178 4528 mouclass ( LockedFile.Multi.Generic ) - warning
      11:55:34.0178 4528 mouclass - detected LockedFile.Multi.Generic (1)
      11:55:34.0230 4528 [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      11:55:34.0231 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouhid.sys. md5: A3A6DFF7E9E757DB3DF51A833BC28885
      11:55:34.0243 4528 mouhid ( LockedFile.Multi.Generic ) - warning
      11:55:34.0244 4528 mouhid - detected LockedFile.Multi.Generic (1)
      11:55:34.0296 4528 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
      11:55:34.0297 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: BDAFC88AA6B92F7842416EA6A48E1600
      11:55:34.0325 4528 MountMgr ( LockedFile.Multi.Generic ) - warning
      11:55:34.0325 4528 MountMgr - detected LockedFile.Multi.Generic (1)
      11:55:34.0374 4528 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
      11:55:34.0374 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpio.sys. md5: 583A41F26278D9E0EA548163D6139397
      11:55:34.0383 4528 mpio ( LockedFile.Multi.Generic ) - warning
      11:55:34.0383 4528 mpio - detected LockedFile.Multi.Generic (1)
      11:55:34.0457 4528 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      11:55:34.0458 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: 22241FEBA9B2DEFA669C8CB0A8DD7D2E
      11:55:34.0466 4528 mpsdrv ( LockedFile.Multi.Generic ) - warning
      11:55:34.0466 4528 mpsdrv - detected LockedFile.Multi.Generic (1)
      11:55:34.0543 4528 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
      11:55:34.0650 4528 MpsSvc - ok
      11:55:34.0747 4528 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
      11:55:34.0747 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\mraid35x.sys. md5: 4FBBB70D30FD20EC51F80061703B001E
      11:55:34.0792 4528 Mraid35x ( LockedFile.Multi.Generic ) - warning
      11:55:34.0792 4528 Mraid35x - detected LockedFile.Multi.Generic (1)
      11:55:34.0872 4528 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      11:55:34.0873 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: 82CEA0395524AACFEB58BA1448E8325C
      11:55:34.0912 4528 MRxDAV ( LockedFile.Multi.Generic ) - warning
      11:55:34.0912 4528 MRxDAV - detected LockedFile.Multi.Generic (1)
      11:55:35.0031 4528 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      11:55:35.0031 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: 1E94971C4B446AB2290DEB71D01CF0C2
      11:55:35.0041 4528 mrxsmb ( LockedFile.Multi.Generic ) - warning
      11:55:35.0042 4528 mrxsmb - detected LockedFile.Multi.Generic (1)
      11:55:35.0115 4528 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      11:55:35.0115 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: 4FCCB34D793B116423209C0F8B7A3B03
      11:55:35.0123 4528 mrxsmb10 ( LockedFile.Multi.Generic ) - warning
      11:55:35.0124 4528 mrxsmb10 - detected LockedFile.Multi.Generic (1)
      11:55:35.0168 4528 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      11:55:35.0169 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: C3CB1B40AD4A0124D617A1199B0B9D7C
      11:55:35.0179 4528 mrxsmb20 ( LockedFile.Multi.Generic ) - warning
      11:55:35.0180 4528 mrxsmb20 - detected LockedFile.Multi.Generic (1)
      11:55:35.0225 4528 [ D420BC42A637AC3CC4F411220549C0DC ] msahci C:\Windows\system32\drivers\msahci.sys
      11:55:35.0226 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\msahci.sys. md5: D420BC42A637AC3CC4F411220549C0DC
      11:55:35.0258 4528 msahci ( LockedFile.Multi.Generic ) - warning
      11:55:35.0259 4528 msahci - detected LockedFile.Multi.Generic (1)
      11:55:35.0341 4528 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      11:55:35.0341 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\msdsm.sys. md5: 3FC82A2AE4CC149165A94699183D3028
      11:55:35.0381 4528 msdsm ( LockedFile.Multi.Generic ) - warning
      11:55:35.0381 4528 msdsm - detected LockedFile.Multi.Generic (1)
      11:55:35.0452 4528 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
      11:55:35.0566 4528 MSDTC - ok
      11:55:35.0659 4528 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      11:55:35.0660 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: A9927F4A46B816C92F461ACB90CF8515
      11:55:35.0670 4528 Msfs ( LockedFile.Multi.Generic ) - warning
      11:55:35.0670 4528 Msfs - detected LockedFile.Multi.Generic (1)
      11:55:35.0731 4528 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      11:55:35.0732 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\msisadrv.sys. md5: 0F400E306F385C56317357D6DEA56F62
      11:55:35.0745 4528 msisadrv ( LockedFile.Multi.Generic ) - warning
      11:55:35.0745 4528 msisadrv - detected LockedFile.Multi.Generic (1)
      11:55:35.0820 4528 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      11:55:35.0910 4528 MSiSCSI - ok
      11:55:35.0994 4528 msiserver - ok
      11:55:36.0074 4528 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      11:55:36.0075 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: D8C63D34D9C9E56C059E24EC7185CC07
      11:55:36.0110 4528 MSKSSRV ( LockedFile.Multi.Generic ) - warning
      11:55:36.0110 4528 MSKSSRV - detected LockedFile.Multi.Generic (1)
      11:55:36.0150 4528 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      11:55:36.0151 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: 1D373C90D62DDB641D50E55B9E78D65E
      11:55:36.0161 4528 MSPCLOCK ( LockedFile.Multi.Generic ) - warning
      11:55:36.0162 4528 MSPCLOCK - detected LockedFile.Multi.Generic (1)
      11:55:36.0199 4528 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      11:55:36.0200 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: B572DA05BF4E098D4BBA3A4734FB505B
      11:55:36.0225 4528 MSPQM ( LockedFile.Multi.Generic ) - warning
      11:55:36.0226 4528 MSPQM - detected LockedFile.Multi.Generic (1)
      11:55:36.0300 4528 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      11:55:36.0301 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: B49456D70555DE905C311BCDA6EC6ADB
      11:55:36.0310 4528 MsRPC ( LockedFile.Multi.Generic ) - warning
      11:55:36.0310 4528 MsRPC - detected LockedFile.Multi.Generic (1)
      11:55:36.0376 4528 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
      11:55:36.0377 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mssmbios.sys. md5: E384487CB84BE41D09711C30CA79646C
      11:55:36.0384 4528 mssmbios ( LockedFile.Multi.Generic ) - warning
      11:55:36.0384 4528 mssmbios - detected LockedFile.Multi.Generic (1)
      11:55:36.0435 4528 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      11:55:36.0436 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: 7199C1EEC1E4993CAF96B8C0A26BD58A
      11:55:36.0443 4528 MSTEE ( LockedFile.Multi.Generic ) - warning
      11:55:36.0443 4528 MSTEE - detected LockedFile.Multi.Generic (1)
      11:55:36.0492 4528 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
      11:55:36.0492 4528 Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: 6A57B5733D4CB702C8EA4542E836B96C
      11:55:36.0507 4528 Mup ( LockedFile.Multi.Generic ) - warning
      11:55:36.0507 4528 Mup - detected LockedFile.Multi.Generic (1)
      11:55:36.0592 4528 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
      11:55:36.0691 4528 napagent - ok
      11:55:36.0791 4528 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      11:55:36.0791 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 85C44FDFF9CF7E72A40DCB7EC06A4416
      11:55:36.0841 4528 NativeWifiP ( LockedFile.Multi.Generic ) - warning
      11:55:36.0841 4528 NativeWifiP - detected LockedFile.Multi.Generic (1)
      11:55:36.0945 4528 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
      11:55:36.0945 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: 1357274D1883F68300AEADD15D7BBB42
      11:55:36.0982 4528 NDIS ( LockedFile.Multi.Generic ) - warning
      11:55:36.0983 4528 NDIS - detected LockedFile.Multi.Generic (1)
      11:55:37.0051 4528 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      11:55:37.0052 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: 0E186E90404980569FB449BA7519AE61
      11:55:37.0091 4528 NdisTapi ( LockedFile.Multi.Generic ) - warning
      11:55:37.0092 4528 NdisTapi - detected LockedFile.Multi.Generic (1)
      11:55:37.0166 4528 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      11:55:37.0167 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: D6973AA34C4D5D76C0430B181C3CD389
      11:55:37.0204 4528 Ndisuio ( LockedFile.Multi.Generic ) - warning
      11:55:37.0204 4528 Ndisuio - detected LockedFile.Multi.Generic (1)
      11:55:37.0262 4528 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      11:55:37.0262 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 818F648618AE34F729FDB47EC68345C3
      11:55:37.0284 4528 NdisWan ( LockedFile.Multi.Generic ) - warning
      11:55:37.0284 4528 NdisWan - detected LockedFile.Multi.Generic (1)
      11:55:37.0335 4528 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      11:55:37.0336 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: 71DAB552B41936358F3B541AE5997FB3
      11:55:37.0381 4528 NDProxy ( LockedFile.Multi.Generic ) - warning
      11:55:37.0381 4528 NDProxy - detected LockedFile.Multi.Generic (1)
      11:55:37.0441 4528 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      11:55:37.0442 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: BCD093A5A6777CF626434568DC7DBA78
      11:55:37.0461 4528 NetBIOS ( LockedFile.Multi.Generic ) - warning
      11:55:37.0461 4528 NetBIOS - detected LockedFile.Multi.Generic (1)
      11:55:37.0525 4528 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
      11:55:37.0526 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: ECD64230A59CBD93C85F1CD1CAB9F3F6
      11:55:37.0550 4528 netbt ( LockedFile.Multi.Generic ) - warning
      11:55:37.0551 4528 netbt - detected LockedFile.Multi.Generic (1)
      11:55:37.0600 4528 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
      11:55:37.0633 4528 Netlogon - ok
      11:55:37.0697 4528 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
      11:55:37.0745 4528 Netman - ok
      11:55:37.0835 4528 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
      11:55:37.0890 4528 netprofm - ok
      11:55:37.0952 4528 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
      11:55:37.0964 4528 NetTcpPortSharing - ok
      11:55:38.0059 4528 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
      11:55:38.0059 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\NETw4v32.sys. md5: 6522DD40A5F67CED020BD81B856613FB
      11:55:38.0105 4528 NETw4v32 ( LockedFile.Multi.Generic ) - warning
      11:55:38.0106 4528 NETw4v32 - detected LockedFile.Multi.Generic (1)
      11:55:38.0153 4528 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
      11:55:38.0154 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\nfrd960.sys. md5: 2E7FB731D4790A1BC6270ACCEFACB36E
      11:55:38.0163 4528 nfrd960 ( LockedFile.Multi.Generic ) - warning
      11:55:38.0163 4528 nfrd960 - detected LockedFile.Multi.Generic (1)
      11:55:38.0214 4528 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
      11:55:38.0262 4528 NlaSvc - ok
      11:55:38.0318 4528 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      11:55:38.0319 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: D36F239D7CCE1931598E8FB90A0DBC26
      11:55:38.0327 4528 Npfs ( LockedFile.Multi.Generic ) - warning
      11:55:38.0327 4528 Npfs - detected LockedFile.Multi.Generic (1)
      11:55:38.0381 4528 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
      11:55:38.0431 4528 nsi - ok
      11:55:38.0502 4528 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      11:55:38.0502 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: 609773E344A97410CE4EBF74A8914FCF
