Date: Two weeks ago (events: 95)

My Protection (events: 6)
4/11/2010 10:43:20 PM Protection is not running Kaspersky Internet Secur
ity
4/11/2010 10:26:12 PM Databases are obsolete Kaspersky Internet Security
4/11/2010 9:26:33 PM Untreated: UDS:DangerousObject.Multi.Generic Kaspersk
y Internet Security G:\Internet Download Manager 5.15\IDM5.15build-6
-abu137-\Patch.exe Skipped by user
4/11/2010 9:26:27 PM Detected: UDS:DangerousObject.Multi.Generic Kaspersk
y Internet Security G:\Internet Download Manager 5.15\IDM5.15build-6
-abu137-\Patch.exe KSN service
4/11/2010 9:25:41 PM Threats have been detected Kaspersky Internet Secur
ity
4/11/2010 9:20:43 PM Databases are obsolete Kaspersky Internet Security
File Anti-Virus (events: 3)
4/11/2010 9:25:41 PM Untreated: UDS:DangerousObject.Multi.Generic Kaspersk
y Internet Security G:\INTERNET DOWNLOAD MANAGER 5.15\IDM5.15build-6
-abu137-\Patch.exe Skipped by user
4/11/2010 9:25:41 PM Detected: UDS:DangerousObject.Multi.Generic Kaspersk
y Internet Security G:\INTERNET DOWNLOAD MANAGER 5.15\IDM5.15build-6
-abu137-\Patch.exe KSN service
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 1)
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 1)
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 1)
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 1)
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 63)
4/11/2010 10:42:59 PM Windows Logon UI Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 10:40:37 PM Windows Picture and Fax Viewer Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 10:33:11 PM GrooveUtil Module Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 10:16:47 PM MSI128D.TMP Placed in group Trusted Known on
the database of the known software
4/11/2010 10:16:43 PM 2007 Microsoft Office component Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 10:09:53 PM OSE00000.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/11/2010 10:09:52 PM Office Source Engine Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 10:09:28 PM Microsoft Setup Bootstrapper Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 10:03:50 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/11/2010 10:03:11 PM Pro Evolution Soccer 2010 Settings Placed i
n group Low Restricted High value of threat rating calculated heuristically
4/11/2010 10:03:00 PM KitServer 2010 EXE Manager Placed in group
Low Restricted High value of threat rating calculated heuristically
4/11/2010 9:55:49 PM Allowed: Setting debug privileges PRO EVOLUTION SO
CCER 2010 PATCH 1.03.MSP Setting debug privileges Setting
debug privileges
4/11/2010 9:55:49 PM Allowed: Using program interfaces of other process
PRO EVOLUTION SOCCER 2010 PATCH 1.03.MSP Using program interfaces of othe
r process c:\documents and settings\ikhfar\local settings\temp\{f8b87cfb-5
25a-413f-8bfe-01d8670d7d58}\pro evolution soccer 2010 patch 1.03.msp Using pr
ogram interfaces of other process
4/11/2010 9:55:49 PM Allowed: Exiting Microsoft Windows PRO EVOLUTION SO
CCER 2010 PATCH 1.03.MSP Windows shutdown Exiting Microsof
t Windows
4/11/2010 9:55:49 PM PRO EVOLUTION SOCCER 2010 PATCH 1.03.MSP
Placed in group Low Restricted High value of threat rating calculated heuristic
ally
4/11/2010 9:55:41 PM PES2010PATCH103.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 9:53:20 PM Image Mastering API Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 9:40:56 PM PRO EVOLUTION SOCCER 2010.MSI Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:40:55 PM SETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/11/2010 9:40:53 PM AUTORUN.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/11/2010 9:40:48 PM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/11/2010 9:40:47 PM UltraISO.exe Placed in group Low Restricted
High value of threat rating calculated heuristically
4/11/2010 9:40:20 PM _IU14D2N.TMP Placed in group Low Restricted
High value of threat rating calculated heuristically
4/11/2010 9:40:19 PM unins000.exe Placed in group Low Restricted
High value of threat rating calculated heuristically
4/11/2010 9:40:08 PM PRO EVO EDITING STUDIO 2010.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/11/2010 9:39:45 PM PEES_2010_2.2.0.0_SETUP.TMP Placed in group
Low Restricted High value of threat rating calculated heuristically
4/11/2010 9:39:44 PM PRO-EVO Editing Studio 2010 Setup Placed i
n group Low Restricted High value of threat rating calculated heuristically
4/11/2010 9:39:05 PM Unlocker.exe Placed in group Trusted Known on
the database of the known software
4/11/2010 9:38:59 PM EBAY_SHORTCUTS_1016_NEW.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/11/2010 9:38:58 PM UNLOCKERASSISTANT.EXE Placed in group Trusted
Known on the database of the known software
4/11/2010 9:38:54 PM UNLOCKER1.8.8.EXE Placed in group Trusted
Known on the database of the known software
4/11/2010 9:34:02 PM Pro Evolution Soccer 2010 Placed in group
Low Restricted High value of threat rating calculated heuristically
4/11/2010 9:31:16 PM Notepad Placed in group Trusted Signed by the di
gital signature of entrusted manufacturers
4/11/2010 9:25:59 PM REGPATCH.REG Placed in group Low Restricted
High value of threat rating calculated heuristically
4/11/2010 9:25:48 PM INTERNET.DOWNLOAD.MANAGER.5.X.X.BULD.X.X-PATCH.E
XE Placed in group Low Restricted High value of threat rating calculated h
euristically
4/11/2010 9:25:19 PM Internet Download Manager agent for click monito
ring in IE-based browsers Placed in group Trusted Signed by the digital si
gnature of entrusted manufacturers
4/11/2010 9:25:14 PM Internet Download Manager (IDM) Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:25:09 PM IDM1.TMP Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/11/2010 9:25:08 PM INTERNET DOWNLOAD MANAGER 5.15.EXE Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:23:37 PM AFSExplorer - v3.7 Placed in group Trusted
Known on the database of the known software
4/11/2010 9:23:20 PM WinRAR archiver Placed in group Trusted Known on
the database of the known software
4/11/2010 9:21:04 PM WebToolBar component Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 9:21:01 PM Firefox Placed in group Trusted Signed by the di
gital signature of entrusted manufacturers
4/11/2010 9:20:57 PM Windows Shell Common Dll Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:56 PM Windows Control Panel Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:46 PM Kaspersky Anti-Virus GUI Windows part Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:45 PM Kaspersky Internet Security Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:45 PM Windows® installer Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:45 PM Windows Security Center Notification App
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/11/2010 9:20:45 PM Application Layer Gateway Service Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:45 PM Catalyst Control Centre: Host application
Placed in group Trusted Known on the database of the known software
4/11/2010 9:20:45 PM Catalyst Control Center: Monitoring program
Placed in group Trusted Known on the database of the known software
4/11/2010 9:20:44 PM Windows Explorer Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM Spooler SubSystem App Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM Microsoft(C) Register Server Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM Generic Host Process for Win32 Services Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM ATI External Event Utility EXE Module Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM LSA Shell (Export Version) Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM Services and Controller app Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM Windows NT Logon Application Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM Client Server Runtime Process Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:44 PM Windows NT Session Manager Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 8)
4/11/2010 10:42:02 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/11/2010 10:42:02 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/11/2010 9:44:31 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/11/2010 9:44:31 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/11/2010 9:39:05 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/11/2010 9:39:05 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/11/2010 9:25:29 PM Denied Internet Download Manager (IDM) Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/11/2010 9:25:29 PM Denied Internet Download Manager (IDM) Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 3)
4/11/2010 10:03:47 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/11/2010 10:03:47 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
Proactive Defense
Firewall (events: 1)
4/11/2010 9:20:55 PM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 1)
4/11/2010 9:20:43 PM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 2)
4/11/2010 9:53:46 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/11/2010 9:50:47 PM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 4)
4/11/2010 10:43:13 PM Task stopped Kaspersky Internet Security
My Update Center Operation cancelled by the user
4/11/2010 10:31:04 PM Task started Kaspersky Internet Security
My Update Center
4/11/2010 10:26:12 PM Task stopped Kaspersky Internet Security
My Update Center Operation cancelled by the user
4/11/2010 9:20:48 PM Task started Kaspersky Internet Security
My Update Center
Date: Last week (events: 991)
My Protection (events: 25)
4/18/2010 12:43:19 PM Protection is not running Kaspersky Internet Secur
ity
4/18/2010 6:46:36 AM Protection is not running Kaspersky Internet Secur
ity
4/17/2010 5:15:23 PM Protection is not running Kaspersky Internet Secur
ity
4/17/2010 4:04:27 PM Protection is not running Kaspersky Internet Secur
ity
4/16/2010 11:08:33 AM Protection is not running Kaspersky Internet Secur
ity
4/16/2010 8:09:20 AM Protection is not running Kaspersky Internet Secur
ity
4/16/2010 7:57:08 AM Deleted: not-a-virus:PSWTool.Win32.RAS.a Kaspersk
y Internet Security C:\Documents and Settings\ikhfar\Local Settings\
Temp\RarSFX0\xpkey.exe
4/16/2010 7:56:55 AM Detected: not-a-virus:PSWTool.Win32.RAS.a Kaspersk
y Internet Security C:\Documents and Settings\ikhfar\Local Settings\
Temp\RarSFX0\xpkey.exe
4/16/2010 7:21:15 AM Potentially unwanted software detected Kaspersky Intern
et Security
4/15/2010 10:50:21 PM Protection is not running Kaspersky Internet Secur
ity
4/15/2010 6:48:48 PM Potentially unwanted software detected Kaspersky Intern
et Security
4/15/2010 3:32:15 PM Protection is not running Kaspersky Internet Secur
ity
4/15/2010 3:31:53 PM Untreated: not-a-virus:PSWTool.Win32.RAS.a Kaspersk
y Internet Security C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\
TEMP\RARSFX0\xpkey.exe Skipped by user
4/15/2010 3:31:52 PM Detected: not-a-virus:PSWTool.Win32.RAS.a Kaspersk
y Internet Security C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\
TEMP\RARSFX0\xpkey.exe
4/15/2010 3:31:52 PM Deleted: not-a-virus:PSWTool.Win32.RAS.a Kaspersk
y Internet Security C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\
TEMP\RARSFX0\officekey.exe
4/15/2010 3:31:41 PM Detected: not-a-virus:PSWTool.Win32.RAS.a Kaspersk
y Internet Security C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\
TEMP\RARSFX0\officekey.exe
4/15/2010 10:17:27 AM Potentially unwanted software detected Kaspersky Intern
et Security
4/15/2010 9:38:11 AM Protection is not running Kaspersky Internet Secur
ity
4/15/2010 7:09:55 AM Potentially unwanted software detected Kaspersky Intern
et Security
4/14/2010 5:38:33 PM Protection is not running Kaspersky Internet Secur
ity
4/13/2010 8:15:55 PM Protection is not running Kaspersky Internet Secur
ity
4/13/2010 1:12:38 PM Protection is not running Kaspersky Internet Secur
ity
4/13/2010 6:42:22 AM Protection is not running Kaspersky Internet Secur
ity
4/12/2010 11:07:08 AM Protection is not running Kaspersky Internet Secur
ity
4/12/2010 6:52:52 AM Databases are obsolete Kaspersky Internet Security
File Anti-Virus (events: 49)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
File Anti-Virus
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
File Anti-Virus
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
File Anti-Virus
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
File Anti-Virus
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
File Anti-Virus
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
File Anti-Virus
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
File Anti-Virus
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
File Anti-Virus
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
File Anti-Virus
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
File Anti-Virus
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
File Anti-Virus
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
File Anti-Virus
4/15/2010 10:17:27 AM Task started Kaspersky Internet Security
File Anti-Virus
4/15/2010 7:10:11 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a Client S
erver Runtime Process C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\
TEMP\RARSFX0\xpkey.exe Skipped by user
4/15/2010 7:10:11 AM Detected: not-a-virus:PSWTool.Win32.RAS.a Client S
erver Runtime Process C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\
TEMP\RARSFX0\xpkey.exe
4/15/2010 7:10:10 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RARSFX0\off
icekey.exe Skipped by user
4/15/2010 7:10:10 AM Detected: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RARSFX0\off
icekey.exe
4/15/2010 7:10:10 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a FINDKEY.
EXE C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RARSFX0\xpk
ey.exe Skipped by user
4/15/2010 7:10:10 AM Detected: not-a-virus:PSWTool.Win32.RAS.a FINDKEY.
EXE C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RARSFX0\xpk
ey.exe
4/15/2010 7:10:08 AM Detected: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:08 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/# Skipped by user
4/15/2010 7:10:08 AM Detected: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:07 AM Detected: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:07 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/# Skipped by user
4/15/2010 7:10:07 AM Detected: not-a-virus:PSWTool.Win32.RAS.a keyfinde
r.exe C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:05 AM Detected: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:05 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/# Skipped by user
4/15/2010 7:10:05 AM Detected: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:04 AM Detected: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:04 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/# Skipped by user
4/15/2010 7:10:04 AM Detected: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:04 AM Detected: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:10:04 AM Untreated: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/# Skipped by user
4/15/2010 7:10:04 AM Detected: not-a-virus:PSWTool.Win32.RAS.a WinRAR a
rchiver C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RAR$EX00.36
0\keyfinder.exe/#
4/15/2010 7:06:04 AM Task started Kaspersky Internet Security
File Anti-Virus
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
File Anti-Virus
4/14/2010 4:34:26 PM Task started Kaspersky Internet Security
File Anti-Virus
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
File Anti-Virus
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
File Anti-Virus
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
File Anti-Virus
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
File Anti-Virus
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
File Anti-Virus
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
File Anti-Virus
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
File Anti-Virus
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
File Anti-Virus
4/12/2010 9:59:16 PM Task started Kaspersky Internet Security
File Anti-Virus
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
File Anti-Virus
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
File Anti-Virus
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 28)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/15/2010 10:17:28 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/15/2010 7:06:05 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/14/2010 4:34:27 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/12/2010 9:59:17 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 28)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/18/2010 5:46:55 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/15/2010 10:17:28 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/15/2010 7:06:05 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/14/2010 4:34:27 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/12/2010 9:59:17 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 28)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/15/2010 10:17:28 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/15/2010 7:06:05 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/14/2010 4:34:27 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/12/2010 9:59:17 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 28)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
Anti-Spam
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
Anti-Spam
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
Anti-Spam
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
Anti-Spam
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
Anti-Spam
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
Anti-Spam
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
Anti-Spam
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
Anti-Spam
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
Anti-Spam
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
Anti-Spam
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
Anti-Spam
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
Anti-Spam
4/15/2010 10:17:27 AM Task started Kaspersky Internet Security
Anti-Spam
4/15/2010 7:06:04 AM Task started Kaspersky Internet Security
Anti-Spam
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
Anti-Spam
4/14/2010 4:34:26 PM Task started Kaspersky Internet Security
Anti-Spam
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
Anti-Spam
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
Anti-Spam
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
Anti-Spam
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
Anti-Spam
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
Anti-Spam
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
Anti-Spam
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
Anti-Spam
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
Anti-Spam
4/12/2010 9:59:16 PM Task started Kaspersky Internet Security
Anti-Spam
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
Anti-Spam
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
Anti-Spam
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
Anti-Spam
Parental Control (events: 2)
4/16/2010 8:17:28 AM Task stopped Kaspersky Internet Security
Parental Control
4/16/2010 8:12:05 AM Task started Kaspersky Internet Security
Parental Control
Application Control (events: 431)
4/18/2010 11:50:31 AM FINDKEY.EXE Placed in group Trusted Known on
the database of the known software
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
Application Control
4/18/2010 6:41:38 AM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/18/2010 5:47:17 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
Application Control
4/17/2010 10:19:45 PM Microsoft UxTheme Library Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 10:10:55 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/17/2010 9:23:37 PM Allowed: Using program interfaces of other process
ImageReady Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\imageready.exe Using program interfaces of other proces
s
4/17/2010 9:03:25 PM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\HarddiskVolume1 Low level disk access
4/17/2010 9:02:33 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/17/2010 7:36:46 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/17/2010 6:26:41 PM Cleanup Placed in group Trusted Known on the dat
abase of the known software
4/17/2010 6:11:55 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
Application Control
4/17/2010 4:22:52 PM Windows Genuine Advantage Notifications Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 4:22:11 PM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/17/2010 4:22:09 PM wganotifypackageinner.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 4:17:52 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/17/2010 4:17:46 PM wgasetup.exe Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
Application Control
4/17/2010 4:04:15 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 4:04:08 PM WGASETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/17/2010 4:04:07 PM WindowsXP-KB905474-ENU-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 4:03:47 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 4:03:46 PM INSTALL_FP6_WU_R88.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/17/2010 4:03:45 PM GENINST.EXE Placed in group Trusted Known on
the database of the known software
4/17/2010 4:03:45 PM WINDOWSXP-KB923789-X86-ENU.EXE Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 1:37:42 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 1:35:54 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 1:01:57 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/17/2010 12:55:59 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
Application Control
4/17/2010 5:50:26 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 5:50:22 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 5:50:18 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 5:50:07 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 5:38:03 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/17/2010 5:37:10 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
Application Control
4/16/2010 10:01:26 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:01:22 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:01:17 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:01:11 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:01:06 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:01:01 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:56 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:51 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:47 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:44 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:39 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:34 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:28 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:22 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:17 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:11 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:06 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 10:00:00 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:54 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:49 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:42 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:37 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:33 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:18 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:13 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:07 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:59:02 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:55 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:50 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:45 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:40 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:33 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:28 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:23 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:17 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:12 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:07 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:58:01 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:55 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:49 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:39 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:35 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:30 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:26 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:17 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:12 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:07 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:57:00 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:56:54 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:56:49 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:56:30 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:56:25 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:56:19 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:56:09 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:56:03 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:57 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:54 PM Update RunOnce Service Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:50 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:46 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:45 PM INSTALL_FP6_WU_R88.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:43 PM GENINST.EXE Placed in group Trusted Known on
the database of the known software
4/16/2010 9:55:43 PM WINDOWSXP-KB923789-X86-ENU.EXE Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:37 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:33 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:32 PM Application Compatibility Client Library
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/16/2010 9:55:26 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:20 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:13 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:55:07 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:14:14 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 9:11:17 PM InstallShield (R) Setup Launcher Placed i
n group Trusted Known on the database of the known software
4/16/2010 9:11:07 PM GDBMANAGER2010-901.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/16/2010 9:07:44 PM Allowed: Using program interfaces of other process
ImageReady Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\imageready.exe Using program interfaces of other proces
s
4/16/2010 9:00:09 PM Allowed: Using program interfaces of other process
ImageReady Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\imageready.exe Using program interfaces of other proces
s
4/16/2010 8:52:13 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:44:56 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:44:39 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:41:26 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:39:29 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:34:33 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:28:50 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:28:44 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:28:25 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:25:35 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:25:32 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:19:12 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:19:04 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:18:56 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:18:46 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:18:38 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:18:30 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:16:44 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:16:35 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:16:25 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:13:38 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:13:23 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:12:59 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:10:18 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:09:56 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:08:03 PM Allowed: Using program interfaces of other process
ImageReady Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\imageready.exe Using program interfaces of other proces
s
4/16/2010 8:06:32 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:04:43 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:04:24 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:01:54 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:01:23 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:59:52 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:59:44 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:59:35 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:57:02 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:56:55 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:56:30 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:54:48 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/16/2010 7:54:21 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:22:22 PM Microsoft Windows Media Player Setup Utility
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/16/2010 7:21:04 PM Microsoft Windows Media Configuration Utility
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/16/2010 7:21:04 PM Windows Media Player Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/16/2010 7:19:05 PM Attribute Utility Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/16/2010 7:18:21 PM Windows Command Processor Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 7:02:41 PM Adobe Gamma Loader Placed in group Trusted
Known on the database of the known software
4/16/2010 7:02:40 PM Catalyst® Control Center Launcher Placed i
n group Trusted Known on the database of the known software
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
Application Control
4/16/2010 3:13:05 PM ACDSEE 10 PHOTO MANAGER.MSI Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 3:12:46 PM ACDSEE-10-0-219-EN.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/16/2010 3:12:30 PM DEMO32.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/16/2010 3:12:27 PM _DS14EA.TMP Placed in group Trusted Known on
the database of the known software
4/16/2010 3:12:26 PM MEDIABROWSER.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/16/2010 3:12:24 PM SETUP.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/16/2010 3:09:52 PM NERO-8110B_ENG.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/16/2010 3:09:00 PM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/16/2010 2:42:30 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/16/2010 1:41:17 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
Application Control
4/16/2010 12:47:24 PM Software to download and convert YouTube video.
Placed in group Trusted Known on the database of the known software
4/16/2010 12:33:20 PM Microsoft Help Center Service Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 12:33:02 PM Microsoft Help and Support Center Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 12:32:22 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
Application Control
4/16/2010 9:45:51 AM Autorun Program Placed in group Low Restricted
High value of threat rating calculated heuristically
4/16/2010 8:48:05 AM Disk Defragmenter NTFS Module Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:48:05 AM Disk Defragmenter Module Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/16/2010 8:25:43 AM FINDKEY.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/16/2010 8:10:36 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
Application Control
4/16/2010 7:32:35 AM READERUPDATER.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/16/2010 7:21:27 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
Application Control
4/15/2010 9:31:11 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/15/2010 8:57:52 PM Microsoft Office Program Recovery Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/15/2010 8:03:51 PM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\HarddiskVolume1 Low level disk access
4/15/2010 7:43:51 PM Media Catalog Object Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 7:43:40 PM 2007 Microsoft Office component Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/15/2010 6:49:03 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
Application Control
4/15/2010 2:01:42 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/15/2010 2:01:20 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/15/2010 2:01:20 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/15/2010 2:01:20 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/15/2010 2:01:15 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/15/2010 1:46:07 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/15/2010 1:14:46 PM 3danalyzer-v236.exe Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/15/2010 11:15:50 AM Software to download and convert YouTube video.