      11:55:38.0508 4528 nsiproxy ( LockedFile.Multi.Generic ) - warning
      11:55:38.0508 4528 nsiproxy - detected LockedFile.Multi.Generic (1)
      11:55:38.0609 4528 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      11:55:38.0609 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: 6A4A98CEE84CF9E99564510DDA4BAA47
      11:55:38.0671 4528 Ntfs ( LockedFile.Multi.Generic ) - warning
      11:55:38.0671 4528 Ntfs - detected LockedFile.Multi.Generic (1)
      11:55:38.0742 4528 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
      11:55:38.0743 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ntrigdigi.sys. md5: E875C093AEC0C978A90F30C9E0DFBB72
      11:55:38.0751 4528 ntrigdigi ( LockedFile.Multi.Generic ) - warning
      11:55:38.0751 4528 ntrigdigi - detected LockedFile.Multi.Generic (1)
      11:55:38.0791 4528 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
      11:55:38.0792 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: C5DBBCDA07D780BDA9B685DF333BB41E
      11:55:38.0826 4528 Null ( LockedFile.Multi.Generic ) - warning
      11:55:38.0827 4528 Null - detected LockedFile.Multi.Generic (1)
      11:55:38.0863 4528 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
      11:55:38.0864 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvraid.sys. md5: E69E946F80C1C31C53003BFBF50CBB7C
      11:55:38.0873 4528 nvraid ( LockedFile.Multi.Generic ) - warning
      11:55:38.0873 4528 nvraid - detected LockedFile.Multi.Generic (1)
      11:55:38.0923 4528 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
      11:55:38.0923 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvstor.sys. md5: 9E0BA19A28C498A6D323D065DB76DFFC
      11:55:38.0936 4528 nvstor ( LockedFile.Multi.Generic ) - warning
      11:55:38.0936 4528 nvstor - detected LockedFile.Multi.Generic (1)
      11:55:38.0983 4528 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      11:55:38.0984 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\nv_agp.sys. md5: 055081FD5076401C1EE1BCAB08D81911
      11:55:39.0008 4528 nv_agp ( LockedFile.Multi.Generic ) - warning
      11:55:39.0009 4528 nv_agp - detected LockedFile.Multi.Generic (1)
      11:55:39.0031 4528 NwlnkFlt - ok
      11:55:39.0057 4528 NwlnkFwd - ok
      11:55:39.0146 4528 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      11:55:39.0174 4528 odserv - ok
      11:55:39.0254 4528 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
      11:55:39.0254 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ohci1394.sys. md5: 6F310E890D46E246E0E261A63D9B36B4
      11:55:39.0293 4528 ohci1394 ( LockedFile.Multi.Generic ) - warning
      11:55:39.0293 4528 ohci1394 - detected LockedFile.Multi.Generic (1)
      11:55:39.0341 4528 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      11:55:39.0354 4528 ose - ok
      11:55:39.0474 4528 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
      11:55:39.0575 4528 p2pimsvc - ok
      11:55:39.0663 4528 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
      11:55:39.0690 4528 p2psvc - ok
      11:55:39.0789 4528 [ 4A410C7AEA51123519C20D43A20BCE96 ] PAC207 C:\Windows\system32\DRIVERS\PFC027.SYS
      11:55:39.0789 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\PFC027.SYS. md5: 4A410C7AEA51123519C20D43A20BCE96
      11:55:39.0830 4528 PAC207 ( LockedFile.Multi.Generic ) - warning
      11:55:39.0830 4528 PAC207 - detected LockedFile.Multi.Generic (1)
      11:55:39.0905 4528 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
      11:55:39.0906 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\parport.sys. md5: 0FA9B5055484649D63C303FE404E5F4D
      11:55:39.0912 4528 Parport ( LockedFile.Multi.Generic ) - warning
      11:55:39.0912 4528 Parport - detected LockedFile.Multi.Generic (1)
      11:55:39.0984 4528 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
      11:55:39.0984 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: B9C2B89F08670E159F7181891E449CD9
      11:55:39.0993 4528 partmgr ( LockedFile.Multi.Generic ) - warning
      11:55:39.0994 4528 partmgr - detected LockedFile.Multi.Generic (1)
      11:55:40.0033 4528 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
      11:55:40.0033 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\parvdm.sys. md5: 4F9A6A8A31413180D0FCB279AD5D8112
      11:55:40.0042 4528 Parvdm ( LockedFile.Multi.Generic ) - warning
      11:55:40.0042 4528 Parvdm - detected LockedFile.Multi.Generic (1)
      11:55:40.0094 4528 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
      11:55:40.0178 4528 PcaSvc - ok
      11:55:40.0282 4528 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
      11:55:40.0283 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\pci.sys. md5: 941DC1D19E7E8620F40BBC206981EFDB
      11:55:40.0328 4528 pci ( LockedFile.Multi.Generic ) - warning
      11:55:40.0328 4528 pci - detected LockedFile.Multi.Generic (1)
      11:55:40.0390 4528 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
      11:55:40.0390 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: 1636D43F10416AEB483BC6001097B26C
      11:55:40.0399 4528 pciide ( LockedFile.Multi.Generic ) - warning
      11:55:40.0400 4528 pciide - detected LockedFile.Multi.Generic (1)
      11:55:40.0472 4528 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
      11:55:40.0473 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcmcia.sys. md5: E6F3FB1B86AA519E7698AD05E58B04E5
      11:55:40.0481 4528 pcmcia ( LockedFile.Multi.Generic ) - warning
      11:55:40.0481 4528 pcmcia - detected LockedFile.Multi.Generic (1)
      11:55:40.0570 4528 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      11:55:40.0571 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 6349F6ED9C623B44B52EA3C63C831A92
      11:55:40.0588 4528 PEAUTH ( LockedFile.Multi.Generic ) - warning
      11:55:40.0588 4528 PEAUTH - detected LockedFile.Multi.Generic (1)
      11:55:40.0788 4528 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
      11:55:40.0968 4528 pla - ok
      11:55:41.0110 4528 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      11:55:41.0191 4528 PlugPlay - ok
      11:55:41.0263 4528 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
      11:55:41.0290 4528 PNRPAutoReg - ok
      11:55:41.0375 4528 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
      11:55:41.0401 4528 PNRPsvc - ok
      11:55:41.0500 4528 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      11:55:41.0574 4528 PolicyAgent - ok
      11:55:41.0649 4528 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      11:55:41.0650 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: ECFFFAEC0C1ECD8DBC77F39070EA1DB1
      11:55:41.0684 4528 PptpMiniport ( LockedFile.Multi.Generic ) - warning
      11:55:41.0685 4528 PptpMiniport - detected LockedFile.Multi.Generic (1)
      11:55:41.0753 4528 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
      11:55:41.0753 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\processr.sys. md5: 0E3CEF5D28B40CF273281D620C50700A
      11:55:41.0759 4528 Processor ( LockedFile.Multi.Generic ) - warning
      11:55:41.0759 4528 Processor - detected LockedFile.Multi.Generic (1)
      11:55:41.0833 4528 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
      11:55:41.0879 4528 ProfSvc - ok
      11:55:41.0945 4528 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
      11:55:41.0961 4528 ProtectedStorage - ok
      11:55:42.0036 4528 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
      11:55:42.0054 4528 ProtexisLicensing - ok
      11:55:42.0105 4528 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
      11:55:42.0105 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: 99514FAA8DF93D34B5589187DB3AA0BA
      11:55:42.0153 4528 PSched ( LockedFile.Multi.Generic ) - warning
      11:55:42.0153 4528 PSched - detected LockedFile.Multi.Generic (1)
      11:55:42.0207 4528 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
      11:55:42.0207 4528 Suspicious file (NoAccess): C:\Windows\system32\Drivers\PxHelp20.sys. md5: FEFFCFDC528764A04C8ED63D5FA6E711
      11:55:42.0242 4528 PxHelp20 ( LockedFile.Multi.Generic ) - warning
      11:55:42.0242 4528 PxHelp20 - detected LockedFile.Multi.Generic (1)
      11:55:42.0319 4528 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
      11:55:42.0319 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql2300.sys. md5: CCDAC889326317792480C0A67156A1EC
      11:55:42.0356 4528 ql2300 ( LockedFile.Multi.Generic ) - warning
      11:55:42.0356 4528 ql2300 - detected LockedFile.Multi.Generic (1)
      11:55:42.0450 4528 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
      11:55:42.0451 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql40xx.sys. md5: 81A7E5C076E59995D54BC1ED3A16E60B
      11:55:42.0463 4528 ql40xx ( LockedFile.Multi.Generic ) - warning
      11:55:42.0463 4528 ql40xx - detected LockedFile.Multi.Generic (1)
      11:55:42.0540 4528 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
      11:55:42.0599 4528 QWAVE - ok
      11:55:42.0679 4528 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      11:55:42.0680 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: 9F5E0E1926014D17486901C88ECA2DB7
      11:55:42.0720 4528 QWAVEdrv ( LockedFile.Multi.Generic ) - warning
      11:55:42.0720 4528 QWAVEdrv - detected LockedFile.Multi.Generic (1)
      11:55:42.0870 4528 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
      11:55:42.0871 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\atikmdag.sys. md5: E642B131FB74CAF4BB8A014F31113142
      11:55:42.0936 4528 R300 ( LockedFile.Multi.Generic ) - warning
      11:55:42.0937 4528 R300 - detected LockedFile.Multi.Generic (1)
      11:55:43.0040 4528 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
      11:55:43.0074 4528 RapiMgr - ok
      11:55:43.0163 4528 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      11:55:43.0164 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: 147D7F9C556D259924351FEB0DE606C3
      11:55:43.0205 4528 RasAcd ( LockedFile.Multi.Generic ) - warning
      11:55:43.0205 4528 RasAcd - detected LockedFile.Multi.Generic (1)
      11:55:43.0289 4528 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
      11:55:43.0377 4528 RasAuto - ok
      11:55:43.0456 4528 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      11:55:43.0456 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: A214ADBAF4CB47DD2728859EF31F26B0
      11:55:43.0462 4528 Rasl2tp ( LockedFile.Multi.Generic ) - warning
      11:55:43.0462 4528 Rasl2tp - detected LockedFile.Multi.Generic (1)
      11:55:43.0518 4528 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
      11:55:43.0582 4528 RasMan - ok
      11:55:43.0632 4528 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      11:55:43.0632 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: 509A98DD18AF4375E1FC40BC175F1DEF
      11:55:43.0665 4528 RasPppoe ( LockedFile.Multi.Generic ) - warning
      11:55:43.0665 4528 RasPppoe - detected LockedFile.Multi.Generic (1)
      11:55:43.0716 4528 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      11:55:43.0716 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rassstp.sys. md5: 2005F4A1E05FA09389AC85840F0A9E4D
      11:55:43.0739 4528 RasSstp ( LockedFile.Multi.Generic ) - warning
      11:55:43.0739 4528 RasSstp - detected LockedFile.Multi.Generic (1)
      11:55:43.0800 4528 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      11:55:43.0801 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: B14C9D5B9ADD2F84F70570BBBFAA7935
      11:55:43.0826 4528 rdbss ( LockedFile.Multi.Generic ) - warning
      11:55:43.0826 4528 rdbss - detected LockedFile.Multi.Generic (1)