Placed in group Trusted Known on the database of the known software
4/15/2010 11:15:11 AM YOUTUBEDOWNLOADERSETUP254.EXE Placed in group
Trusted Known on the database of the known software
4/15/2010 11:12:30 AM Denied: Start POC2010V10.EXE Autorun Start
4/15/2010 11:12:30 AM POC2010V10.EXE Placed in group Untrusted
High value of threat rating calculated heuristically
4/15/2010 11:12:26 AM POC2010V10.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/15/2010 11:08:46 AM Sothink FLV Player Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 11:08:45 AM IS-2IVJL.TMP Placed in group Trusted Known on
the database of the known software
4/15/2010 11:08:45 AM FLASH-AX-SETUP.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 11:08:30 AM Sothink FLV Player Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 11:08:29 AM SETUP.TMP Placed in group Trusted Known on
the database of the known software
4/15/2010 11:08:28 AM SETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/15/2010 10:36:12 AM 3danalyzer-v236.exe Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/15/2010 10:32:46 AM Power Screen Capture Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/15/2010 10:32:36 AM POWERSCREENCAPTURE.TMP Placed in group Trusted
Known on the database of the known software
4/15/2010 10:32:34 AM POWERSCREENCAPTURE.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/15/2010 10:27:28 AM stmap.exe Placed in group Low Restricted
High value of threat rating calculated heuristically
4/15/2010 10:27:05 AM ConvRAV MFC Application Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/15/2010 10:20:29 AM MAX9KEYGEN.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/15/2010 10:19:13 AM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/15/2010 10:17:41 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/15/2010 10:17:28 AM Task started Kaspersky Internet Security
Application Control
4/15/2010 9:17:43 AM Allowed: Using system program interfaces (DNS) Firefox
Use DNS caching system for conversion www.sothink.com Using system program int
erfaces (DNS)
4/15/2010 9:17:42 AM Allowed: Using program interfaces of other process
Firefox Using program interfaces of other process c:\program files\mozilla
firefox\firefox.exe Using program interfaces of other process
4/15/2010 9:17:38 AM _IU14D2N.TMP Placed in group Low Restricted
High value of threat rating calculated heuristically
4/15/2010 9:17:38 AM Setup/Uninstall Placed in group Low Restricted
High value of threat rating calculated heuristically
4/15/2010 9:09:55 AM Sothink FLV Player Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 9:09:54 AM IS-QL9K1.TMP Placed in group Trusted Known on
the database of the known software
4/15/2010 9:09:53 AM FLASH-AX-SETUP.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 9:09:38 AM ASKINSTALLCHECKER.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 9:09:37 AM SETUP.TMP Placed in group Trusted Known on
the database of the known software
4/15/2010 9:09:36 AM SETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/15/2010 8:31:16 AM TCP/IP Ping Command Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/15/2010 7:30:53 AM STADIUM CHANGER V2.0.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/15/2010 7:14:53 AM Winamp Placed in group Trusted Known on the dat
abase of the known software
4/15/2010 7:12:37 AM MICROSOFT GENUINE ADVANTAGE DIAGNOSTIC TOOL.EXE
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/15/2010 7:12:33 AM Denied: Protected applications keyfinder.exe Delete
C:\DOCUMENTS AND SETTINGS\IKHFAR\LOCAL SETTINGS\TEMP\RARSFX0\CHGXP.VBS Protecte
d applications
4/15/2010 7:12:22 AM Allowed: Using program interfaces of other process
CHGXP.VBS Using program interfaces of other process c:\documents and
settings\ikhfar\local settings\temp\rarsfx0\chgxp.vbs Using program interfaces
of other process
4/15/2010 7:12:22 AM Allowed: Access to critical system objects CHGXP.VB
S Access to critical system objects Access to critical syste
m objects
4/15/2010 7:12:22 AM Allowed: Starting other processes FINDKEY.EXE
Process start c:\documents and settings\ikhfar\local settings\temp\rarsfx0\chg
xp.vbs Starting other processes
4/15/2010 7:12:22 AM CHGXP.VBS Placed in group Trusted Known on
the database of the known software
4/15/2010 7:10:10 AM Allowed: Starting other processes FINDKEY.EXE
Process start c:\documents and settings\ikhfar\local settings\temp\rarsfx0\xpk
ey.exe Starting other processes
4/15/2010 7:10:10 AM : not-a-virus:PSWTool.Win32.RAS.a xpkey.exe
Placed in group High Restricted not-a-virus
4/15/2010 7:10:09 AM Allowed: Starting other processes keyfinder.exe
Process start c:\documents and settings\ikhfar\local settings\temp\rarsfx0\fin
dkey.exe Starting other processes
4/15/2010 7:10:09 AM FINDKEY.EXE Placed in group Trusted Known on
the database of the known software
4/15/2010 7:10:06 AM : not-a-virus:PSWTool.Win32.RAS.a keyfinder.exe
Placed in group High Restricted not-a-virus
4/15/2010 7:09:43 AM MICROSOFT GENUINE ADVANTAGE DIAGNOSTIC TOOL.EXE
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/15/2010 7:06:19 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/15/2010 7:06:04 AM Task started Kaspersky Internet Security
Application Control
4/14/2010 11:42:40 PM IE Crash Detection Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 11:41:17 PM Allowed: Using program interfaces of other process
STADIUMBUILDER.EXE Using program interfaces of other process c:\progr
am files\stadium builder\stadiumbuilder.exe Using program interfaces of othe
r process
4/14/2010 11:41:17 PM Internet Explorer Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 11:41:17 PM Allowed: Use browser program interfaces STADIUMBUILDER.E
XE Use browser program interfaces Use browser program interfaces
4/14/2010 11:41:10 PM STADIUMBUILDER.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 11:40:58 PM INS1BF9.TMP Placed in group Trusted Known on
the database of the known software
4/14/2010 11:40:56 PM STADIUMBUILDERSETUP.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 11:22:28 PM STADIUM CHANGER V2.0.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/14/2010 11:21:04 PM STADIUM CHANGER V2.0.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/14/2010 11:20:25 PM STADIUM CHANGER V2.0.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/14/2010 9:32:22 PM Autodesk Communication Center Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/14/2010 9:30:00 PM MAX9KEYGEN.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 9:29:56 PM MAX9KEYGEN.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 9:26:28 PM MAX9KEYGEN.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 9:22:58 PM MAX9KEYGEN.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 9:22:47 PM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/14/2010 9:21:59 PM Cleanup Placed in group Trusted Known on the dat
abase of the known software
4/14/2010 9:21:54 PM 3ds Max application Placed in group Trusted
Known on the database of the known software
4/14/2010 9:21:31 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
Application Control
4/14/2010 5:37:43 PM MAX9KEYGEN.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 5:37:34 PM Allowed: Setting debug privileges BACKBURNER.MSI
Setting debug privileges Setting debug privileges
4/14/2010 5:37:34 PM Allowed: Using program interfaces of other process
BACKBURNER.MSI Using program interfaces of other process g:\support\backb
urner\backburner.msi Using program interfaces of other process
4/14/2010 5:37:34 PM Allowed: Exiting Microsoft Windows BACKBURNER.MSI
Windows shutdown Exiting Microsoft Windows
4/14/2010 5:37:34 PM BACKBURNER.MSI Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 5:37:31 PM Allowed: Setting debug privileges 3DSMAX_PRODUCTCO
DE.MSI Setting debug privileges Setting debug privileges
4/14/2010 5:37:31 PM Allowed: Using program interfaces of other process
3DSMAX_PRODUCTCODE.MSI Using program interfaces of other process g:\suppo
rt\product\3dsmax_productcode.msi Using program interfaces of other proces
s
4/14/2010 5:37:31 PM Allowed: Exiting Microsoft Windows 3DSMAX_PRODUCTCO
DE.MSI Windows shutdown Exiting Microsoft Windows
4/14/2010 5:37:31 PM 3DSMAX_PRODUCTCODE.MSI Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 5:35:34 PM FBX200608_3DSMAX90_WIN_ENU.EXE Placed in group
Trusted Known on the database of the known software
4/14/2010 5:35:32 PM System Level Service Utility Placed in group
Trusted Known on the database of the known software
4/14/2010 5:35:28 PM RAYSAT_3DSMAX9_32SERVER.EXE Placed in group
Trusted Known on the database of the known software
4/14/2010 5:32:39 PM BACKBURNER.EXE Placed in group Trusted Known on
the database of the known software
4/14/2010 5:30:00 PM Allowed: Setting debug privileges 3DSMAX9_WIN32.MS
I Setting debug privileges Setting debug privileges
4/14/2010 5:30:00 PM Allowed: Using program interfaces of other process
3DSMAX9_WIN32.MSI Using program interfaces of other process g:\3dsma
x\3dsmax9_win32.msi Using program interfaces of other process
4/14/2010 5:29:39 PM Allowed: Exiting Microsoft Windows 3DSMAX9_WIN32.MS
I Windows shutdown Exiting Microsoft Windows
4/14/2010 5:29:39 PM 3DSMAX9_WIN32.MSI Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 5:24:52 PM WMI Placed in group Trusted Signed by the di
gital signature of entrusted manufacturers
4/14/2010 5:24:34 PM MSI196.TMP Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/14/2010 5:24:14 PM Registry Initializer Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 5:24:14 PM MSI191.TMP Placed in group Trusted Known on
the database of the known software
4/14/2010 5:24:12 PM SETUPDWFVIEWER.MSI Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 5:24:08 PM Load PerfMon Counters Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 5:23:59 PM .NET Runtime Optimization Service Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/14/2010 5:23:55 PM Microsoft .NET Services Installation Utility
Placed in group Trusted Known on the database of the known software
4/14/2010 5:23:51 PM aspnet_regiis.exe Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 5:23:11 PM mofcomp Placed in group Trusted Signed by the di
gital signature of entrusted manufacturers
4/14/2010 5:23:03 PM Visual Studio RegTLib Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 5:23:02 PM Microsoft Common Language Runtime native compile
r Placed in group Trusted Signed by the digital signature of entrusted man
ufacturers
4/14/2010 5:22:35 PM MAX9KEYGEN.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 5:22:05 PM NDP20-KB918842-X86.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 5:21:49 PM DXSETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/14/2010 5:21:48 PM SETUP.EXE Placed in group Trusted Known on
the database of the known software
4/14/2010 5:21:40 PM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/14/2010 5:09:39 PM import-c.dll Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 5:09:09 PM import-b.dll Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 5:08:32 PM Allowed: Using program interfaces of other process
PES/OEDIT Converter Using program interfaces of other process c:\poc 2
010\poc2010.exe Using program interfaces of other process
4/14/2010 5:08:09 PM PES/OEDIT Converter Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 4:34:39 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/14/2010 4:34:27 PM Task started Kaspersky Internet Security
Application Control
4/14/2010 8:55:53 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/14/2010 8:54:58 AM Allowed: Using system program interfaces (DNS) EDITOR.E
XE Use DNS caching system for conversion downloads.fifacz.com Using sy
stem program interfaces (DNS)
4/14/2010 8:54:40 AM EDITOR.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 8:51:21 AM KITSRELINK2010.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 8:51:20 AM KITSRELINK2010.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 8:49:56 AM WECN PES2010PC APPEARANCE TOOL.EXE Placed i
n group Low Restricted High value of threat rating calculated heuristically
4/14/2010 8:49:40 AM Windows TaskManager Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/14/2010 8:48:43 AM TEAMS MANAGER.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/14/2010 8:48:27 AM POC2010V10.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/14/2010 7:47:31 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/14/2010 7:38:43 AM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/14/2010 7:24:52 AM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/14/2010 7:16:17 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
Application Control
4/13/2010 11:20:01 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/13/2010 10:58:42 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/13/2010 10:56:36 PM Game Graphic Studio.exe Placed in group Trusted
Known on the database of the known software
4/13/2010 10:53:07 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/13/2010 10:53:07 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/13/2010 10:53:07 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/13/2010 10:53:00 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/13/2010 10:30:13 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/13/2010 10:29:57 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/13/2010 10:29:57 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/13/2010 10:29:57 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/13/2010 10:29:53 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/13/2010 10:27:45 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/13/2010 10:26:04 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/13/2010 10:26:04 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/13/2010 10:26:04 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/13/2010 10:26:04 PM DrWatson Postmortem Debugger Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/13/2010 10:26:00 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/13/2010 10:23:54 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/13/2010 9:57:48 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/13/2010 9:55:02 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/13/2010 9:54:42 PM Microsoft Application Error Reporting Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/13/2010 9:39:53 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
Application Control
4/13/2010 8:15:47 PM Windows Logon UI Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 5:59:52 PM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\HarddiskVolume1 Low level disk access
4/13/2010 5:59:51 PM Launchpad.exe Placed in group Low Restricted
High value of threat rating calculated heuristically
4/13/2010 5:58:36 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
Application Control
4/13/2010 1:12:26 PM Windows Logon UI Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 11:29:11 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/13/2010 11:27:11 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
Application Control
4/13/2010 6:42:14 AM Windows Logon UI Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 6:37:03 AM IJ Status Monitor Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 6:37:03 AM Canon IJ Print Utility Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 6:35:54 AM cnmvsa Placed in group Trusted Signed by the di
gital signature of entrusted manufacturers
4/13/2010 6:35:53 AM CNMVS8O.DLL Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:35:18 AM DELDRV.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:35:10 AM SETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:34:29 AM Windows Progman Group Converter Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/13/2010 6:34:29 AM Windows Setup API Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 6:34:09 AM CNMVS.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:34:01 AM CNMVS.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:32:23 AM Crypto Shell Extensions Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 6:32:19 AM Print UI DLL Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:32:10 AM DelDrv.exe Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:31:59 AM SETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:20:39 AM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/13/2010 6:14:40 AM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/13/2010 6:01:52 AM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/13/2010 6:01:16 AM Adobe Photoshop Placed in group Low Restricted
High value of threat rating calculated heuristically
4/13/2010 6:01:01 AM WordPad MFC Application Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/13/2010 6:01:01 AM Windows Write Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/13/2010 6:00:43 AM ImageReady Placed in group Trusted Known on
the database of the known software
4/13/2010 5:58:49 AM _ISDEL.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/13/2010 5:58:42 AM _INS5576._MP Placed in group Trusted Known on
the database of the known software
4/13/2010 5:58:41 AM SETUP.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/13/2010 5:58:26 AM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/13/2010 5:56:34 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
Application Control
4/12/2010 10:47:32 PM Windows Logon UI Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 10:45:14 PM Firefox Helper Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/12/2010 10:44:20 PM UPDATER.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/12/2010 10:44:15 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
Application Control
4/12/2010 10:28:40 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
Application Control
4/12/2010 10:22:26 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/12/2010 10:20:28 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
Application Control
4/12/2010 10:01:36 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/12/2010 9:59:30 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/12/2010 9:59:16 PM Task started Kaspersky Internet Security
Application Control
4/12/2010 9:33:12 PM AFSExplorer - v3.7 Placed in group Trusted
Known on the database of the known software
4/12/2010 9:20:27 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/12/2010 9:18:50 PM KitServer 2010 Configuration Tool Placed i
n group Low Restricted High value of threat rating calculated heuristically
4/12/2010 9:18:35 PM Windows Error Reporting Dump Reporting Tool
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/12/2010 9:17:54 PM Userinit Logon Application Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
Application Control
4/12/2010 8:50:58 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/12/2010 8:49:34 PM U3 Cleanup Application Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/12/2010 6:37:20 PM Adobe Reader and Acrobat Manager Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/12/2010 6:35:26 PM NTVDM.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/12/2010 6:30:53 PM Microsoft Office Publisher Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/12/2010 6:26:03 PM Eula display Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/12/2010 6:26:00 PM Adobe Reader 9.3 Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 6:25:56 PM Adobe Reader 9.3 Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 6:19:34 PM Microsoft Office Word Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 6:18:10 PM Microsoft Office Excel Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 6:14:42 PM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/12/2010 6:14:42 PM CTF Loader Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/12/2010 6:14:41 PM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/12/2010 6:14:40 PM Microsoft Office PowerPoint Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/12/2010 6:14:05 PM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\HarddiskVolume1 Low level disk access
4/12/2010 6:14:04 PM Launchpad.exe Placed in group Low Restricted
High value of threat rating calculated heuristically
4/12/2010 6:13:53 PM LAUNCHU3.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
Application Control
4/12/2010 11:07:00 AM Windows Logon UI Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 11:06:33 AM Safely Remove Hardware applet Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/12/2010 10:17:25 AM Run Once Wrapper Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 10:16:27 AM WMI Placed in group Trusted Signed by the di
gital signature of entrusted manufacturers
4/12/2010 7:09:19 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/12/2010 7:08:21 AM Add Hardware Device Library Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/12/2010 7:06:57 AM Logon Screen Saver Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 6:52:51 AM Windows Update Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/12/2010 6:52:46 AM ATI Smart Placed in group Trusted Known on
the database of the known software
4/12/2010 6:52:45 AM GrooveMonitor Utility Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/12/2010 6:52:44 AM Adobe Acrobat SpeedLauncher Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 96)
4/18/2010 12:33:28 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/18/2010 6:43:44 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/17/2010 6:14:53 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/17/2010 6:14:14 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/17/2010 5:41:43 AM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:30:23 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:27:24 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:11:36 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:11:26 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:11:05 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:07:57 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:02:39 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:31:24 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:59 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:54 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:48 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:41 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:36 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:30 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:24 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:18 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:12 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:06 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:30:00 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:54 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:48 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:42 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:36 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:29 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:23 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:17 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:11 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 2:29:03 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 1:41:40 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 10:52:40 AM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 10:06:58 AM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 10:06:11 AM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 9:18:42 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:50:06 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:50:00 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:54 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:48 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:42 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:36 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:30 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:24 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:18 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:12 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:05 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:49:00 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:53 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:48 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:42 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:36 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:29 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:23 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:17 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:48:06 AM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 8:10:39 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:41:36 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/16/2010 7:32:38 AM Denied Adobe Reader and Acrobat Manager Open
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 8:05:09 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 8:03:51 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 7:17:15 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 2:01:20 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 1:58:42 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 1:15:13 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 11:18:46 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 11:15:29 AM Denied YOUTUBEDOWNLOADERSETUP254.EXE Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 10:19:43 AM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 7:32:32 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 7:25:19 AM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 7:09:14 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/15/2010 7:08:18 AM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 11:42:43 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 11:29:14 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 10:20:33 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 10:16:44 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 10:02:22 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 9:22:05 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 5:37:35 PM Denied 8653714D1EB1565E183853E5F129A1E9 Open
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 5:32:56 PM Denied D3544C38CEC3EBA657A485A35AD40F7B Open
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 5:32:41 PM Denied 56CF843227C422C4BBDD51A75C1029E4 Open
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/14/2010 8:14:32 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/13/2010 10:53:08 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/13/2010 10:29:57 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/13/2010 10:26:05 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/13/2010 9:38:00 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/13/2010 6:00:53 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/13/2010 1:11:44 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/12/2010 6:37:19 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/12/2010 6:21:25 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/12/2010 6:20:36 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/12/2010 6:20:36 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/12/2010 6:13:36 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/12/2010 6:52:59 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 76)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
Proactive Defense
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
Proactive Defense
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
Proactive Defense
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
Proactive Defense
4/17/2010 1:01:54 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/17/2010 1:01:54 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/17/2010 1:01:19 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/17/2010 1:01:19 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
Proactive Defense
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
Proactive Defense
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
Proactive Defense
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
Proactive Defense
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
Proactive Defense
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
Proactive Defense
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
Proactive Defense
4/15/2010 9:31:08 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/15/2010 9:31:07 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/15/2010 9:30:41 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/15/2010 9:30:41 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
Proactive Defense
4/15/2010 2:01:39 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/15/2010 2:01:39 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/15/2010 1:46:04 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/15/2010 1:46:03 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/15/2010 10:17:28 AM Task started Kaspersky Internet Security
Proactive Defense
4/15/2010 7:06:05 AM Task started Kaspersky Internet Security
Proactive Defense
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
Proactive Defense
4/14/2010 4:34:27 PM Task started Kaspersky Internet Security
Proactive Defense
4/14/2010 8:55:50 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/14/2010 8:55:50 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/14/2010 7:47:39 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/14/2010 7:47:39 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
Proactive Defense
4/13/2010 10:30:10 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 10:30:10 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 10:27:48 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 10:27:48 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 9:59:20 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 9:59:20 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 9:57:20 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/13/2010 9:57:20 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/13/2010 9:55:36 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 9:55:36 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 9:39:50 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 9:39:50 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
Proactive Defense
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
Proactive Defense