      11:55:43.0884 4528 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      11:55:43.0884 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: 89E59BE9A564262A3FB6C4F4F1CD9899
      11:55:43.0896 4528 RDPCDD ( LockedFile.Multi.Generic ) - warning
      11:55:43.0896 4528 RDPCDD - detected LockedFile.Multi.Generic (1)
      11:55:43.0966 4528 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
      11:55:43.0967 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpdr.sys. md5: 0245418224CFA77BF4B41C2FE0622258
      11:55:43.0992 4528 rdpdr ( LockedFile.Multi.Generic ) - warning
      11:55:43.0992 4528 rdpdr - detected LockedFile.Multi.Generic (1)
      11:55:44.0016 4528 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      11:55:44.0016 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: 9D91FE5286F748862ECFFA05F8A0710C
      11:55:44.0028 4528 RDPENCDD ( LockedFile.Multi.Generic ) - warning
      11:55:44.0028 4528 RDPENCDD - detected LockedFile.Multi.Generic (1)
      11:55:44.0110 4528 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      11:55:44.0110 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: C127EBD5AFAB31524662C48DFCEB773A
      11:55:44.0117 4528 RDPWD ( LockedFile.Multi.Generic ) - warning
      11:55:44.0117 4528 RDPWD - detected LockedFile.Multi.Generic (1)
      11:55:44.0166 4528 [ 2CF574D0965F58E514A2DC94114D7ECA ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      11:55:44.0178 4528 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
      11:55:44.0179 4528 RegSrvc - detected UnsignedFile.Multi.Generic (1)
      11:55:44.0231 4528 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
      11:55:44.0264 4528 RemoteAccess - ok
      11:55:44.0327 4528 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
      11:55:44.0373 4528 RemoteRegistry - ok
      11:55:44.0456 4528 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
      11:55:44.0457 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rimmptsk.sys. md5: 355AAC141B214BEF1DBC1483AFD9BD50
      11:55:44.0491 4528 rimmptsk ( LockedFile.Multi.Generic ) - warning
      11:55:44.0491 4528 rimmptsk - detected LockedFile.Multi.Generic (1)
      11:55:44.0539 4528 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
      11:55:44.0540 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rimsptsk.sys. md5: A4216C71DD4F60B26418CCFD99CD0815
      11:55:44.0553 4528 rimsptsk ( LockedFile.Multi.Generic ) - warning
      11:55:44.0553 4528 rimsptsk - detected LockedFile.Multi.Generic (1)
      11:55:44.0596 4528 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
      11:55:44.0596 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rixdptsk.sys. md5: D231B577024AA324AF13A42F3A807D10
      11:55:44.0609 4528 rismxdp ( LockedFile.Multi.Generic ) - warning
      11:55:44.0609 4528 rismxdp - detected LockedFile.Multi.Generic (1)
      11:55:44.0749 4528 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
      11:55:44.0853 4528 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
      11:55:44.0853 4528 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
      11:55:44.0971 4528 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
      11:55:44.0996 4528 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
      11:55:44.0996 4528 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
      11:55:45.0055 4528 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
      11:55:45.0110 4528 RpcLocator - ok
      11:55:45.0191 4528 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
      11:55:45.0220 4528 RpcSs - ok
      11:55:45.0275 4528 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      11:55:45.0276 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rspndr.sys. md5: 9C508F4074A39E8B4B31D27198146FAD
      11:55:45.0310 4528 rspndr ( LockedFile.Multi.Generic ) - warning
      11:55:45.0310 4528 rspndr - detected LockedFile.Multi.Generic (1)
      11:55:45.0392 4528 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
      11:55:45.0393 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s0017bus.sys. md5: 594FF5620661D1386475406E78CB6F2F
      11:55:45.0429 4528 s0017bus ( LockedFile.Multi.Generic ) - warning
      11:55:45.0429 4528 s0017bus - detected LockedFile.Multi.Generic (1)
      11:55:45.0496 4528 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\Windows\system32\DRIVERS\s0017mdfl.sys
      11:55:45.0496 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s0017mdfl.sys. md5: 7258F550419D543BC5C8E80C578A5D54
      11:55:45.0503 4528 s0017mdfl ( LockedFile.Multi.Generic ) - warning
      11:55:45.0503 4528 s0017mdfl - detected LockedFile.Multi.Generic (1)
      11:55:45.0554 4528 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\Windows\system32\DRIVERS\s0017mdm.sys
      11:55:45.0555 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s0017mdm.sys. md5: 1DE4F6607FEB17A15DBD4F1B139E6D2F
      11:55:45.0562 4528 s0017mdm ( LockedFile.Multi.Generic ) - warning
      11:55:45.0562 4528 s0017mdm - detected LockedFile.Multi.Generic (1)
      11:55:45.0642 4528 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\Windows\system32\DRIVERS\s0017mgmt.sys
      11:55:45.0642 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s0017mgmt.sys. md5: 9814E6BACC06D2526CD52981C7EEEDF0
      11:55:45.0650 4528 s0017mgmt ( LockedFile.Multi.Generic ) - warning
      11:55:45.0650 4528 s0017mgmt - detected LockedFile.Multi.Generic (1)
      11:55:45.0711 4528 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\Windows\system32\DRIVERS\s0017nd5.sys
      11:55:45.0711 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s0017nd5.sys. md5: 2C62CD58225973F26682CD4F783DDEDE
      11:55:45.0719 4528 s0017nd5 ( LockedFile.Multi.Generic ) - warning
      11:55:45.0719 4528 s0017nd5 - detected LockedFile.Multi.Generic (1)
      11:55:45.0777 4528 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\Windows\system32\DRIVERS\s0017obex.sys
      11:55:45.0778 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s0017obex.sys. md5: F87C3422E84B2FB1B43E0A26247AD5A5
      11:55:45.0787 4528 s0017obex ( LockedFile.Multi.Generic ) - warning
      11:55:45.0787 4528 s0017obex - detected LockedFile.Multi.Generic (1)
      11:55:45.0866 4528 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\Windows\system32\DRIVERS\s0017unic.sys
      11:55:45.0866 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s0017unic.sys. md5: DF5E7360A0AFA5956BF75DA683D0679F
      11:55:45.0876 4528 s0017unic ( LockedFile.Multi.Generic ) - warning
      11:55:45.0876 4528 s0017unic - detected LockedFile.Multi.Generic (1)
      11:55:45.0957 4528 [ 1F561844318914E7EB6E54673A4CC54C ] s117bus C:\Windows\system32\DRIVERS\s117bus.sys
      11:55:45.0958 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s117bus.sys. md5: 1F561844318914E7EB6E54673A4CC54C
      11:55:46.0019 4528 s117bus ( LockedFile.Multi.Generic ) - warning
      11:55:46.0019 4528 s117bus - detected LockedFile.Multi.Generic (1)
      11:55:46.0069 4528 [ BA93EEC3CDF6A63B77AE66221AA4F902 ] s117mdfl C:\Windows\system32\DRIVERS\s117mdfl.sys
      11:55:46.0070 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s117mdfl.sys. md5: BA93EEC3CDF6A63B77AE66221AA4F902
      11:55:46.0079 4528 s117mdfl ( LockedFile.Multi.Generic ) - warning
      11:55:46.0079 4528 s117mdfl - detected LockedFile.Multi.Generic (1)
      11:55:46.0133 4528 [ CBA12FD8A8EE5B5CDFBBAE2381CD6703 ] s117mdm C:\Windows\system32\DRIVERS\s117mdm.sys
      11:55:46.0133 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s117mdm.sys. md5: CBA12FD8A8EE5B5CDFBBAE2381CD6703
      11:55:46.0143 4528 s117mdm ( LockedFile.Multi.Generic ) - warning
      11:55:46.0143 4528 s117mdm - detected LockedFile.Multi.Generic (1)
      11:55:46.0233 4528 [ BD6483E64B1DA17E812B34BCDEFD9459 ] s117mgmt C:\Windows\system32\DRIVERS\s117mgmt.sys
      11:55:46.0234 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s117mgmt.sys. md5: BD6483E64B1DA17E812B34BCDEFD9459
      11:55:46.0242 4528 s117mgmt ( LockedFile.Multi.Generic ) - warning
      11:55:46.0242 4528 s117mgmt - detected LockedFile.Multi.Generic (1)
      11:55:46.0322 4528 [ C7CA36C3054B4CD47A1F6611B046E2F9 ] s117nd5 C:\Windows\system32\DRIVERS\s117nd5.sys
      11:55:46.0322 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s117nd5.sys. md5: C7CA36C3054B4CD47A1F6611B046E2F9
      11:55:46.0331 4528 s117nd5 ( LockedFile.Multi.Generic ) - warning
      11:55:46.0331 4528 s117nd5 - detected LockedFile.Multi.Generic (1)
      11:55:46.0389 4528 [ E290B3A6B58FB72CA97DD48D64E4FC1C ] s117obex C:\Windows\system32\DRIVERS\s117obex.sys
      11:55:46.0390 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s117obex.sys. md5: E290B3A6B58FB72CA97DD48D64E4FC1C
      11:55:46.0398 4528 s117obex ( LockedFile.Multi.Generic ) - warning
      11:55:46.0398 4528 s117obex - detected LockedFile.Multi.Generic (1)
      11:55:46.0469 4528 [ 5C4D1BA23C7511AC880E8BA7BAA80DBA ] s117unic C:\Windows\system32\DRIVERS\s117unic.sys
      11:55:46.0469 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s117unic.sys. md5: 5C4D1BA23C7511AC880E8BA7BAA80DBA
      11:55:46.0479 4528 s117unic ( LockedFile.Multi.Generic ) - warning
      11:55:46.0479 4528 s117unic - detected LockedFile.Multi.Generic (1)
      11:55:46.0550 4528 [ 0266151DE3F36429F6AC3C4B28085061 ] s217bus C:\Windows\system32\DRIVERS\s217bus.sys
      11:55:46.0550 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s217bus.sys. md5: 0266151DE3F36429F6AC3C4B28085061
      11:55:46.0556 4528 s217bus ( LockedFile.Multi.Generic ) - warning
      11:55:46.0557 4528 s217bus - detected LockedFile.Multi.Generic (1)
      11:55:46.0634 4528 [ A43C0AF0E46BE7EF0C7E8CCF0F058600 ] s217mdfl C:\Windows\system32\DRIVERS\s217mdfl.sys
      11:55:46.0634 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s217mdfl.sys. md5: A43C0AF0E46BE7EF0C7E8CCF0F058600
      11:55:46.0685 4528 s217mdfl ( LockedFile.Multi.Generic ) - warning
      11:55:46.0686 4528 s217mdfl - detected LockedFile.Multi.Generic (1)
      11:55:46.0784 4528 [ 005F5DED1ED8F8A9D2399D765EAD20F1 ] s217mdm C:\Windows\system32\DRIVERS\s217mdm.sys
      11:55:46.0784 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s217mdm.sys. md5: 005F5DED1ED8F8A9D2399D765EAD20F1
      11:55:46.0791 4528 s217mdm ( LockedFile.Multi.Generic ) - warning
      11:55:46.0792 4528 s217mdm - detected LockedFile.Multi.Generic (1)
      11:55:46.0904 4528 [ 11CC5D7F992799E7E75D018E9C018563 ] s217nd5 C:\Windows\system32\DRIVERS\s217nd5.sys
      11:55:46.0904 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s217nd5.sys. md5: 11CC5D7F992799E7E75D018E9C018563
      11:55:46.0912 4528 s217nd5 ( LockedFile.Multi.Generic ) - warning
      11:55:46.0912 4528 s217nd5 - detected LockedFile.Multi.Generic (1)
      11:55:46.0946 4528 [ 0F9F4045799AFB66B85EEF999D0609EC ] s217obex C:\Windows\system32\DRIVERS\s217obex.sys
      11:55:46.0947 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s217obex.sys. md5: 0F9F4045799AFB66B85EEF999D0609EC
      11:55:46.0955 4528 s217obex ( LockedFile.Multi.Generic ) - warning
      11:55:46.0955 4528 s217obex - detected LockedFile.Multi.Generic (1)
      11:55:47.0026 4528 [ 1C91E1023F07B6407D84B5A43537D984 ] s217unic C:\Windows\system32\DRIVERS\s217unic.sys
      11:55:47.0026 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s217unic.sys. md5: 1C91E1023F07B6407D84B5A43537D984
      11:55:47.0035 4528 s217unic ( LockedFile.Multi.Generic ) - warning
      11:55:47.0036 4528 s217unic - detected LockedFile.Multi.Generic (1)
      11:55:47.0103 4528 [ AA786AD3A2684D39630744787B00E6F4 ] s3017bus C:\Windows\system32\DRIVERS\s3017bus.sys
      11:55:47.0104 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s3017bus.sys. md5: AA786AD3A2684D39630744787B00E6F4
      11:55:47.0110 4528 s3017bus ( LockedFile.Multi.Generic ) - warning
      11:55:47.0110 4528 s3017bus - detected LockedFile.Multi.Generic (1)