4/13/2010 11:29:08 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 11:29:08 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/13/2010 11:28:41 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/13/2010 11:28:41 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
Proactive Defense
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
Proactive Defense
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
Proactive Defense
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
Proactive Defense
4/12/2010 10:22:32 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 10:22:32 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
Proactive Defense
4/12/2010 10:01:49 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 10:01:49 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 9:59:17 PM Task started Kaspersky Internet Security
Proactive Defense
4/12/2010 9:20:24 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 9:20:23 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 9:19:58 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/12/2010 9:19:58 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
Proactive Defense
4/12/2010 8:50:55 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 8:50:55 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 8:50:27 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/12/2010 8:50:27 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
Proactive Defense
4/12/2010 7:09:16 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 7:09:16 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/12/2010 7:08:27 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/12/2010 7:08:27 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
Proactive Defense
License (events: 9)
4/16/2010 7:02:28 PM License validity period expires soon Kaspersky Intern
et Security
4/16/2010 1:41:03 PM License validity period expires soon Kaspersky Intern
et Security
4/16/2010 12:32:06 PM License validity period expires soon Kaspersky Intern
et Security
4/16/2010 8:10:23 AM License validity period expires soon Kaspersky Intern
et Security
4/16/2010 7:21:12 AM License validity period expires soon Kaspersky Intern
et Security
4/13/2010 9:37:50 PM License validity period expires soon Kaspersky Intern
et Security
4/13/2010 5:58:26 PM License validity period expires soon Kaspersky Intern
et Security
4/13/2010 11:26:57 AM License validity period expires soon Kaspersky Intern
et Security
4/13/2010 5:56:22 AM License validity period expires soon Kaspersky Intern
et Security
Firewall (events: 28)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
Firewall
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
Firewall
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
Firewall
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
Firewall
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
Firewall
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
Firewall
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
Firewall
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
Firewall
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
Firewall
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
Firewall
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
Firewall
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
Firewall
4/15/2010 10:17:27 AM Task started Kaspersky Internet Security
Firewall
4/15/2010 7:06:04 AM Task started Kaspersky Internet Security
Firewall
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
Firewall
4/14/2010 4:34:27 PM Task started Kaspersky Internet Security
Firewall
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
Firewall
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
Firewall
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
Firewall
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
Firewall
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
Firewall
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
Firewall
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
Firewall
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
Firewall
4/12/2010 9:59:16 PM Task started Kaspersky Internet Security
Firewall
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
Firewall
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
Firewall
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 28)
4/18/2010 11:34:44 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/18/2010 5:46:54 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/17/2010 6:11:30 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/17/2010 4:17:36 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/17/2010 12:55:27 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/17/2010 5:36:35 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/16/2010 7:02:31 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/16/2010 1:41:07 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/16/2010 12:32:10 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/16/2010 8:10:26 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/16/2010 7:21:16 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/15/2010 6:48:48 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/15/2010 10:17:28 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/15/2010 7:06:05 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/14/2010 9:21:17 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/14/2010 4:34:27 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/14/2010 7:16:11 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/13/2010 9:37:53 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/13/2010 5:58:30 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/13/2010 11:27:00 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/13/2010 5:56:25 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/12/2010 10:44:10 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/12/2010 10:28:32 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/12/2010 10:20:20 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/12/2010 9:59:17 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/12/2010 9:17:44 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/12/2010 6:12:47 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/12/2010 6:52:16 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 70)
4/18/2010 12:08:34 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/18/2010 12:04:55 PM Task started Kaspersky Internet Security
Rootkit Scan
4/18/2010 6:20:08 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/18/2010 6:17:01 AM Task started Kaspersky Internet Security
Rootkit Scan
4/17/2010 6:44:36 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/17/2010 6:41:40 PM Task started Kaspersky Internet Security
Rootkit Scan
4/17/2010 4:51:18 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/17/2010 4:47:45 PM Task started Kaspersky Internet Security
Rootkit Scan
4/17/2010 1:28:04 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/17/2010 1:25:38 PM Task started Kaspersky Internet Security
Rootkit Scan
4/16/2010 7:36:14 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/16/2010 7:32:42 PM Task started Kaspersky Internet Security
Rootkit Scan
4/16/2010 7:16:05 PM Task completed Kaspersky Internet Security
Virus Scan
4/16/2010 7:15:37 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 7:10:29 PM Task completed Kaspersky Internet Security
Virus Scan
4/16/2010 7:10:03 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 7:07:02 PM Task completed Kaspersky Internet Security
Virus Scan
4/16/2010 7:06:26 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 7:03:55 PM Task completed Kaspersky Internet Security
Virus Scan
4/16/2010 7:03:55 PM Task completed Kaspersky Internet Security
Virus Scan
4/16/2010 7:03:17 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 7:03:09 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 2:14:55 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/16/2010 2:11:18 PM Task started Kaspersky Internet Security
Rootkit Scan
4/16/2010 1:43:08 PM Task completed Kaspersky Internet Security
Virus Scan
4/16/2010 1:42:40 PM Task stopped Kaspersky Internet Security
Virus Scan
4/16/2010 1:42:40 PM Task stopped Kaspersky Internet Security
Virus Scan
4/16/2010 1:42:16 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 1:41:46 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 1:41:40 PM Task started Kaspersky Internet Security
Virus Scan
4/16/2010 1:05:58 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/16/2010 1:02:21 PM Task started Kaspersky Internet Security
Rootkit Scan
4/16/2010 8:44:17 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/16/2010 8:40:36 AM Task started Kaspersky Internet Security
Rootkit Scan
4/16/2010 7:55:08 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/16/2010 7:51:26 AM Task started Kaspersky Internet Security
Rootkit Scan
4/15/2010 8:04:00 PM Task completed Kaspersky Internet Security
Virus Scan
4/15/2010 8:03:50 PM Task started Kaspersky Internet Security
Virus Scan
4/15/2010 7:22:37 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/15/2010 7:18:56 PM Task started Kaspersky Internet Security
Rootkit Scan
4/15/2010 10:51:29 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/15/2010 10:47:35 AM Task started Kaspersky Internet Security
Rootkit Scan
4/15/2010 7:39:32 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/15/2010 7:36:13 AM Task started Kaspersky Internet Security
Rootkit Scan
4/15/2010 7:12:01 AM Task completed Kaspersky Internet Security
Virus Scan
4/15/2010 7:09:14 AM Task started Kaspersky Internet Security
Virus Scan
4/14/2010 9:55:02 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/14/2010 9:51:25 PM Task started Kaspersky Internet Security
Rootkit Scan
4/14/2010 5:08:04 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/14/2010 5:04:37 PM Task started Kaspersky Internet Security
Rootkit Scan
4/14/2010 7:49:57 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/14/2010 7:46:22 AM Task started Kaspersky Internet Security
Rootkit Scan
4/13/2010 10:10:23 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/13/2010 10:08:05 PM Task started Kaspersky Internet Security
Rootkit Scan
4/13/2010 6:32:05 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/13/2010 6:28:41 PM Task started Kaspersky Internet Security
Rootkit Scan
4/13/2010 12:00:00 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/13/2010 11:57:11 AM Task started Kaspersky Internet Security
Rootkit Scan
4/13/2010 6:29:57 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/13/2010 6:26:36 AM Task started Kaspersky Internet Security
Rootkit Scan
4/12/2010 9:50:13 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/12/2010 9:47:55 PM Task started Kaspersky Internet Security
Rootkit Scan
4/12/2010 6:46:04 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/12/2010 6:42:51 PM Task started Kaspersky Internet Security
Rootkit Scan
4/12/2010 6:17:44 PM Task completed Kaspersky Internet Security
Virus Scan
4/12/2010 6:13:36 PM Task started Kaspersky Internet Security
Virus Scan
4/12/2010 10:22:49 AM Task stopped Kaspersky Internet Security
Virus Scan
4/12/2010 10:17:33 AM Task started Kaspersky Internet Security
Virus Scan
4/12/2010 7:24:55 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/12/2010 7:22:21 AM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 65)
4/18/2010 11:52:31 AM Task completed Kaspersky Internet Security
My Update Center
4/18/2010 11:50:10 AM Task started Kaspersky Internet Security
My Update Center
4/18/2010 6:04:39 AM Task completed Kaspersky Internet Security
My Update Center
4/18/2010 6:02:17 AM Task started Kaspersky Internet Security
My Update Center
4/17/2010 11:08:11 PM Task completed Kaspersky Internet Security
My Update Center
4/17/2010 11:06:56 PM Task started Kaspersky Internet Security
My Update Center
4/17/2010 8:48:11 PM Task completed Kaspersky Internet Security
My Update Center
4/17/2010 8:46:56 PM Task started Kaspersky Internet Security
My Update Center
4/17/2010 6:29:00 PM Task completed Kaspersky Internet Security
My Update Center
4/17/2010 6:26:54 PM Task started Kaspersky Internet Security
My Update Center
4/17/2010 3:32:04 PM Task completed Kaspersky Internet Security
My Update Center
4/17/2010 3:30:54 PM Task started Kaspersky Internet Security
My Update Center
4/17/2010 1:16:42 PM Task completed Kaspersky Internet Security
My Update Center
4/17/2010 1:10:52 PM Task started Kaspersky Internet Security
My Update Center
4/16/2010 9:39:45 PM Task completed Kaspersky Internet Security
My Update Center
4/16/2010 9:37:57 PM Task started Kaspersky Internet Security
My Update Center
4/16/2010 7:21:22 PM Task completed Kaspersky Internet Security
My Update Center
4/16/2010 7:17:56 PM Task started Kaspersky Internet Security
My Update Center
4/16/2010 2:58:52 PM Task completed Kaspersky Internet Security
My Update Center
4/16/2010 2:56:34 PM Task started Kaspersky Internet Security
My Update Center
4/16/2010 12:49:11 PM Task completed Kaspersky Internet Security
My Update Center
4/16/2010 12:47:35 PM Task started Kaspersky Internet Security
My Update Center
4/16/2010 9:47:16 AM Task completed Kaspersky Internet Security
My Update Center
4/16/2010 9:45:51 AM Task started Kaspersky Internet Security
My Update Center
4/16/2010 7:40:15 AM Task completed Kaspersky Internet Security
My Update Center
4/16/2010 7:36:49 AM Task started Kaspersky Internet Security
My Update Center
4/15/2010 9:26:07 PM Task completed Kaspersky Internet Security
My Update Center
4/15/2010 9:24:19 PM Task started Kaspersky Internet Security
My Update Center
4/15/2010 7:24:10 PM Task completed Kaspersky Internet Security
My Update Center
4/15/2010 7:21:22 PM Task started Kaspersky Internet Security
My Update Center
4/15/2010 3:14:55 PM Task completed Kaspersky Internet Security
My Update Center
4/15/2010 3:12:49 PM Task started Kaspersky Internet Security
My Update Center
4/15/2010 12:58:01 PM Task completed Kaspersky Internet Security
My Update Center
4/15/2010 12:52:51 PM Task started Kaspersky Internet Security
My Update Center
4/15/2010 10:34:24 AM Task completed Kaspersky Internet Security
My Update Center
4/15/2010 10:32:49 AM Task started Kaspersky Internet Security
My Update Center
4/15/2010 7:24:03 AM Task completed Kaspersky Internet Security
My Update Center
4/15/2010 7:21:27 AM Task started Kaspersky Internet Security
My Update Center
4/14/2010 9:40:06 PM Task completed Kaspersky Internet Security
My Update Center
4/14/2010 9:36:39 PM Task started Kaspersky Internet Security
My Update Center
4/14/2010 4:58:09 PM Task completed Kaspersky Internet Security
My Update Center
4/14/2010 4:49:56 PM Task started Kaspersky Internet Security
My Update Center
4/14/2010 12:26:10 PM Task completed Kaspersky Internet Security
My Update Center Not all components were updated
4/14/2010 12:11:43 PM Task started Kaspersky Internet Security
My Update Center
4/14/2010 10:08:48 AM Task completed Kaspersky Internet Security
My Update Center Not all components were updated
4/14/2010 9:51:47 AM Task started Kaspersky Internet Security
My Update Center
4/14/2010 7:42:21 AM Task completed Kaspersky Internet Security
My Update Center
4/14/2010 7:31:40 AM Task started Kaspersky Internet Security
My Update Center
4/13/2010 9:58:01 PM Task completed Kaspersky Internet Security
My Update Center
4/13/2010 9:53:19 PM Task started Kaspersky Internet Security
My Update Center
4/13/2010 7:04:03 PM Task completed Kaspersky Internet Security
My Update Center
4/13/2010 6:58:55 PM Task started Kaspersky Internet Security
My Update Center
4/13/2010 12:30:36 PM Task completed Kaspersky Internet Security
My Update Center
4/13/2010 12:27:25 PM Task started Kaspersky Internet Security
My Update Center
4/13/2010 6:14:07 AM Task completed Kaspersky Internet Security
My Update Center
4/13/2010 6:11:50 AM Task started Kaspersky Internet Security
My Update Center
4/12/2010 8:31:15 PM Task completed Kaspersky Internet Security
My Update Center
4/12/2010 8:28:05 PM Task started Kaspersky Internet Security
My Update Center
4/12/2010 6:19:52 PM Task completed Kaspersky Internet Security
My Update Center
4/12/2010 6:17:05 PM Task started Kaspersky Internet Security
My Update Center
4/12/2010 9:31:58 AM Task completed Kaspersky Internet Security
My Update Center
4/12/2010 9:27:35 AM Task started Kaspersky Internet Security
My Update Center
4/12/2010 7:18:42 AM Task completed Kaspersky Internet Security
My Update Center Not all components were updated
4/12/2010 7:18:42 AM It is necessary to restart the computer after update
Kaspersky Internet Security
4/12/2010 6:52:59 AM Task started Kaspersky Internet Security
My Update Center
Date: Monday (events: 105)
My Protection (events: 1)
4/19/2010 4:31:01 PM Protection is not running Kaspersky Internet Secur
ity
File Anti-Virus (events: 7)
4/19/2010 6:43:03 PM Processing error Windows Explorer
H:\Music\Domino - 07 - Terbebas Darimu.mp3 Read error
4/19/2010 6:37:27 PM Processing error Windows Explorer
H:\Music\Domino - 07 - Terbebas Darimu.mp3 Read error
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
File Anti-Virus
4/19/2010 1:19:48 PM Processing error Windows Explorer
H:\Music\Domino - 07 - Terbebas Darimu.mp3 Read error
4/19/2010 1:16:27 PM Processing error Firefox C:\DOCUMENTS AND
SETTINGS\IKHFAR\LOCAL SETTINGS\Application Data\Mozilla\Firefox\Profiles\31uaxu
ie.default\Cache\973791C1d01 Read error
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
File Anti-Virus
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 3)
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 3)
4/19/2010 6:27:08 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 3)
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 3)
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
Anti-Spam
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
Anti-Spam
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 30)
4/19/2010 6:27:38 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
Application Control
4/19/2010 4:05:27 PM Microsoft Office Outlook Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/19/2010 3:58:41 PM APACHE_START.BAT Placed in group Trusted
Known on the database of the known software
4/19/2010 3:58:28 PM MYSQLD.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/19/2010 3:58:22 PM Apache HTTP Server Placed in group Trusted
Known on the database of the known software
4/19/2010 3:58:22 PM XAMPP: start XAMPP from the shell Placed i
n group Trusted Known on the database of the known software
4/19/2010 3:57:47 PM awk.exe Placed in group Trusted Known on the dat
abase of the known software
4/19/2010 3:57:46 PM CLI Placed in group Trusted Known on the dat
abase of the known software
4/19/2010 3:57:45 PM SETUP_XAMPP.BAT Placed in group Trusted Known on
the database of the known software
4/19/2010 3:52:52 PM 7z SFX Placed in group Low Restricted High val
ue of threat rating calculated heuristically
4/19/2010 3:23:04 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/19/2010 3:05:19 PM KGB Archiver Placed in group Trusted Known on
the database of the known software
4/19/2010 2:06:20 PM KGB Archiver Placed in group Low Restricted
High value of threat rating calculated heuristically
4/19/2010 1:59:41 PM KGB Archiver Placed in group Trusted Known on
the database of the known software
4/19/2010 1:59:26 PM Allowed: Using system program interfaces (DNS) KGB Arch
iver Use DNS caching system for conversion kgbarchiver.sourceforge.net
Using system program interfaces (DNS)
4/19/2010 1:59:25 PM Allowed: Using system program interfaces (DNS) KGB Arch
iver Use DNS caching system for conversion kgbarchiver.sourceforge.net
Using system program interfaces (DNS)
4/19/2010 1:59:23 PM KGB Archiver Placed in group Trusted Known on
the database of the known software
4/19/2010 1:59:15 PM IS-9M53S.TMP Placed in group Low Restricted
High value of threat rating calculated heuristically
4/19/2010 1:59:13 PM KGB Archiver Setup Placed in group Trusted
Known on the database of the known software
4/19/2010 1:05:57 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
Application Control
4/19/2010 6:11:08 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/19/2010 6:10:31 AM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/19/2010 6:10:31 AM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/19/2010 6:10:31 AM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/19/2010 6:07:46 AM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/19/2010 6:05:37 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/19/2010 5:51:20 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 9)
4/19/2010 6:47:56 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 3:58:22 PM Denied XAMPP: start XAMPP from the shell Open
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 2:44:38 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 1:22:07 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 1:22:06 PM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 1:20:01 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 1:06:00 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 8:51:49 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/19/2010 6:10:31 AM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 7)
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
Proactive Defense
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
Proactive Defense
4/19/2010 6:11:05 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/19/2010 6:11:05 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/19/2010 6:05:34 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/19/2010 6:05:33 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
Proactive Defense
License (events: 3)
4/19/2010 6:27:04 PM License validity period expires soon Kaspersky Intern
et Security
4/19/2010 1:05:27 PM License validity period expires soon Kaspersky Intern
et Security
4/19/2010 5:50:54 AM License validity period expires soon Kaspersky Intern
et Security
Firewall (events: 3)
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
Firewall
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
Firewall
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 3)
4/19/2010 6:27:07 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/19/2010 1:05:29 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/19/2010 5:50:56 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 16)
4/19/2010 7:01:03 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/19/2010 6:57:19 PM Task started Kaspersky Internet Security
Rootkit Scan
4/19/2010 6:55:19 PM Task completed Kaspersky Internet Security
Virus Scan
4/19/2010 6:48:29 PM Task started Kaspersky Internet Security
Virus Scan
4/19/2010 6:48:20 PM Task completed Kaspersky Internet Security
Virus Scan
4/19/2010 6:47:56 PM Task started Kaspersky Internet Security
Virus Scan
4/19/2010 1:38:54 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/19/2010 1:35:40 PM Task started Kaspersky Internet Security
Rootkit Scan
4/19/2010 1:20:11 PM Task stopped Kaspersky Internet Security
Virus Scan
4/19/2010 1:20:01 PM Task started Kaspersky Internet Security
Virus Scan
4/19/2010 1:18:39 PM Task completed Kaspersky Internet Security
Virus Scan
4/19/2010 1:16:47 PM Task started Kaspersky Internet Security
Virus Scan
4/19/2010 1:16:27 PM Task completed Kaspersky Internet Security
Virus Scan
4/19/2010 1:14:55 PM Task started Kaspersky Internet Security
Virus Scan
4/19/2010 6:23:52 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/19/2010 6:21:06 AM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 14)
4/19/2010 9:04:42 PM Task completed Kaspersky Internet Security
My Update Center
4/19/2010 9:02:32 PM Task started Kaspersky Internet Security
My Update Center
4/19/2010 6:43:02 PM Task completed Kaspersky Internet Security
My Update Center
4/19/2010 6:42:34 PM Task started Kaspersky Internet Security
My Update Center
4/19/2010 3:52:59 PM Task completed Kaspersky Internet Security
My Update Center
4/19/2010 3:41:01 PM Task started Kaspersky Internet Security
My Update Center
4/19/2010 1:22:56 PM Task completed Kaspersky Internet Security
My Update Center
4/19/2010 1:20:54 PM Task started Kaspersky Internet Security
My Update Center
4/19/2010 10:47:16 AM Task completed Kaspersky Internet Security
My Update Center
4/19/2010 10:46:35 AM Task started Kaspersky Internet Security
My Update Center
4/19/2010 8:27:41 AM Task completed Kaspersky Internet Security
My Update Center
4/19/2010 8:26:35 AM Task started Kaspersky Internet Security
My Update Center
4/19/2010 6:09:09 AM Task completed Kaspersky Internet Security
My Update Center
4/19/2010 6:06:21 AM Task started Kaspersky Internet Security
My Update Center
Date: Tuesday (events: 185)
My Protection (events: 5)
4/20/2010 11:49:23 PM Protection is not running Kaspersky Internet Secur
ity
4/20/2010 9:23:19 PM Protection is not running Kaspersky Internet Secur
ity
4/20/2010 8:17:03 PM Protection is not running Kaspersky Internet Secur
ity
4/20/2010 8:12:59 PM Protection is not running Kaspersky Internet Secur
ity
4/20/2010 1:21:35 PM Protection is not running Kaspersky Internet Secur
ity
File Anti-Virus (events: 7)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
File Anti-Virus
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
File Anti-Virus
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
File Anti-Virus
4/20/2010 8:14:29 PM Task started Kaspersky Internet Security
File Anti-Virus
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
File Anti-Virus
4/20/2010 10:33:37 AM Task started Kaspersky Internet Security
File Anti-Virus
4/20/2010 5:54:54 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 7)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/20/2010 8:14:29 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/20/2010 10:33:38 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/20/2010 5:54:55 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 7)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/20/2010 8:34:09 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/20/2010 8:14:30 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/20/2010 10:33:38 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/20/2010 5:54:55 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 7)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/20/2010 8:14:29 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/20/2010 10:33:38 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/20/2010 5:54:54 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 7)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
Anti-Spam
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
Anti-Spam
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
Anti-Spam
4/20/2010 8:14:29 PM Task started Kaspersky Internet Security
Anti-Spam
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
Anti-Spam
4/20/2010 10:33:37 AM Task started Kaspersky Internet Security
Anti-Spam
4/20/2010 5:54:54 AM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 91)
4/20/2010 11:48:49 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/20/2010 11:48:48 PM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/20/2010 11:15:55 PM Allowed: Code intrusion SSHNAS21.DLL Code intrusion
c:\windows\system32\sshnas21.dll Code intrusion
4/20/2010 11:15:01 PM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/20/2010 11:13:01 PM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/20/2010 10:50:01 PM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/20/2010 10:48:41 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/20/2010 10:48:39 PM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/20/2010 10:47:20 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion winpals.com Using system pro
gram interfaces (DNS)
4/20/2010 10:32:54 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion pastsby.com Using system program int
erfaces (DNS)
4/20/2010 10:32:53 PM VJZ..BAT Placed in group Low Restricted
High value of threat rating calculated heuristically
4/20/2010 10:32:51 PM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/20/2010 10:32:49 PM VJ1.EXE Placed in group Low Restricted High val
ue of threat rating calculated heuristically
4/20/2010 10:32:19 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion winpals.com Using system pro
gram interfaces (DNS)
4/20/2010 10:32:07 PM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/20/2010 10:31:55 PM VBYXYA.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/20/2010 10:31:52 PM Allowed: Using program interfaces of other process
haKk0bzuz Using program interfaces of other process c:\documents and
settings\ikhfar\local settings\temp\vj0.exe Using program interfaces of othe
r process
4/20/2010 10:31:51 PM Allowed: Using system program interfaces (DNS) CRACK_RE
SHADE20BETA.45059.EXE Use DNS caching system for conversion richphotoart.com
Using system program interfaces (DNS)
4/20/2010 10:31:51 PM haKk0bzuz Placed in group Low Restricted
High value of threat rating calculated heuristically
4/20/2010 10:31:19 PM FSCapture.exe Placed in group Trusted Known on
the database of the known software
4/20/2010 10:31:16 PM FSCaptureSetup53.exe Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/20/2010 10:31:09 PM Allowed: Code intrusion SSHNAS21.DLL Code intrusion
c:\windows\system32\sshnas21.dll Code intrusion
4/20/2010 10:31:03 PM Allowed: Using system program interfaces (DNS) SSHNAS21
.DLL Use DNS caching system for conversion yourgot.com Using system pro
gram interfaces (DNS)
4/20/2010 10:31:03 PM SSHNAS21.DLL Placed in group Low Restricted
High value of threat rating calculated heuristically
4/20/2010 10:30:37 PM b7Oey Placed in group Low Restricted High val
ue of threat rating calculated heuristically
4/20/2010 10:30:12 PM Allowed: Using system program interfaces (DNS) CRACK_RE
SHADE20BETA.45059.EXE Use DNS caching system for conversion pinehousearts.co
m Using system program interfaces (DNS)
4/20/2010 10:30:01 PM CRACK_RESHADE20BETA.45059.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/20/2010 10:15:57 PM Allowed: Using system program interfaces (DNS) reshade.
exe Use DNS caching system for conversion reshade.com Using system pro
gram interfaces (DNS)
4/20/2010 10:15:57 PM reshade.exe Placed in group Low Restricted
High value of threat rating calculated heuristically
4/20/2010 10:15:50 PM reshade-install-update.exe Placed in group
Low Restricted High value of threat rating calculated heuristically
4/20/2010 9:32:32 PM Allowed: Using system program interfaces (DNS) RESHADE.