    5. #5
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      Reporte Segunda parte: (serán tres partes en total)


      11:55:47.0171 4528 [ CBA4CA5BCE44084E98CE420FD6692D3A ] s3017mdfl C:\Windows\system32\DRIVERS\s3017mdfl.sys
      11:55:47.0172 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s3017mdfl.sys. md5: CBA4CA5BCE44084E98CE420FD6692D3A
      11:55:47.0210 4528 s3017mdfl ( LockedFile.Multi.Generic ) - warning
      11:55:47.0210 4528 s3017mdfl - detected LockedFile.Multi.Generic (1)
      11:55:47.0294 4528 [ 68036EFF647970D6C0399789C8707CAD ] s3017mdm C:\Windows\system32\DRIVERS\s3017mdm.sys
      11:55:47.0294 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s3017mdm.sys. md5: 68036EFF647970D6C0399789C8707CAD
      11:55:47.0341 4528 s3017mdm ( LockedFile.Multi.Generic ) - warning
      11:55:47.0341 4528 s3017mdm - detected LockedFile.Multi.Generic (1)
      11:55:47.0410 4528 [ 3672E7F9349BD98FD3F5AC33E7B2B1A6 ] s3017mgmt C:\Windows\system32\DRIVERS\s3017mgmt.sys
      11:55:47.0411 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\s3017mgmt.sys. md5: 3672E7F9349BD98FD3F5AC33E7B2B1A6
      11:55:47.0442 4528 s3017mgmt ( LockedFile.Multi.Generic ) - warning
      11:55:47.0442 4528 s3017mgmt - detected LockedFile.Multi.Generic (1)
      11:55:47.0501 4528 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
      11:55:47.0523 4528 SamSs - ok
      11:55:47.0582 4528 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      11:55:47.0582 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sbp2port.sys. md5: 3CE8F073A557E172B330109436984E30
      11:55:47.0590 4528 sbp2port ( LockedFile.Multi.Generic ) - warning
      11:55:47.0590 4528 sbp2port - detected LockedFile.Multi.Generic (1)
      11:55:47.0647 4528 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
      11:55:47.0689 4528 SCardSvr - ok
      11:55:47.0773 4528 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
      11:55:47.0919 4528 Schedule - ok
      11:55:48.0045 4528 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
      11:55:48.0064 4528 SCPolicySvc - ok
      11:55:48.0117 4528 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
      11:55:48.0118 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sdbus.sys. md5: 8F36B54688C31EED4580129040C6A3D3
      11:55:48.0154 4528 sdbus ( LockedFile.Multi.Generic ) - warning
      11:55:48.0155 4528 sdbus - detected LockedFile.Multi.Generic (1)
      11:55:48.0209 4528 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      11:55:48.0261 4528 SDRSVC - ok
      11:55:48.0342 4528 [ 6D15E382BF5DCB6EE2D871AAA02EE815 ] SE31bus C:\Windows\system32\DRIVERS\SE31bus.sys
      11:55:48.0342 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SE31bus.sys. md5: 6D15E382BF5DCB6EE2D871AAA02EE815
      11:55:48.0348 4528 SE31bus ( LockedFile.Multi.Generic ) - warning
      11:55:48.0349 4528 SE31bus - detected LockedFile.Multi.Generic (1)
      11:55:48.0424 4528 [ 585B242F3F549813B63887D823A2CF44 ] SE31mdfl C:\Windows\system32\DRIVERS\SE31mdfl.sys
      11:55:48.0425 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SE31mdfl.sys. md5: 585B242F3F549813B63887D823A2CF44
      11:55:48.0464 4528 SE31mdfl ( LockedFile.Multi.Generic ) - warning
      11:55:48.0464 4528 SE31mdfl - detected LockedFile.Multi.Generic (1)
      11:55:48.0527 4528 [ 441DC38EAF3FFF763C96B1D34E0F977C ] SE31mdm C:\Windows\system32\DRIVERS\SE31mdm.sys
      11:55:48.0528 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SE31mdm.sys. md5: 441DC38EAF3FFF763C96B1D34E0F977C
      11:55:48.0535 4528 SE31mdm ( LockedFile.Multi.Generic ) - warning
      11:55:48.0535 4528 SE31mdm - detected LockedFile.Multi.Generic (1)
      11:55:48.0621 4528 [ CFDF624EAEAF8EABF5FDDFDECDB2FD61 ] SE31mgmt C:\Windows\system32\DRIVERS\SE31mgmt.sys
      11:55:48.0622 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SE31mgmt.sys. md5: CFDF624EAEAF8EABF5FDDFDECDB2FD61
      11:55:48.0657 4528 SE31mgmt ( LockedFile.Multi.Generic ) - warning
      11:55:48.0657 4528 SE31mgmt - detected LockedFile.Multi.Generic (1)
      11:55:48.0711 4528 [ A8173A2BAA0FD1486E7C79760E7B81B2 ] SE31obex C:\Windows\system32\DRIVERS\SE31obex.sys
      11:55:48.0712 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SE31obex.sys. md5: A8173A2BAA0FD1486E7C79760E7B81B2
      11:55:48.0724 4528 SE31obex ( LockedFile.Multi.Generic ) - warning
      11:55:48.0724 4528 SE31obex - detected LockedFile.Multi.Generic (1)
      11:55:48.0826 4528 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
      11:55:48.0857 4528 SeaPort - ok
      11:55:48.0947 4528 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      11:55:48.0947 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\secdrv.sys. md5: 90A3935D05B494A5A39D37E71F09A677
      11:55:48.0990 4528 secdrv ( LockedFile.Multi.Generic ) - warning
      11:55:48.0990 4528 secdrv - detected LockedFile.Multi.Generic (1)
      11:55:49.0072 4528 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
      11:55:49.0129 4528 seclogon - ok
      11:55:49.0181 4528 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
      11:55:49.0181 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\seehcri.sys. md5: E5B56569A9F79B70314FEDE6C953641E
      11:55:49.0218 4528 seehcri ( LockedFile.Multi.Generic ) - warning
      11:55:49.0218 4528 seehcri - detected LockedFile.Multi.Generic (1)
      11:55:49.0270 4528 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
      11:55:49.0322 4528 SENS - ok
      11:55:49.0360 4528 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
      11:55:49.0360 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\serenum.sys. md5: 68E44E331D46F0FB38F0863A84CD1A31
      11:55:49.0366 4528 Serenum ( LockedFile.Multi.Generic ) - warning
      11:55:49.0366 4528 Serenum - detected LockedFile.Multi.Generic (1)
      11:55:49.0420 4528 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
      11:55:49.0420 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\serial.sys. md5: C70D69A918B178D3C3B06339B40C2E1B
      11:55:49.0426 4528 Serial ( LockedFile.Multi.Generic ) - warning
      11:55:49.0426 4528 Serial - detected LockedFile.Multi.Generic (1)
      11:55:49.0504 4528 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
      11:55:49.0504 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sermouse.sys. md5: 8AF3D28A879BF75DB53A0EE7A4289624
      11:55:49.0510 4528 sermouse ( LockedFile.Multi.Generic ) - warning
      11:55:49.0511 4528 sermouse - detected LockedFile.Multi.Generic (1)
      11:55:49.0604 4528 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
      11:55:49.0654 4528 SessionEnv - ok
      11:55:49.0756 4528 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
      11:55:49.0756 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sffdisk.sys. md5: 3EFA810BDCA87F6ECC24F9832243FE86
      11:55:49.0762 4528 sffdisk ( LockedFile.Multi.Generic ) - warning
      11:55:49.0762 4528 sffdisk - detected LockedFile.Multi.Generic (1)
      11:55:49.0829 4528 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      11:55:49.0830 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_mmc.sys. md5: 96DED8B20C734AC41641CE275250E55D
      11:55:49.0839 4528 sffp_mmc ( LockedFile.Multi.Generic ) - warning
      11:55:49.0839 4528 sffp_mmc - detected LockedFile.Multi.Generic (1)
      11:55:49.0903 4528 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
      11:55:49.0903 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sffp_sd.sys. md5: 9F66A46C55D6F1CCABC79BB7AFCCC545
      11:55:49.0944 4528 sffp_sd ( LockedFile.Multi.Generic ) - warning
      11:55:49.0944 4528 sffp_sd - detected LockedFile.Multi.Generic (1)
      11:55:49.0977 4528 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
      11:55:49.0978 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sfloppy.sys. md5: 46ED8E91793B2E6F848015445A0AC188
      11:55:49.0984 4528 sfloppy ( LockedFile.Multi.Generic ) - warning
      11:55:49.0984 4528 sfloppy - detected LockedFile.Multi.Generic (1)
      11:55:50.0047 4528 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
      11:55:50.0106 4528 SharedAccess - ok
      11:55:50.0197 4528 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      11:55:50.0275 4528 ShellHWDetection - ok
      11:55:50.0330 4528 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
      11:55:50.0331 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisagp.sys. md5: 08072B2FB92477FC813271A84B3A8698
      11:55:50.0339 4528 sisagp ( LockedFile.Multi.Generic ) - warning
      11:55:50.0340 4528 sisagp - detected LockedFile.Multi.Generic (1)
      11:55:50.0370 4528 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
      11:55:50.0371 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid2.sys. md5: CEDD6F4E7D84E9F98B34B3FE988373AA
      11:55:50.0383 4528 SiSRaid2 ( LockedFile.Multi.Generic ) - warning
      11:55:50.0383 4528 SiSRaid2 - detected LockedFile.Multi.Generic (1)
      11:55:50.0418 4528 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
      11:55:50.0419 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid4.sys. md5: DF843C528C4F69D12CE41CE462E973A7
      11:55:50.0453 4528 SiSRaid4 ( LockedFile.Multi.Generic ) - warning
      11:55:50.0453 4528 SiSRaid4 - detected LockedFile.Multi.Generic (1)
      11:55:50.0711 4528 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
      11:55:50.0997 4528 Skype C2C Service - ok
      11:55:51.0171 4528 [ C44DA62FBCAE62803EA95600FC263065 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
      11:55:51.0183 4528 SkypeUpdate - ok
      11:55:51.0339 4528 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
      11:55:51.0683 4528 slsvc - ok
      11:55:51.0832 4528 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
      11:55:51.0895 4528 SLUINotify - ok
      11:55:51.0953 4528 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      11:55:51.0954 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: 7B75299A4D201D6A6533603D6914AB04
      11:55:51.0995 4528 Smb ( LockedFile.Multi.Generic ) - warning
      11:55:51.0995 4528 Smb - detected LockedFile.Multi.Generic (1)
      11:55:52.0078 4528 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      11:55:52.0130 4528 SNMPTRAP - ok
      11:55:52.0194 4528 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
      11:55:52.0195 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: 7AEBDEEF071FE28B0EEF2CDD69102BFF
      11:55:52.0203 4528 spldr ( LockedFile.Multi.Generic ) - warning
      11:55:52.0204 4528 spldr - detected LockedFile.Multi.Generic (1)
      11:55:52.0264 4528 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
      11:55:52.0334 4528 Spooler - ok
      11:55:52.0449 4528 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
      11:55:52.0450 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: 41987F9FC0E61ADF54F581E15029AD91
      11:55:52.0457 4528 srv ( LockedFile.Multi.Generic ) - warning
      11:55:52.0457 4528 srv - detected LockedFile.Multi.Generic (1)
      11:55:52.0534 4528 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      11:55:52.0534 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: FF33AFF99564B1AA534F58868CBE41EF
      11:55:52.0563 4528 srv2 ( LockedFile.Multi.Generic ) - warning
      11:55:52.0563 4528 srv2 - detected LockedFile.Multi.Generic (1)
      11:55:52.0606 4528 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      11:55:52.0607 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: 7605C0E1D01A08F3ECD743F38B834A44
      11:55:52.0613 4528 srvnet ( LockedFile.Multi.Generic ) - warning
      11:55:52.0613 4528 srvnet - detected LockedFile.Multi.Generic (1)
      11:55:52.0681 4528 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
      11:55:52.0682 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ssadbus.sys. md5: 64E44ACD8C238FCBBB78F0BA4BDC4B05
      11:55:52.0688 4528 ssadbus ( LockedFile.Multi.Generic ) - warning
      11:55:52.0688 4528 ssadbus - detected LockedFile.Multi.Generic (1)
      11:55:52.0770 4528 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
      11:55:52.0771 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ssadmdfl.sys. md5: BB2C84A15C765DA89FD832B0E73F26CE
      11:55:52.0778 4528 ssadmdfl ( LockedFile.Multi.Generic ) - warning
      11:55:52.0778 4528 ssadmdfl - detected LockedFile.Multi.Generic (1)
      11:55:52.0857 4528 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
      11:55:52.0858 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ssadmdm.sys. md5: 6D0D132DDC6F43EDA00DCED6D8B1CA31
      11:55:52.0865 4528 ssadmdm ( LockedFile.Multi.Generic ) - warning
      11:55:52.0866 4528 ssadmdm - detected LockedFile.Multi.Generic (1)
      11:55:52.0915 4528 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
      11:55:52.0916 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ssadserd.sys. md5: 1A5A397BC459F346AB56492B61EF79F6
      11:55:52.0954 4528 ssadserd ( LockedFile.Multi.Generic ) - warning
      11:55:52.0954 4528 ssadserd - detected LockedFile.Multi.Generic (1)
      11:55:53.0050 4528 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      11:55:53.0080 4528 SSDPSRV - ok
      11:55:53.0132 4528 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
      11:55:53.0180 4528 SstpSvc - ok
      11:55:53.0235 4528 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\STacSV.exe
      11:55:53.0273 4528 STacSV - ok
      11:55:53.0326 4528 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
      11:55:53.0326 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\stwrt.sys. md5: 6A2A5E809C2C0178326D92B19EE4AAD3
      11:55:53.0363 4528 STHDA ( LockedFile.Multi.Generic ) - warning
      11:55:53.0363 4528 STHDA - detected LockedFile.Multi.Generic (1)
      11:55:53.0436 4528 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
      11:55:53.0486 4528 stisvc - ok
      11:55:53.0623 4528 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      11:55:53.0631 4528 stllssvr ( UnsignedFile.Multi.Generic ) - warning
      11:55:53.0631 4528 stllssvr - detected UnsignedFile.Multi.Generic (1)
      11:55:53.0695 4528 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
      11:55:53.0696 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\swenum.sys. md5: 7BA58ECF0C0A9A69D44B3DCA62BECF56
      11:55:53.0709 4528 swenum ( LockedFile.Multi.Generic ) - warning
      11:55:53.0709 4528 swenum - detected LockedFile.Multi.Generic (1)
      11:55:53.0778 4528 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
      11:55:53.0821 4528 swprv - ok
      11:55:53.0880 4528 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
      11:55:53.0881 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\symc8xx.sys. md5: 192AA3AC01DF071B541094F251DEED10
      11:55:53.0914 4528 Symc8xx ( LockedFile.Multi.Generic ) - warning
      11:55:53.0914 4528 Symc8xx - detected LockedFile.Multi.Generic (1)
      11:55:53.0962 4528 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
      11:55:53.0963 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_hi.sys. md5: 8C8EB8C76736EBAF3B13B633B2E64125
      11:55:53.0975 4528 Sym_hi ( LockedFile.Multi.Generic ) - warning
      11:55:53.0975 4528 Sym_hi - detected LockedFile.Multi.Generic (1)
      11:55:54.0018 4528 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
      11:55:54.0019 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\sym_u3.sys. md5: 8072AF52B5FD103BBBA387A1E49F62CB
      11:55:54.0032 4528 Sym_u3 ( LockedFile.Multi.Generic ) - warning
      11:55:54.0032 4528 Sym_u3 - detected LockedFile.Multi.Generic (1)
      11:55:54.0145 4528 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
      11:55:54.0243 4528 SysMain - ok
      11:55:54.0344 4528 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
      11:55:54.0400 4528 TabletInputService - ok
      11:55:54.0475 4528 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
      11:55:54.0548 4528 TapiSrv - ok
      11:55:54.0632 4528 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
      11:55:54.0676 4528 TBS - ok
      11:55:54.0794 4528 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      11:55:54.0794 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: EE7E10BED85C312C1D5D30C435BDDA9F