EXE Use DNS caching system for conversion reshade.com Using system pro
gram interfaces (DNS)
4/20/2010 9:32:09 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
Application Control
4/20/2010 9:27:56 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
Application Control
4/20/2010 8:49:27 PM Apache HTTP Server Placed in group Trusted
Known on the database of the known software
4/20/2010 8:49:26 PM XAMPP: start XAMPP from the shell Placed i
n group Trusted Known on the database of the known software
4/20/2010 8:49:26 PM CLI Placed in group Trusted Known on the dat
abase of the known software
4/20/2010 8:49:25 PM KGB Archiver Placed in group Trusted Known on
the database of the known software
4/20/2010 8:49:25 PM KGB Archiver Placed in group Trusted Known on
the database of the known software
4/20/2010 8:34:31 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
Application Control
4/20/2010 8:15:53 PM INSTALL_FP6_WU_R88.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/20/2010 8:15:52 PM GENINST.EXE Placed in group Trusted Known on
the database of the known software
4/20/2010 8:14:42 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/20/2010 8:14:31 PM Registry Console Tool Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/20/2010 8:14:29 PM Task started Kaspersky Internet Security
Application Control
4/20/2010 8:06:17 PM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 8:05:42 PM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 8:05:27 PM Allowed: Using program interfaces of other process
RESHADE.EXE Using program interfaces of other process c:\program files
\reshade\reshade.exe Using program interfaces of other process
4/20/2010 8:05:12 PM Allowed: Using system program interfaces (DNS) RESHADE.
EXE Use DNS caching system for conversion reshade.com Using system pro
gram interfaces (DNS)
4/20/2010 8:05:09 PM Windows Movie Maker Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/20/2010 8:04:08 PM Allowed: Using system program interfaces (DNS) RESHADE.
EXE Use DNS caching system for conversion reshade.com Using system pro
gram interfaces (DNS)
4/20/2010 8:04:03 PM update.exe Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 8:03:56 PM Allowed: Using system program interfaces (DNS) RESHADE.
EXE Use DNS caching system for conversion reshade.com Using system pro
gram interfaces (DNS)
4/20/2010 8:03:55 PM RESHADE.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/20/2010 8:03:38 PM RESHADE IMAGE ENLARGER V1.51_PATCH.EXE Placed i
n group Low Restricted High value of threat rating calculated heuristically
4/20/2010 8:02:48 PM Allowed: Using system program interfaces (DNS) RESHADE.
EXE Use DNS caching system for conversion reshade.com Using system pro
gram interfaces (DNS)
4/20/2010 8:02:44 PM RESHADE IMAGE ENLARGER V1.51_PATCH.EXE Placed i
n group Low Restricted High value of threat rating calculated heuristically
4/20/2010 8:02:40 PM RESHADE.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/20/2010 8:02:33 PM RESHADE-INSTALL.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/20/2010 8:01:49 PM Microsoft Windows Malicious Software Removal Too
l Placed in group Trusted Signed by the digital signature of entrusted man
ufacturers
4/20/2010 8:00:51 PM IESETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 8:00:44 PM IE8-WindowsXP-x86-ENU.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/20/2010 7:59:51 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
Application Control
4/20/2010 12:33:57 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/20/2010 12:33:57 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/20/2010 12:33:57 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/20/2010 12:33:47 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/20/2010 10:35:58 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/20/2010 10:34:02 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/20/2010 10:33:37 AM Task started Kaspersky Internet Security
Application Control
4/20/2010 6:03:08 AM WINDOWS-KB890830-V3.6.EXE Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/20/2010 6:03:07 AM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\Harddisk1\DP(1)0-0+7 Low level disk access
4/20/2010 6:02:59 AM Microsoft Windows Malicious Software Removal Too
l Placed in group Trusted Signed by the digital signature of entrusted man
ufacturers
4/20/2010 6:02:55 AM MRTSTUB.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 6:02:51 AM Microsoft Windows Malicious Software Removal Too
l (KB890830) - Setup Self-Extracting Cabinet Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 6:02:21 AM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 5:57:33 AM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 5:57:09 AM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/20/2010 5:57:09 AM iesetup.exe Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/20/2010 5:57:02 AM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/20/2010 5:57:02 AM IE8-WindowsXP-x86-ENU.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/20/2010 5:56:58 AM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/20/2010 5:56:58 AM INSTALL_FP6_WU_R88.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/20/2010 5:56:57 AM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/20/2010 5:56:56 AM GENINST.EXE Placed in group Trusted Known on
the database of the known software
4/20/2010 5:56:17 AM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\HarddiskVolume1 Low level disk access
4/20/2010 5:55:20 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/20/2010 5:54:54 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 13)
4/20/2010 11:09:15 PM Denied SSHNAS21.DLL Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 11:01:36 PM Denied 3ds Max application Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 10:31:09 PM Denied SSHNAS21.DLL Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 10:30:12 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 9:21:45 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 9:09:39 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 8:55:08 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 8:36:20 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 8:34:58 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 8:15:28 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 8:01:52 PM Denied Microsoft Windows Malicious Software Removal Too
l Open C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\
avp.exe
4/20/2010 12:33:57 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/20/2010 11:17:02 AM Denied Unlocker.exe Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 11)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
Proactive Defense
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
Proactive Defense
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
Proactive Defense
4/20/2010 8:14:30 PM Task started Kaspersky Internet Security
Proactive Defense
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
Proactive Defense
4/20/2010 10:35:55 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/20/2010 10:35:55 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/20/2010 10:35:31 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/20/2010 10:35:31 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/20/2010 10:33:38 AM Task started Kaspersky Internet Security
Proactive Defense
4/20/2010 5:54:55 AM Task started Kaspersky Internet Security
Proactive Defense
Firewall (events: 7)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
Firewall
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
Firewall
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
Firewall
4/20/2010 8:14:29 PM Task started Kaspersky Internet Security
Firewall
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
Firewall
4/20/2010 10:33:37 AM Task started Kaspersky Internet Security
Firewall
4/20/2010 5:54:54 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 7)
4/20/2010 9:31:47 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/20/2010 9:27:33 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/20/2010 8:34:08 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/20/2010 8:14:29 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/20/2010 7:59:18 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/20/2010 10:33:38 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/20/2010 5:54:55 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 8)
4/20/2010 10:04:45 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/20/2010 10:02:00 PM Task started Kaspersky Internet Security
Rootkit Scan
4/20/2010 9:07:50 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/20/2010 9:04:21 PM Task started Kaspersky Internet Security
Rootkit Scan
4/20/2010 8:35:27 PM Task completed Kaspersky Internet Security
Virus Scan
4/20/2010 8:34:57 PM Task started Kaspersky Internet Security
Virus Scan
4/20/2010 11:06:13 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/20/2010 11:03:49 AM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 8)
4/20/2010 11:09:12 PM Task completed Kaspersky Internet Security
My Update Center
4/20/2010 11:07:14 PM Task started Kaspersky Internet Security
My Update Center
4/20/2010 8:54:20 PM Task completed Kaspersky Internet Security
My Update Center
4/20/2010 8:49:35 PM Task started Kaspersky Internet Security
My Update Center
4/20/2010 1:10:36 PM Task completed Kaspersky Internet Security
My Update Center
4/20/2010 1:09:03 PM Task started Kaspersky Internet Security
My Update Center
4/20/2010 10:51:59 AM Task completed Kaspersky Internet Security
My Update Center
4/20/2010 10:49:03 AM Task started Kaspersky Internet Security
My Update Center
Date: Wednesday (events: 234)
My Protection (events: 8)
4/21/2010 9:59:48 PM Protection is not running Kaspersky Internet Secur
ity
4/21/2010 3:57:04 PM Protection is not running Kaspersky Internet Secur
ity
4/21/2010 3:48:56 PM Protection is not running Kaspersky Internet Secur
ity
4/21/2010 3:48:35 PM Threats have been detected Kaspersky Internet Secur
ity
4/21/2010 3:48:27 PM Threats have been detected Kaspersky Internet Secur
ity
4/21/2010 3:47:46 PM Threats have been detected Kaspersky Internet Secur
ity
4/21/2010 1:09:41 PM Protection is not running Kaspersky Internet Secur
ity
4/21/2010 10:40:39 AM Protection is not running Kaspersky Internet Secur
ity
File Anti-Virus (events: 6)
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
File Anti-Virus
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
File Anti-Virus
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
File Anti-Virus
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
File Anti-Virus
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
File Anti-Virus
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 6)
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 9)
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/21/2010 12:24:16 PM Denied Firefox http://www.memeq.net/favicon.ico
URL found in the base
4/21/2010 12:24:15 PM Denied Firefox http://www.memeq.net/favicon.ico
URL found in the base
4/21/2010 12:24:12 PM Denied Firefox http://www.memeq.net/cewek/cewek
-indonesia-bugil.html URL found in the base
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 6)
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 6)
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
Anti-Spam
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
Anti-Spam
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
Anti-Spam
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
Anti-Spam
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
Anti-Spam
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 128)
4/21/2010 9:55:58 PM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/21/2010 9:54:08 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 9:54:06 PM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/21/2010 9:49:22 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/21/2010 8:54:00 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 8:53:58 PM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/21/2010 8:30:51 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/21/2010 8:08:59 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/21/2010 8:08:59 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/21/2010 8:08:59 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/21/2010 8:08:56 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/21/2010 8:03:44 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/21/2010 7:53:52 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 7:53:50 PM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/21/2010 7:28:11 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/21/2010 7:08:22 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 7:04:34 PM PES2010 SCOREBOARDEDITOR.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/21/2010 7:04:32 PM PES2010 SCOREBOARDEDITOR.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/21/2010 6:53:43 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 6:53:41 PM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/21/2010 6:53:21 PM SCOREBOARD SELECTOR 1.3.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
4/21/2010 6:53:18 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 6:45:15 PM Microsoft® Silverlight Configuration Utility
Placed in group Trusted Signed by the digital signature of entrusted manufacture
rs
4/21/2010 6:44:14 PM DXWSETUP.EXE Placed in group Trusted Known on
the database of the known software
4/21/2010 6:44:14 PM MSIDBA.TMP Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 6:44:14 PM DirectX 9.0 Web setup Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 6:43:56 PM INSTALL.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 6:43:55 PM Self-Extracting Cabinet Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 6:38:18 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 6:34:24 PM Internet Explorer ImpExp FF exporter Placed i
n group Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 6:33:37 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/21/2010 6:32:44 PM Allowed: Low level disk access UltraISO.exe Low leve
l disk access Device\IsoCdRom0 Low level disk access
4/21/2010 6:23:44 PM Allowed: Using system program interfaces (DNS) reshade.