      11:55:54.0849 4528 Tcpip ( LockedFile.Multi.Generic ) - warning
      11:55:54.0849 4528 Tcpip - detected LockedFile.Multi.Generic (1)
      11:55:54.0924 4528 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
      11:55:54.0925 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: EE7E10BED85C312C1D5D30C435BDDA9F
      11:55:54.0975 4528 Tcpip6 ( LockedFile.Multi.Generic ) - warning
      11:55:54.0975 4528 Tcpip6 - detected LockedFile.Multi.Generic (1)
      11:55:55.0029 4528 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      11:55:55.0030 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: 2C2D4CFF5E09C73908F9B5AF49A51365
      11:55:55.0040 4528 tcpipreg ( LockedFile.Multi.Generic ) - warning
      11:55:55.0040 4528 tcpipreg - detected LockedFile.Multi.Generic (1)
      11:55:55.0097 4528 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      11:55:55.0098 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 5DCF5E267BE67A1AE926F2DF77FBCC56
      11:55:55.0106 4528 TDPIPE ( LockedFile.Multi.Generic ) - warning
      11:55:55.0106 4528 TDPIPE - detected LockedFile.Multi.Generic (1)
      11:55:55.0153 4528 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      11:55:55.0154 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 389C63E32B3CEFED425B61ED92D3F021
      11:55:55.0163 4528 TDTCP ( LockedFile.Multi.Generic ) - warning
      11:55:55.0163 4528 TDTCP - detected LockedFile.Multi.Generic (1)
      11:55:55.0234 4528 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      11:55:55.0234 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: 76B06EB8A01FC8624D699E7045303E54
      11:55:55.0244 4528 tdx ( LockedFile.Multi.Generic ) - warning
      11:55:55.0244 4528 tdx - detected LockedFile.Multi.Generic (1)
      11:55:55.0298 4528 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
      11:55:55.0299 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\termdd.sys. md5: 3CAD38910468EAB9A6479E2F01DB43C7
      11:55:55.0307 4528 TermDD ( LockedFile.Multi.Generic ) - warning
      11:55:55.0308 4528 TermDD - detected LockedFile.Multi.Generic (1)
      11:55:55.0364 4528 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
      11:55:55.0424 4528 TermService - ok
      11:55:55.0507 4528 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
      11:55:55.0524 4528 Themes - ok
      11:55:55.0562 4528 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
      11:55:55.0587 4528 THREADORDER - ok
      11:55:55.0679 4528 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
      11:55:55.0728 4528 TrkWks - ok
      11:55:55.0810 4528 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      11:55:55.0849 4528 TrustedInstaller - ok
      11:55:55.0925 4528 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      11:55:55.0925 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: DCF0F056A2E4F52287264F5AB29CF206
      11:55:55.0952 4528 tssecsrv ( LockedFile.Multi.Generic ) - warning
      11:55:55.0952 4528 tssecsrv - detected LockedFile.Multi.Generic (1)
      11:55:56.0167 4528 [ F1FC6757367EB71ABA161F7E9346FC54 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
      11:55:56.0293 4528 TuneUp.UtilitiesSvc - ok
      11:55:56.0381 4528 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
      11:55:56.0394 4528 TuneUpUtilitiesDrv - ok
      11:55:56.0440 4528 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
      11:55:56.0440 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunmp.sys. md5: CAECC0120AC49E3D2F758B9169872D38
      11:55:56.0474 4528 tunmp ( LockedFile.Multi.Generic ) - warning
      11:55:56.0474 4528 tunmp - detected LockedFile.Multi.Generic (1)
      11:55:56.0525 4528 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      11:55:56.0525 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: 300DB877AC094FEAB0BE7688C3454A9C
      11:55:56.0534 4528 tunnel ( LockedFile.Multi.Generic ) - warning
      11:55:56.0534 4528 tunnel - detected LockedFile.Multi.Generic (1)
      11:55:56.0604 4528 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
      11:55:56.0605 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\uagp35.sys. md5: C3ADE15414120033A36C0F293D4A4121
      11:55:56.0614 4528 uagp35 ( LockedFile.Multi.Generic ) - warning
      11:55:56.0615 4528 uagp35 - detected LockedFile.Multi.Generic (1)
      11:55:56.0713 4528 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      11:55:56.0713 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: D9728AF68C4C7693CB100B8441CBDEC6
      11:55:56.0722 4528 udfs ( LockedFile.Multi.Generic ) - warning
      11:55:56.0722 4528 udfs - detected LockedFile.Multi.Generic (1)
      11:55:56.0832 4528 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      11:55:56.0893 4528 UI0Detect - ok
      11:55:56.0936 4528 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      11:55:56.0936 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliagpkx.sys. md5: 6D72EF05921ABDF59FC45C7EBFE7E8DD
      11:55:56.0942 4528 uliagpkx ( LockedFile.Multi.Generic ) - warning
      11:55:56.0942 4528 uliagpkx - detected LockedFile.Multi.Generic (1)
      11:55:56.0992 4528 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
      11:55:56.0992 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliahci.sys. md5: 3CD4EA35A6221B85DCC25DAA46313F8D
      11:55:57.0035 4528 uliahci ( LockedFile.Multi.Generic ) - warning
      11:55:57.0035 4528 uliahci - detected LockedFile.Multi.Generic (1)
      11:55:57.0073 4528 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
      11:55:57.0073 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata.sys. md5: 8514D0E5CD0534467C5FC61BE94A569F
      11:55:57.0083 4528 UlSata ( LockedFile.Multi.Generic ) - warning
      11:55:57.0083 4528 UlSata - detected LockedFile.Multi.Generic (1)
      11:55:57.0118 4528 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
      11:55:57.0118 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ulsata2.sys. md5: 38C3C6E62B157A6BC46594FADA45C62B
      11:55:57.0155 4528 ulsata2 ( LockedFile.Multi.Generic ) - warning
      11:55:57.0155 4528 ulsata2 - detected LockedFile.Multi.Generic (1)
      11:55:57.0211 4528 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
      11:55:57.0212 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umbus.sys. md5: 32CFF9F809AE9AED85464492BF3E32D2
      11:55:57.0221 4528 umbus ( LockedFile.Multi.Generic ) - warning
      11:55:57.0221 4528 umbus - detected LockedFile.Multi.Generic (1)
      11:55:57.0283 4528 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
      11:55:57.0315 4528 upnphost - ok
      11:55:57.0381 4528 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
      11:55:57.0382 4528 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbaapl.sys. md5: 8BF5D980CDCE35FB26F05047144BB57E
      11:55:57.0387 4528 USBAAPL ( LockedFile.Multi.Generic ) - warning
      11:55:57.0387 4528 USBAAPL - detected LockedFile.Multi.Generic (1)
      11:55:57.0466 4528 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      11:55:57.0467 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: CAF811AE4C147FFCD5B51750C7F09142
      11:55:57.0473 4528 usbccgp ( LockedFile.Multi.Generic ) - warning
      11:55:57.0473 4528 usbccgp - detected LockedFile.Multi.Generic (1)
      11:55:57.0547 4528 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      11:55:57.0547 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: E9476E6C486E76BC4898074768FB7131
      11:55:57.0556 4528 usbcir ( LockedFile.Multi.Generic ) - warning
      11:55:57.0556 4528 usbcir - detected LockedFile.Multi.Generic (1)
      11:55:57.0617 4528 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      11:55:57.0617 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbehci.sys. md5: 79E96C23A97CE7B8F14D310DA2DB0C9B
      11:55:57.0665 4528 usbehci ( LockedFile.Multi.Generic ) - warning
      11:55:57.0665 4528 usbehci - detected LockedFile.Multi.Generic (1)
      11:55:57.0730 4528 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      11:55:57.0730 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: 4673BBCB006AF60E7ABDDBE7A130BA42
      11:55:57.0739 4528 usbhub ( LockedFile.Multi.Generic ) - warning
      11:55:57.0739 4528 usbhub - detected LockedFile.Multi.Generic (1)
      11:55:57.0790 4528 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
      11:55:57.0791 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbohci.sys. md5: 38DBC7DD6CC5A72011F187425384388B
      11:55:57.0819 4528 usbohci ( LockedFile.Multi.Generic ) - warning
      11:55:57.0819 4528 usbohci - detected LockedFile.Multi.Generic (1)
      11:55:57.0885 4528 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      11:55:57.0886 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: E75C4B5269091D15A2E7DC0B6D35F2F5
      11:55:57.0892 4528 usbprint ( LockedFile.Multi.Generic ) - warning
      11:55:57.0892 4528 usbprint - detected LockedFile.Multi.Generic (1)
      11:55:57.0965 4528 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
      11:55:57.0965 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbscan.sys. md5: A508C9BD8724980512136B039BBA65E9
      11:55:57.0971 4528 usbscan ( LockedFile.Multi.Generic ) - warning
      11:55:57.0971 4528 usbscan - detected LockedFile.Multi.Generic (1)
      11:55:58.0047 4528 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      11:55:58.0048 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: BE3DA31C191BC222D9AD503C5224F2AD
      11:55:58.0055 4528 USBSTOR ( LockedFile.Multi.Generic ) - warning
      11:55:58.0055 4528 USBSTOR - detected LockedFile.Multi.Generic (1)
      11:55:58.0104 4528 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
      11:55:58.0104 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbuhci.sys. md5: 814D653EFC4D48BE3B04A307ECEFF56F
      11:55:58.0111 4528 usbuhci ( LockedFile.Multi.Generic ) - warning
      11:55:58.0111 4528 usbuhci - detected LockedFile.Multi.Generic (1)
      11:55:58.0161 4528 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
      11:55:58.0188 4528 UxSms - ok
      11:55:58.0291 4528 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
      11:55:58.0368 4528 vds - ok
      11:55:58.0435 4528 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      11:55:58.0436 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: 7D92BE0028ECDEDEC74617009084B5EF
      11:55:58.0484 4528 vga ( LockedFile.Multi.Generic ) - warning
      11:55:58.0485 4528 vga - detected LockedFile.Multi.Generic (1)
      11:55:58.0549 4528 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
      11:55:58.0549 4528 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 2E93AC0A1D8C79D019DB6C51F036636C
      11:55:58.0566 4528 VgaSave ( LockedFile.Multi.Generic ) - warning
      11:55:58.0566 4528 VgaSave - detected LockedFile.Multi.Generic (1)
      11:55:58.0611 4528 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
      11:55:58.0612 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaagp.sys. md5: D5929A28BDFF4367A12CAF06AF901971
      11:55:58.0619 4528 viaagp ( LockedFile.Multi.Generic ) - warning
      11:55:58.0619 4528 viaagp - detected LockedFile.Multi.Generic (1)
      11:55:58.0650 4528 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
      11:55:58.0650 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\viac7.sys. md5: 56A4DE5F02F2E88182B0981119B4DD98
      11:55:58.0659 4528 ViaC7 ( LockedFile.Multi.Generic ) - warning
      11:55:58.0659 4528 ViaC7 - detected LockedFile.Multi.Generic (1)
      11:55:58.0699 4528 [ F3B4762EB85A2AFF4999401F14C3262B ] viaide C:\Windows\system32\drivers\viaide.sys
      11:55:58.0700 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: F3B4762EB85A2AFF4999401F14C3262B
      11:55:58.0708 4528 viaide ( LockedFile.Multi.Generic ) - warning
      11:55:58.0708 4528 viaide - detected LockedFile.Multi.Generic (1)
      11:55:58.0769 4528 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      11:55:58.0770 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: 69503668AC66C77C6CD7AF86FBDF8C43
      11:55:58.0810 4528 volmgr ( LockedFile.Multi.Generic ) - warning
      11:55:58.0810 4528 volmgr - detected LockedFile.Multi.Generic (1)
      11:55:58.0918 4528 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      11:55:58.0919 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: 23E41B834759917BFD6B9A0D625D0C28
      11:55:58.0930 4528 volmgrx ( LockedFile.Multi.Generic ) - warning
      11:55:58.0930 4528 volmgrx - detected LockedFile.Multi.Generic (1)
      11:55:59.0014 4528 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
      11:55:59.0014 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: 786DB5771F05EF300390399F626BF30A
      11:55:59.0020 4528 volsnap ( LockedFile.Multi.Generic ) - warning
      11:55:59.0021 4528 volsnap - detected LockedFile.Multi.Generic (1)
      11:55:59.0069 4528 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
      11:55:59.0070 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\vsmraid.sys. md5: D984439746D42B30FC65A4C3546C6829
      11:55:59.0079 4528 vsmraid ( LockedFile.Multi.Generic ) - warning
      11:55:59.0079 4528 vsmraid - detected LockedFile.Multi.Generic (1)
      11:55:59.0166 4528 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
      11:55:59.0268 4528 VSS - ok
      11:55:59.0324 4528 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
      11:55:59.0393 4528 W32Time - ok
      11:55:59.0491 4528 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
      11:55:59.0491 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\wacompen.sys. md5: 48DFEE8F1AF7C8235D4E626F0C4FE031
      11:55:59.0519 4528 WacomPen ( LockedFile.Multi.Generic ) - warning
      11:55:59.0519 4528 WacomPen - detected LockedFile.Multi.Generic (1)
      11:55:59.0574 4528 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
      11:55:59.0574 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 55201897378CCA7AF8B5EFD874374A26
      11:55:59.0583 4528 Wanarp ( LockedFile.Multi.Generic ) - warning
      11:55:59.0583 4528 Wanarp - detected LockedFile.Multi.Generic (1)
      11:55:59.0602 4528 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      11:55:59.0602 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 55201897378CCA7AF8B5EFD874374A26
      11:55:59.0611 4528 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
      11:55:59.0611 4528 Wanarpv6 - detected LockedFile.Multi.Generic (1)
      11:55:59.0674 4528 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
      11:55:59.0728 4528 WcesComm - ok
      11:55:59.0807 4528 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
      11:55:59.0902 4528 wcncsvc - ok
      11:55:59.0991 4528 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      11:56:00.0046 4528 WcsPlugInService - ok
      11:56:00.0130 4528 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
      11:56:00.0131 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\wd.sys. md5: AFC5AD65B991C1E205CF25CFDBF7A6F4
      11:56:00.0154 4528 Wd ( LockedFile.Multi.Generic ) - warning
      11:56:00.0154 4528 Wd - detected LockedFile.Multi.Generic (1)
      11:56:00.0266 4528 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      11:56:00.0267 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: A840213F1ACDCC175B4D1D5AAEAC0D7A
      11:56:00.0277 4528 Wdf01000 ( LockedFile.Multi.Generic ) - warning
      11:56:00.0277 4528 Wdf01000 - detected LockedFile.Multi.Generic (1)
      11:56:00.0349 4528 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
      11:56:00.0404 4528 WdiServiceHost - ok
      11:56:00.0432 4528 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
      11:56:00.0458 4528 WdiSystemHost - ok
      11:56:00.0535 4528 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
      11:56:00.0578 4528 WebClient - ok
      11:56:00.0677 4528 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
      11:56:00.0719 4528 Wecsvc - ok
      11:56:00.0793 4528 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      11:56:00.0836 4528 wercplsupport - ok
      11:56:00.0907 4528 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
      11:56:00.0931 4528 WerSvc - ok
      11:56:01.0014 4528 [ 4DACA8F07537D4D7E3534BB99294AA26 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
      11:56:01.0014 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HSX_CNXT.sys. md5: 4DACA8F07537D4D7E3534BB99294AA26
      11:56:01.0067 4528 winachsf ( LockedFile.Multi.Generic ) - warning
      11:56:01.0067 4528 winachsf - detected LockedFile.Multi.Generic (1)
      11:56:01.0170 4528 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
      11:56:01.0193 4528 WinDefend - ok
      11:56:01.0231 4528 WinHttpAutoProxySvc - ok
      11:56:01.0322 4528 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      11:56:01.0350 4528 Winmgmt - ok
      11:56:01.0437 4528 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
      11:56:01.0582 4528 WinRM - ok
      11:56:01.0748 4528 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
      11:56:01.0861 4528 Wlansvc - ok
      11:56:01.0982 4528 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
      11:56:02.0007 4528 wlcrasvc - ok
      11:56:02.0142 4528 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      11:56:02.0291 4528 wlidsvc - ok
      11:56:02.0382 4528 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
      11:56:02.0382 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wmiacpi.sys. md5: 2E7255D172DF0B8283CDFB7B433B864E
      11:56:02.0418 4528 WmiAcpi ( LockedFile.Multi.Generic ) - warning
      11:56:02.0418 4528 WmiAcpi - detected LockedFile.Multi.Generic (1)
      11:56:02.0491 4528 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      11:56:02.0530 4528 wmiApSrv - ok
      11:56:02.0647 4528 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
      11:56:02.0821 4528 WMPNetworkSvc - ok
      11:56:02.0929 4528 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
      11:56:02.0999 4528 WPCSvc - ok
      11:56:03.0084 4528 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      11:56:03.0142 4528 WPDBusEnum - ok
      11:56:03.0187 4528 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
      11:56:03.0187 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wpdusb.sys. md5: DE9D36F91A4DF3D911626643DEBF11EA
      11:56:03.0207 4528 WpdUsb ( LockedFile.Multi.Generic ) - warning
      11:56:03.0207 4528 WpdUsb - detected LockedFile.Multi.Generic (1)
      11:56:03.0267 4528 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      11:56:03.0267 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: E3A3CB253C0EC2494D4A61F5E43A389C
      11:56:03.0276 4528 ws2ifsl ( LockedFile.Multi.Generic ) - warning
      11:56:03.0276 4528 ws2ifsl - detected LockedFile.Multi.Generic (1)
      11:56:03.0330 4528 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
      11:56:03.0388 4528 wscsvc - ok
      11:56:03.0441 4528 WSearch - ok
      11:56:03.0656 4528 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
      11:56:03.0808 4528 wuauserv - ok
      11:56:03.0895 4528 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      11:56:03.0895 4528 Suspicious file (NoAccess): C:\Windows\system32\drivers\WudfPf.sys. md5: 06E6F32C8D0A3F66D956F57B43A2E070
      11:56:03.0918 4528 WudfPf ( LockedFile.Multi.Generic ) - warning
      11:56:03.0918 4528 WudfPf - detected LockedFile.Multi.Generic (1)
      11:56:03.0966 4528 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      11:56:03.0967 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 867C301E8B790040AE9CF6486E8041DF
      11:56:03.0974 4528 WUDFRd ( LockedFile.Multi.Generic ) - warning
      11:56:03.0974 4528 WUDFRd - detected LockedFile.Multi.Generic (1)
      11:56:04.0074 4528 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      11:56:04.0115 4528 wudfsvc - ok
      11:56:04.0178 4528 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
      11:56:04.0178 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\xaudio.sys. md5: 5A7FF9A18FF6D7E0527FE3ABF9204EF8
      11:56:04.0185 4528 XAudio ( LockedFile.Multi.Generic ) - warning
      11:56:04.0185 4528 XAudio - detected LockedFile.Multi.Generic (1)
      11:56:04.0226 4528 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
      11:56:04.0226 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\xaudio.exe. md5: 28DC5D626E036A75A572556F0A6EB1F6
      11:56:04.0234 4528 XAudioService ( LockedFile.Multi.Generic ) - warning
      11:56:04.0234 4528 XAudioService - detected LockedFile.Multi.Generic (1)
      11:56:04.0354 4528 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
      11:56:04.0397 4528 YahooAUService - ok
      11:56:04.0478 4528 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
      11:56:04.0479 4528 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\yk60x86.sys. md5: 04E268ADFC81964C49DC0C082D520F7E
      11:56:04.0507 4528 yukonwlh ( LockedFile.Multi.Generic ) - warning
      11:56:04.0507 4528 yukonwlh - detected LockedFile.Multi.Generic (1)
      11:56:04.0552 4528 ================ Scan global ===============================
      11:56:04.0694 4528 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
      11:56:04.0742 4528 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
      11:56:04.0786 4528 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
      11:56:04.0824 4528 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
      11:56:04.0834 4528 [Global] - ok
      11:56:04.0834 4528 ================ Scan MBR ==================================
      11:56:04.0849 4528 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
      11:56:05.0378 4528 \Device\Harddisk0\DR0 - ok
      11:56:05.0378 4528 ================ Scan VBR ==================================
      11:56:05.0424 4528 [ 722FEA9A29EE1E3192ED44AACA7A071D ] \Device\Harddisk0\DR0\Partition1
      11:56:05.0427 4528 \Device\Harddisk0\DR0\Partition1 - ok
      11:56:05.0435 4528 [ D5CE80E70BA333DE37571B73E2F905B1 ] \Device\Harddisk0\DR0\Partition2
      11:56:05.0442 4528 \Device\Harddisk0\DR0\Partition2 - ok
      11:56:05.0443 4528 ============================================================
      11:56:05.0443 4528 Scan finished
      11:56:05.0443 4528 ============================================================
      11:56:05.0468 1480 Detected object count: 222
      11:56:05.0468 1480 Actual detected object count: 222
      11:58:26.0024 1480 C:\Windows\System32\Drivers\5af9880ab55a59a8.sys - copied to quarantine
      11:58:26.0064 1480 HKLM\SYSTEM\ControlSet001\services\5af9880ab55a59a8 - will be deleted on reboot
      11:58:26.0119 1480 HKLM\SYSTEM\ControlSet002\services\5af9880ab55a59a8 - will be deleted on reboot
      11:58:26.0455 1480 C:\Windows\System32\Drivers\5af9880ab55a59a8.sys - will be deleted on reboot
      11:58:26.0456 1480 5af9880ab55a59a8 ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
      11:58:26.0458 1480 AresChatServer ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0458 1480 AresChatServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0460 1480 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0461 1480 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0463 1480 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0463 1480 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0465 1480 ggflt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0465 1480 ggflt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0468 1480 ggsemc ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0468 1480 ggsemc ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0471 1480 HidBth ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0471 1480 HidBth ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0474 1480 HidIr ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0474 1480 HidIr ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0476 1480 HidUsb ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0476 1480 HidUsb ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0478 1480 HSF_DPV ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0479 1480 HSF_DPV ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0481 1480 HSXHWAZL ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0481 1480 HSXHWAZL ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0483 1480 HTTP ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0483 1480 HTTP ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0486 1480 i2omp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0486 1480 i2omp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0489 1480 i8042prt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0489 1480 i8042prt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0492 1480 iaStor ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0492 1480 iaStor ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0494 1480 iaStorV ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0494 1480 iaStorV ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0496 1480 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0497 1480 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0499 1480 igfx ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0499 1480 igfx ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0501 1480 iirsp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0501 1480 iirsp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0504 1480 IntcHdmiAddService ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0504 1480 IntcHdmiAddService ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0508 1480 intelide ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0508 1480 intelide ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0509 1480 intelppm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0510 1480 intelppm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0512 1480 IpFilterDriver ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0512 1480 IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0514 1480 IPMIDRV ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0514 1480 IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0517 1480 IPNAT ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0517 1480 IPNAT ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0521 1480 IRENUM ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0521 1480 IRENUM ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0523 1480 isapnp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0523 1480 isapnp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0526 1480 iScsiPrt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0527 1480 iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0530 1480 iteatapi ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0530 1480 iteatapi ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0532 1480 iteraid ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0532 1480 iteraid ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0534 1480 kbdclass ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0535 1480 kbdclass ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0538 1480 kbdhid ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0538 1480 kbdhid ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0540 1480 KSecDD ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0540 1480 KSecDD ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0543 1480 lltdio ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0543 1480 lltdio ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0545 1480 LSI_FC ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0545 1480 LSI_FC ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0547 1480 LSI_SAS ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0548 1480 LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0550 1480 LSI_SCSI ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0550 1480 LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0552 1480 luafv ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0552 1480 luafv ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0556 1480 mdmxsdk ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0556 1480 mdmxsdk ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0558 1480 megasas ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0558 1480 megasas ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0561 1480 Modem ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0561 1480 Modem ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0563 1480 monitor ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0563 1480 monitor ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0565 1480 mouclass ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0566 1480 mouclass ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0568 1480 mouhid ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0568 1480 mouhid ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0571 1480 MountMgr ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0571 1480 MountMgr ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0574 1480 mpio ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0574 1480 mpio ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0576 1480 mpsdrv ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0576 1480 mpsdrv ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0578 1480 Mraid35x ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0579 1480 Mraid35x ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0581 1480 MRxDAV ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0581 1480 MRxDAV ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0583 1480 mrxsmb ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0583 1480 mrxsmb ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0586 1480 mrxsmb10 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0586 1480 mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0589 1480 mrxsmb20 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0589 1480 mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0591 1480 msahci ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0591 1480 msahci ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0594 1480 msdsm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0594 1480 msdsm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0596 1480 Msfs ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0596 1480 Msfs ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0599 1480 msisadrv ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0599 1480 msisadrv ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0601 1480 MSKSSRV ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0601 1480 MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0604 1480 MSPCLOCK ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0604 1480 MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0607 1480 MSPQM ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0607 1480 MSPQM ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0609 1480 MsRPC ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0609 1480 MsRPC ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0612 1480 mssmbios ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0612 1480 mssmbios ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0614 1480 MSTEE ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0614 1480 MSTEE ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0616 1480 Mup ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0617 1480 Mup ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0619 1480 NativeWifiP ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0619 1480 NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0622 1480 NDIS ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0622 1480 NDIS ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0624 1480 NdisTapi ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0625 1480 NdisTapi ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0627 1480 Ndisuio ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0627 1480 Ndisuio ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0629 1480 NdisWan ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0629 1480 NdisWan ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0632 1480 NDProxy ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0632 1480 NDProxy ( LockedFile.Multi.Generic ) - User select action: Skip

    6. #6
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      11:58:26.0634 1480 NetBIOS ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0634 1480 NetBIOS ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0637 1480 netbt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0637 1480 netbt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0640 1480 NETw4v32 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0640 1480 NETw4v32 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0642 1480 nfrd960 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0642 1480 nfrd960 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0645 1480 Npfs ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0645 1480 Npfs ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0647 1480 nsiproxy ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0647 1480 nsiproxy ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0649 1480 Ntfs ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0650 1480 Ntfs ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0652 1480 ntrigdigi ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0652 1480 ntrigdigi ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0655 1480 Null ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0655 1480 Null ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0658 1480 nvraid ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0658 1480 nvraid ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0660 1480 nvstor ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0660 1480 nvstor ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0663 1480 nv_agp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0663 1480 nv_agp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0665 1480 ohci1394 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0665 1480 ohci1394 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0667 1480 PAC207 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0668 1480 PAC207 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0672 1480 Parport ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0672 1480 Parport ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0673 1480 partmgr ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0673 1480 partmgr ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0676 1480 Parvdm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0676 1480 Parvdm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0678 1480 pci ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0678 1480 pci ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0680 1480 pciide ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0680 1480 pciide ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0683 1480 pcmcia ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0683 1480 pcmcia ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0685 1480 PEAUTH ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0685 1480 PEAUTH ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0688 1480 PptpMiniport ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0688 1480 PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0691 1480 Processor ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0691 1480 Processor ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0693 1480 PSched ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0693 1480 PSched ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0696 1480 PxHelp20 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0696 1480 PxHelp20 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0698 1480 ql2300 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0698 1480 ql2300 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0700 1480 ql40xx ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0700 1480 ql40xx ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0703 1480 QWAVEdrv ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0703 1480 QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0703 1480 R300 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0703 1480 R300 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0706 1480 RasAcd ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0707 1480 RasAcd ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0709 1480 Rasl2tp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0709 1480 Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0711 1480 RasPppoe ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0711 1480 RasPppoe ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0714 1480 RasSstp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0714 1480 RasSstp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0716 1480 rdbss ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0716 1480 rdbss ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0718 1480 RDPCDD ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0718 1480 RDPCDD ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0721 1480 rdpdr ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0721 1480 rdpdr ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0724 1480 RDPENCDD ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0724 1480 RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0726 1480 RDPWD ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0727 1480 RDPWD ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0729 1480 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0729 1480 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0731 1480 rimmptsk ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0731 1480 rimmptsk ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0734 1480 rimsptsk ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0734 1480 rimsptsk ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0736 1480 rismxdp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0736 1480 rismxdp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0739 1480 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0739 1480 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0742 1480 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0742 1480 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0744 1480 rspndr ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0744 1480 rspndr ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0747 1480 s0017bus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0747 1480 s0017bus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0749 1480 s0017mdfl ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0749 1480 s0017mdfl ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0751 1480 s0017mdm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0751 1480 s0017mdm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0754 1480 s0017mgmt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0754 1480 s0017mgmt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0757 1480 s0017nd5 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0757 1480 s0017nd5 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0759 1480 s0017obex ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0759 1480 s0017obex ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0762 1480 s0017unic ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0762 1480 s0017unic ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0764 1480 s117bus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0764 1480 s117bus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0767 1480 s117mdfl ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0767 1480 s117mdfl ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0769 1480 s117mdm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0769 1480 s117mdm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0772 1480 s117mgmt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0772 1480 s117mgmt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0775 1480 s117nd5 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0775 1480 s117nd5 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0777 1480 s117obex ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0777 1480 s117obex ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0780 1480 s117unic ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0780 1480 s117unic ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0782 1480 s217bus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0782 1480 s217bus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0784 1480 s217mdfl ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0784 1480 s217mdfl ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0789 1480 s217mdm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0789 1480 s217mdm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0790 1480 s217nd5 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0790 1480 s217nd5 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0792 1480 s217obex ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0793 1480 s217obex ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0795 1480 s217unic ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0795 1480 s217unic ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0797 1480 s3017bus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0798 1480 s3017bus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0800 1480 s3017mdfl ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0800 1480 s3017mdfl ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0802 1480 s3017mdm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0802 1480 s3017mdm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0805 1480 s3017mgmt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0805 1480 s3017mgmt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0808 1480 sbp2port ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0808 1480 sbp2port ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0810 1480 sdbus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0810 1480 sdbus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0813 1480 SE31bus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0813 1480 SE31bus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0815 1480 SE31mdfl ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0815 1480 SE31mdfl ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0818 1480 SE31mdm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0818 1480 SE31mdm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0820 1480 SE31mgmt ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0820 1480 SE31mgmt ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0823 1480 SE31obex ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0824 1480 SE31obex ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0826 1480 secdrv ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0826 1480 secdrv ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0828 1480 seehcri ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0828 1480 seehcri ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0831 1480 Serenum ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0831 1480 Serenum ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0833 1480 Serial ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0833 1480 Serial ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0835 1480 sermouse ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0836 1480 sermouse ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0838 1480 sffdisk ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0839 1480 sffdisk ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0841 1480 sffp_mmc ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0841 1480 sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0844 1480 sffp_sd ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0844 1480 sffp_sd ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0846 1480 sfloppy ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0846 1480 sfloppy ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0848 1480 sisagp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0849 1480 sisagp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0851 1480 SiSRaid2 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0851 1480 SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0853 1480 SiSRaid4 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0854 1480 SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0857 1480 Smb ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0857 1480 Smb ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0859 1480 spldr ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0859 1480 spldr ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0861 1480 srv ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0862 1480 srv ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0864 1480 srv2 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0864 1480 srv2 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0866 1480 srvnet ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0866 1480 srvnet ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0869 1480 ssadbus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0869 1480 ssadbus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0872 1480 ssadmdfl ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0872 1480 ssadmdfl ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0875 1480 ssadmdm ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0875 1480 ssadmdm ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0877 1480 ssadserd ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0877 1480 ssadserd ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0879 1480 STHDA ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0879 1480 STHDA ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0882 1480 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
      11:58:26.0882 1480 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0885 1480 swenum ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0885 1480 swenum ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0888 1480 Symc8xx ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0888 1480 Symc8xx ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0891 1480 Sym_hi ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0892 1480 Sym_hi ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0894 1480 Sym_u3 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0895 1480 Sym_u3 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0897 1480 Tcpip ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0898 1480 Tcpip ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0900 1480 Tcpip6 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0900 1480 Tcpip6 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0902 1480 tcpipreg ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0902 1480 tcpipreg ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0905 1480 TDPIPE ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0905 1480 TDPIPE ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0908 1480 TDTCP ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0908 1480 TDTCP ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0910 1480 tdx ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0910 1480 tdx ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0913 1480 TermDD ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0913 1480 TermDD ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0915 1480 tssecsrv ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0915 1480 tssecsrv ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0917 1480 tunmp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0918 1480 tunmp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0920 1480 tunnel ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0920 1480 tunnel ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0923 1480 uagp35 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0923 1480 uagp35 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0925 1480 udfs ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0925 1480 udfs ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0928 1480 uliagpkx ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0928 1480 uliagpkx ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0930 1480 uliahci ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0930 1480 uliahci ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0932 1480 UlSata ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0933 1480 UlSata ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0935 1480 ulsata2 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0935 1480 ulsata2 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0937 1480 umbus ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0937 1480 umbus ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0941 1480 USBAAPL ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0941 1480 USBAAPL ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0943 1480 usbccgp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0943 1480 usbccgp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0945 1480 usbcir ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0946 1480 usbcir ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0948 1480 usbehci ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0948 1480 usbehci ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0950 1480 usbhub ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0950 1480 usbhub ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0953 1480 usbohci ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0953 1480 usbohci ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0956 1480 usbprint ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0956 1480 usbprint ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0958 1480 usbscan ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0958 1480 usbscan ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0959 1480 USBSTOR ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0959 1480 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0961 1480 usbuhci ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0961 1480 usbuhci ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0963 1480 vga ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0963 1480 vga ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0966 1480 VgaSave ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0966 1480 VgaSave ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0968 1480 viaagp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0968 1480 viaagp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0971 1480 ViaC7 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0971 1480 ViaC7 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0974 1480 viaide ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0974 1480 viaide ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0977 1480 volmgr ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0977 1480 volmgr ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0979 1480 volmgrx ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0979 1480 volmgrx ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0981 1480 volsnap ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0982 1480 volsnap ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0984 1480 vsmraid ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0984 1480 vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0986 1480 WacomPen ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0986 1480 WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0989 1480 Wanarp ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0989 1480 Wanarp ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0992 1480 Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0992 1480 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0995 1480 Wd ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0995 1480 Wd ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0997 1480 Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
      11:58:26.0997 1480 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:26.0999 1480 winachsf ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0000 1480 winachsf ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0002 1480 WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0002 1480 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0006 1480 WpdUsb ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0006 1480 WpdUsb ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0008 1480 ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0008 1480 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0010 1480 WudfPf ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0010 1480 WudfPf ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0013 1480 WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0013 1480 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0015 1480 XAudio ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0015 1480 XAudio ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0017 1480 XAudioService ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0018 1480 XAudioService ( LockedFile.Multi.Generic ) - User select action: Skip
      11:58:27.0020 1480 yukonwlh ( LockedFile.Multi.Generic ) - skipped by user
      11:58:27.0020 1480 yukonwlh ( LockedFile.Multi.Generic ) - User select action: Skip
      11:59:30.0423 4748 Deinitialize success

    7. #7
      Moderador Gral.
      Avatar de @Leosolari
      Registrado
      jun 2007
      Ubicación
      Argentina
      Mensajes
      58.637

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      Hola


      Descargá Malwarebytes Anti-Rootkit BETA a Tu escritorio.

      • Lo descomprimes.
      • Dentro de la carpeta Mbar ejecutá Mbar.exe.
      • Presioná Next , luego Update para permitir actualizar.
      • Nuevamente Next.
      • Pulsá Scan para comenzar el análisis.
      • Permití Reiniciar si te lo solicita.



      En tu próximo mensaje nos pegas su reporte.





      Descargá la herramienta ComboFix.exe a Tu escritorio.

      • Desactivá temporalmente el Antivirus y/o Antispyware. Cómo deshabilitar temporalmente su Antivirus
      • Cerrá todas las ventanas abiertas.
      • Hacá doble clic en el archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.




      Notas Importantes:

      • Mientras CF este trabajando, no debes mover el mouse ya que pararía su proceso.
      • ComboFix Puede Reiniciar automáticamente el PC para completar el proceso de eliminación.
      • Una vez Terminado el Trabajo de ComboFix, podes activar Tu antivirus.
      • No Pongas los Reportes Dentro de Etiquetas Code ni HTML.




      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      El reporte generado, se encuentra en C:\ComboFix.txt . Abrilo, seleccionas Todo y lo copias y pegas en Tu próxima respuesta.



      Saludos
      Síguenos en Twitter y hazte nuestro amigo en Facebook.

    8. #8
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      Hola,
      Les dejo el reporte de Malwarebytes Anti-Rootkit BETA
      Saludos!

      Malwarebytes Anti-Rootkit 1.01.0.1011
      Malwarebytes : Free anti-malware download

      Database version: v2012.12.24.10

      Windows Vista Service Pack 2 x86 NTFS
      Internet Explorer 9.0.8112.16421
      Omar L. Ucán :: OMYLAP [administrator]

      24/12/2012 05:59:50 p.m.
      mbar-log-2012-12-24 (17-59-50).txt

      Scan type: Quick scan
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
      Scan options disabled:
      Objects scanned: 29513
      Time elapsed: 15 minute(s), 18 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 1
      C:\Windows\Installer\{ED1BD309-2650-1B5F-CA43-5F14A9DD7B8A}\syshost.exe (Trojan.LameShield) -> Delete on reboot.

      (end)

    9. #9
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      Hola Nuevamente, les dejo el reporte de Combofix, lo envío en varias partes debido al tamaño del reporte.


      ComboFix 12-12-10.01 - Omar L. Ucán 24/12/2012 23:50:01.1.2 - x86
      Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.52.3082.18.2037.1062 [GMT -6:00]
      Running from: c:\users\Omar L. Ucßn\Downloads\ComboFix.exe
      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\logboot_23.12.2012.tureg.log
      c:\windows\security\Database\tmp.edb
      c:\windows\system32\System32\MASetupCleaner.exe
      c:\windows\system32\System32\muzapp.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-11-25 to 2012-12-25 )))))))))))))))))))))))))))))))
      .
      .
      2012-12-24 17:58 . 2012-12-24 17:58 -------- d-----w- C:\TDSSKiller_Quarantine
      2012-12-24 02:12 . 2012-12-24 02:12 -------- d-----w- c:\program files\ESET
      2012-12-23 21:53 . 2012-12-23 21:53 -------- d-----w- c:\users\Omar L. Ucán\AppData\Roaming\Malwarebytes
      2012-12-23 21:52 . 2012-12-23 21:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-12-23 21:52 . 2012-12-23 21:52 -------- d-----w- c:\programdata\Malwarebytes
      2012-12-23 21:52 . 2012-09-30 01:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-23 21:05 . 2012-12-23 21:05 -------- d-----w- C:\Intel
      2012-12-23 01:51 . 2012-11-29 23:10 31584 ----a-w- c:\windows\system32\TURegOpt.exe
      2012-12-23 01:51 . 2012-11-29 23:10 21344 ----a-w- c:\windows\system32\authuitu.dll
      2012-12-23 01:49 . 2012-12-23 01:49 -------- d-----w- c:\users\Omar L. Ucán\AppData\Roaming\TuneUp Software
      2012-12-23 01:49 . 2012-12-23 01:51 -------- d-----w- c:\program files\TuneUp Utilities 2013
      2012-12-23 01:49 . 2012-12-23 01:49 -------- d-----w- c:\programdata\TuneUp Software
      2012-12-23 01:48 . 2012-12-23 02:00 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
      2012-12-23 01:48 . 2012-12-23 01:48 -------- d--h--w- c:\programdata\Common Files
      2012-12-22 23:38 . 2012-11-19 07:04 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B035BEC7-3A2C-4CC2-A616-E2A2A87647D3}\mpengine.dll
      2012-12-22 07:16 . 2012-12-22 07:16 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{448305D5-8672-4470-A91B-5851DF5B780D}
      2012-12-22 04:02 . 2012-12-22 04:02 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6E46CE76-D4C3-4103-BEE5-2EAA9A7C0A74}\MpKsle93474c6.sys
      2012-12-20 19:10 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
      2012-12-20 19:10 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
      2012-12-14 08:57 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
      2012-12-14 08:57 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
      2012-12-14 08:57 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
      2012-12-14 08:57 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
      2012-12-14 08:57 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
      2012-12-14 08:57 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
      2012-12-14 08:57 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
      2012-12-14 08:57 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
      2012-12-14 08:57 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
      2012-12-14 08:57 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
      2012-12-14 08:57 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
      2012-12-14 07:18 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
      2012-12-14 07:18 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
      2012-12-14 07:18 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap(49).sys
      2012-12-14 07:15 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
      2012-12-14 07:15 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
      2012-12-14 07:15 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-12-12 02:57 . 2012-12-12 02:57 -------- d-----w- c:\program files\iPod
      2012-12-12 02:56 . 2012-12-12 02:58 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
      2012-12-12 02:56 . 2012-12-12 02:58 -------- d-----w- c:\program files\iTunes
      2012-12-12 02:26 . 2012-12-12 02:26 159744 ----a-w- c:\program files\Internet Explorer\Módulos\npqtplugin7.dll
      2012-12-12 02:26 . 2012-12-12 02:26 159744 ----a-w- c:\program files\Internet Explorer\Módulos\npqtplugin6.dll
      2012-12-12 02:26 . 2012-12-12 02:26 159744 ----a-w- c:\program files\Internet Explorer\Módulos\npqtplugin5.dll
      2012-12-12 02:26 . 2012-12-12 02:26 159744 ----a-w- c:\program files\Internet Explorer\Módulos\npqtplugin4.dll
      2012-12-12 02:26 . 2012-12-12 02:26 159744 ----a-w- c:\program files\Internet Explorer\Módulos\npqtplugin3.dll
      2012-12-12 02:26 . 2012-12-12 02:26 159744 ----a-w- c:\program files\Internet Explorer\Módulos\npqtplugin2.dll
      2012-12-12 02:26 . 2012-12-12 02:26 159744 ----a-w- c:\program files\Internet Explorer\Módulos\npqtplugin.dll
      2012-12-12 02:25 . 2012-12-12 02:26 -------- d-----w- c:\program files\QuickTime
      2012-12-07 06:22 . 2012-12-20 19:01 -------- d-----w- c:\users\Omar L. Ucán\AppData\Roaming\Skype
      2012-12-07 06:22 . 2012-12-07 06:22 -------- d-----w- c:\program files\Common Files\Skype
      2012-12-07 04:47 . 2012-12-07 04:48 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{C7665DE4-C26C-4180-B34E-57830553B282}
      2012-12-05 21:17 . 2012-12-05 21:17 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{BD4B1F8D-C63D-4F9D-A031-A1BED5061046}
      2012-12-04 20:22 . 2012-12-04 20:22 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{824FD715-1E78-47E5-93EE-C756B807D24E}
      2012-12-03 21:06 . 2012-12-03 21:07 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{FF68B244-0DD1-48FE-93FA-9E86EFADE490}
      2012-12-01 22:17 . 2012-12-01 22:18 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{DC0C2D9B-856E-4477-807B-6DD9C34FC8A6}
      2012-12-01 04:11 . 2012-12-01 04:12 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{85AA41A8-90A6-48CC-9334-D44B237DFA40}
      2012-11-29 21:48 . 2012-11-29 21:49 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{B9241388-C25D-4A6E-BCE2-A9308AA53477}
      2012-11-29 07:43 . 2012-11-29 07:44 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{F5CC51BE-E620-451A-873F-D6844B45FA5F}
      2012-11-29 00:50 . 2012-11-29 00:50 -------- d-----w- c:\users\Omar L. Ucán\AppData\Roaming\Mozilla
      2012-11-28 19:42 . 2012-11-28 19:43 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{6D6CD332-5514-4281-8BE9-CCBADD9BA477}
      2012-11-28 00:13 . 2012-11-28 00:14 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{FDD23275-701E-4B78-B49E-4E452A2C4D45}
      2012-11-26 22:33 . 2012-11-26 22:34 -------- d-----w- c:\users\Omar L. Ucán\AppData\Local\{A013E056-1664-417C-913E-89D30596A689}

    10. #10
      Usuario Avatar de Ucan
      Registrado
      dic 2012
      Ubicación
      méxico
      Mensajes
      11

      Re: NO PUEDO ACTIVAR LA PROTECCIÓN EN TIEMPO REAL DE SECURITY ESSENTIAL ERROR 0x80070

      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-12-16 09:00 . 2012-04-04 03:28 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-12-16 09:00 . 2011-05-13 18:33 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
      2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
      2012-09-28 16:32 . 2012-09-28 16:32 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
      2012-09-28 16:32 . 2012-09-28 16:32 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
      "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
      "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-02-23 6591800]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-09-07 159744]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-15 137752]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-15 154136]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-15 133656]
      "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
      "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
      "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "mixer1"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
      @="Driver"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
      @="Service"
      .
      [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
      path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
      backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
      backupExtension=.CommonStartup
      .
      [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk]
      path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
      backup=c:\windows\pss\QuickSet.lnk.CommonStartup
      backupExtension=.CommonStartup
      .
      [HKLM\~\startupfolder\C:^Users^Omar L. Ucán^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla e Inicio rápido de OneNote 2007.lnk]
      path=c:\users\Omar L. Ucán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk
      backup=c:\windows\pss\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk.Startup
      backupExtension=.Startup
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      2008-10-15 06:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
      2011-04-20 17:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
      2012-11-28 20:13 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
      2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
      2007-11-15 15:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
      2009-02-27 00:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
      2007-03-21 19:00 174872 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
      2005-02-16 22:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
      2012-11-29 06:49 151952 ----a-w- c:\program files\iTunes\iTunesHelper.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
      2011-11-08 10:11 929168 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
      2011-11-08 10:11 21392 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
      2011-11-08 10:11 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
      2012-02-23 02:49 6591800 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
      2006-10-11 18:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC207_Monitor]
      2007-12-10 21:55 323584 ----a-w- c:\windows\PixArt\i-Look110\Monitor.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
      2007-11-01 21:39 189736 ------w- c:\program files\Dell\MediaDirect\PCMService.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
      2012-10-25 09:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]
      2009-02-23 13:05 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
      2006-09-28 19:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
      2012-01-18 20:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
      2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
      2009-02-23 13:05 111856 ----a-w- c:\program files\Yahoo!\Search Protection\SearchProtection.exe
      .
      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "Google Update"="c:\users\Omar L. Ucán\AppData\Local\Google\Update\GoogleUpdate.exe" /c
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
      "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
      "DisableMonitoring"=dword:00000001
      .
      S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [x]
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      bthsvcs REG_MULTI_SZ BthServ
      WindowsMobile REG_MULTI_SZ wcescomm rapimgr
      LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
      LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
      2011-05-06 00:48 114176 ----a-w- c:\windows\System32\advpack.dll
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 09:00]
      .
      2012-12-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 03:35]
      .
      2012-12-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-19 03:35]
      .
      .

    Página 1 de 2 12 ÚltimoÚltimo