exe Use DNS caching system for conversion reshade.com Using system pro
gram interfaces (DNS)
4/21/2010 6:23:09 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 6:15:51 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/21/2010 6:15:20 PM Paint Placed in group Trusted Signed by the di
gital signature of entrusted manufacturers
4/21/2010 6:10:18 PM HHD Software Hex Editor Neo Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 6:09:53 PM setup_x86.exe Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 6:09:46 PM HHD Software Setup Package Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 6:08:06 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 5:53:35 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 5:53:35 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
Application Control
4/21/2010 3:50:24 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/21/2010 3:50:24 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 3:50:24 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
Application Control
4/21/2010 3:46:30 PM PLUGININSTALLER.EXE Placed in group Low Rest
ricted High value of threat rating calculated heuristically
4/21/2010 3:46:29 PM Win32 Cabinet Self-Extractor Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 3:17:49 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 3:17:49 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 3:17:49 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
Application Control
4/21/2010 12:46:01 PM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/21/2010 12:36:21 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion aigfy.com Using system pro
gram interfaces (DNS)
4/21/2010 12:26:01 PM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/21/2010 12:21:17 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/21/2010 12:21:16 PM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 12:21:16 PM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion winpals.com Using system pro
gram interfaces (DNS)
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
Application Control
4/21/2010 12:02:32 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 12:02:26 PM MSXML6.MSI Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 12:02:24 PM msxml6-KB973686-enu-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 12:02:16 PM MSXML6.MSI Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 12:02:13 PM msxml6-KB954459-enu-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 12:02:08 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 12:01:42 PM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 11:42:40 AM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 11:42:38 AM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/21/2010 11:37:01 AM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/21/2010 11:27:38 AM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion winpals.com Using system pro
gram interfaces (DNS)
4/21/2010 10:57:27 AM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 10:42:32 AM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 10:42:31 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/21/2010 10:42:20 AM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion centerber.com Using system pro
gram interfaces (DNS)
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
Application Control
4/21/2010 10:40:17 AM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/21/2010 10:40:17 AM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/21/2010 10:40:17 AM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/21/2010 10:40:17 AM Allowed: Using system program interfaces (DNS) Microsof
t Application Error Reporting Use DNS caching system for conversion watson.m
icrosoft.com Using system program interfaces (DNS)
4/21/2010 10:40:11 AM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/21/2010 10:38:01 AM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/21/2010 10:38:01 AM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/21/2010 10:38:01 AM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/21/2010 10:38:01 AM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/21/2010 10:37:57 AM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/21/2010 10:29:01 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/21/2010 10:21:56 AM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion winpals.com Using system pro
gram interfaces (DNS)
4/21/2010 10:10:03 AM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/21/2010 10:10:03 AM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/21/2010 10:10:03 AM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/21/2010 10:09:57 AM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/21/2010 10:06:49 AM Allowed: Using system program interfaces (DNS) VBYXYA.E
XE Use DNS caching system for conversion winpals.com Using system pro
gram interfaces (DNS)
4/21/2010 10:03:31 AM HOTFIXINSTALLER.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 10:03:30 AM NDP35SP1-KB958484-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 10:03:02 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/21/2010 10:02:51 AM HOTFIXINSTALLER.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 10:02:50 AM NDP30SP2-KB958483-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 10:01:55 AM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/21/2010 10:01:55 AM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/21/2010 10:01:55 AM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/21/2010 10:01:47 AM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/21/2010 10:00:40 AM HOTFIXINSTALLER.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 10:00:38 AM NDP20SP2-KB958481-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 10:00:24 AM WFServicesReg.exe Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 10:00:01 AM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/21/2010 9:59:39 AM PresentationFontCache.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 9:59:36 AM PERFCOUNTERS.REG Placed in group Trusted
Known on the database of the known software
4/21/2010 9:59:35 AM PerformanceCounterInstaller.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 9:59:27 AM Microsoft® Resource File To COFF Object Conversi
on Utility Placed in group Trusted Signed by the digital signature of entru
sted manufacturers
4/21/2010 9:59:26 AM Visual C# Command Line Compiler Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 9:59:24 AM .NET Framework Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 9:59:00 AM Print Filter Pipeline Host Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 9:58:54 AM PRINTFILTERPIPELINESVC.EXE Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/21/2010 9:58:38 AM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 9:58:36 AM xpsepsc-x86-en-us.exe Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 9:57:58 AM Microsoft .NET Services Installation Utility
Placed in group Trusted Known on the database of the known software
4/21/2010 9:54:54 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/21/2010 9:54:17 AM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 9:54:16 AM wic_x86_enu.exe Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 9:54:01 AM CLWIREG.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 9:53:17 AM SETUP.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/21/2010 9:53:13 AM dotnetfx35setup.exe Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 9:53:07 AM dotnetfx35_x86.exe Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/21/2010 9:53:01 AM Allowed: Using program interfaces of other process
VBYXYA.EXE Using program interfaces of other process c:\windows\vbyxy
a.exe Using program interfaces of other process
4/21/2010 9:52:10 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/21/2010 9:52:10 AM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 9)
4/21/2010 8:08:59 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 6:52:47 PM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 6:44:18 PM Denied INSTALL.EXE Open C:\Program Files\Kaspers
ky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 3:17:50 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 10:40:17 AM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 10:38:01 AM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 10:10:03 AM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 10:10:03 AM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/21/2010 10:01:55 AM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 22)
4/21/2010 9:49:19 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 9:49:19 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 8:30:49 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 8:30:48 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 7:28:32 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 7:28:32 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 6:34:47 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 6:34:47 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
Proactive Defense
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
Proactive Defense
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
Proactive Defense
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
Proactive Defense
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
Proactive Defense
4/21/2010 10:28:58 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 10:28:58 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 10:02:59 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 10:02:59 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 10:02:20 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/21/2010 10:02:20 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010 Settin
gs Keylogger activity kernel mode memory patch
4/21/2010 9:54:51 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 9:54:50 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
Proactive Defense
Firewall (events: 6)
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
Firewall
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
Firewall
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
Firewall
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
Firewall
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
Firewall
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 6)
4/21/2010 5:53:09 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/21/2010 3:50:16 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/21/2010 3:17:36 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/21/2010 12:21:06 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/21/2010 10:42:10 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/21/2010 9:51:44 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 12)
4/21/2010 6:26:47 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/21/2010 6:23:16 PM Task started Kaspersky Internet Security
Rootkit Scan
4/21/2010 3:48:46 PM Task completed Kaspersky Internet Security
Disinfect active threats
4/21/2010 3:47:55 PM Task stopped Kaspersky Internet Security
Rootkit Scan
4/21/2010 3:47:50 PM Task started Kaspersky Internet Security
Disinfect active threats
4/21/2010 3:47:46 PM Task started Kaspersky Internet Security
Rootkit Scan
4/21/2010 12:55:02 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/21/2010 12:51:17 PM Task started Kaspersky Internet Security
Rootkit Scan
4/21/2010 11:15:24 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/21/2010 11:12:21 AM Task started Kaspersky Internet Security
Rootkit Scan
4/21/2010 10:25:47 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/21/2010 10:21:56 AM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 10)
4/21/2010 8:30:12 PM Task completed Kaspersky Internet Security
My Update Center
4/21/2010 8:28:30 PM Task started Kaspersky Internet Security
My Update Center
4/21/2010 6:10:36 PM Task completed Kaspersky Internet Security
My Update Center
4/21/2010 6:08:30 PM Task started Kaspersky Internet Security
My Update Center
4/21/2010 3:39:09 PM Task completed Kaspersky Internet Security
My Update Center
4/21/2010 3:32:59 PM Task started Kaspersky Internet Security
My Update Center
4/21/2010 12:38:12 PM Task completed Kaspersky Internet Security
My Update Center
4/21/2010 12:36:30 PM Task started Kaspersky Internet Security
My Update Center
4/21/2010 10:11:47 AM Task completed Kaspersky Internet Security
My Update Center
4/21/2010 10:07:10 AM Task started Kaspersky Internet Security
My Update Center
Date: Thursday (events: 125)
My Protection (events: 9)
4/22/2010 10:49:48 PM Protection is not running Kaspersky Internet Secur
ity
4/22/2010 10:18:59 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/22/2010 10:18:59 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
4/22/2010 2:51:14 PM Protection is not running Kaspersky Internet Secur
ity
4/22/2010 2:14:18 PM Protection is not running Kaspersky Internet Secur
ity
4/22/2010 7:46:10 AM Protection is not running Kaspersky Internet Secur
ity
4/22/2010 5:23:29 AM Threats have been detected Kaspersky Internet Secur
ity
4/22/2010 5:19:58 AM Threats have been detected Kaspersky Internet Secur
ity
4/22/2010 4:56:47 AM Threats have been detected Kaspersky Internet Secur
ity
File Anti-Virus (events: 4)
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
File Anti-Virus
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
File Anti-Virus
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
File Anti-Virus
4/22/2010 4:49:37 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 4)
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/22/2010 4:49:37 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 7)
4/22/2010 10:31:16 PM Denied Firefox http://www.kavkisfile.com/favico
n.ico URL found in the base
4/22/2010 10:31:13 PM Denied Firefox http://www.kavkisfile.com/favico
n.ico URL found in the base
4/22/2010 10:31:13 PM Denied Firefox http://www.kavkisfile.com/key/
URL found in the base
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/22/2010 4:49:38 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 4)
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/22/2010 4:49:37 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 4)
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
Anti-Spam
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
Anti-Spam
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
Anti-Spam
4/22/2010 4:49:37 AM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 31)
4/22/2010 10:41:20 PM : HEUR:Trojan.Win32.Generic haKk0bzuz Placed i
n group Untrusted HEUR
4/22/2010 10:41:20 PM : Trojan.Win32.FraudPack.arkt b7Oey Placed in group
Untrusted Trojan.Win32.FraudPack.arkt
4/22/2010 9:56:21 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
Application Control
4/22/2010 2:24:56 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
Application Control
4/22/2010 1:19:39 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/22/2010 1:03:36 PM Microsoft .NET Services Installation Utility
Placed in group Trusted Known on the database of the known software
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
Application Control
4/22/2010 7:43:12 AM HOTFIXINSTALLER.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/22/2010 7:43:10 AM NDP20SP2-KB974417-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/22/2010 7:43:06 AM MSI1194.TMP Placed in group Trusted Known on
the database of the known software
4/22/2010 7:42:17 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/22/2010 7:41:25 AM HOTFIXINSTALLER.EXE Placed in group Trusted
Signed by the digital signature of entrusted manufacturers
4/22/2010 7:41:23 AM NDP35SP1-KB963707-x86.exe Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/22/2010 7:41:02 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/22/2010 6:50:22 AM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/22/2010 6:50:20 AM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/22/2010 5:50:13 AM Allowed: Using system program interfaces (DNS) VJ1.EXE
Use DNS caching system for conversion utwest.com Using system program int
erfaces (DNS)
4/22/2010 5:50:12 AM Allowed: Using program interfaces of other process
VJ1.EXE Using program interfaces of other process c:\documents and setting
s\ikhfar\local settings\temp\vj1.exe Using program interfaces of other proces
s
4/22/2010 5:37:16 AM Allowed: Low level disk access Launchpad.exe Low leve
l disk access Device\HarddiskVolume1 Low level disk access
4/22/2010 5:37:09 AM LAUNCHU3.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/22/2010 5:37:08 AM LAUNCHU3.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/22/2010 5:34:17 AM TERACOPY.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
4/22/2010 5:33:57 AM TeraCopy Placed in group Trusted Known on
the database of the known software
4/22/2010 5:33:46 AM IS-3QAM7.TMP Placed in group Trusted Known on
the database of the known software
4/22/2010 5:33:46 AM SETUP.EXE Placed in group Trusted Known on
the database of the known software
4/22/2010 5:32:38 AM TeraCopy Placed in group Low Restricted
High value of threat rating calculated heuristically
4/22/2010 5:13:03 AM Windows Service Pack Setup Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/22/2010 5:05:30 AM UPDATE.EXE Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/22/2010 4:49:37 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 30)
4/22/2010 10:35:33 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:14:29 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:14:22 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:14:14 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:14:07 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:14:00 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:53 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:46 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:39 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:31 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:24 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:17 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:10 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:13:03 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:12:56 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:12:49 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:12:42 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:12:35 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:12:28 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:12:21 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 1:12:08 PM Denied Disk Defragmenter NTFS Module Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 6:28:38 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 6:09:57 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 6:09:05 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 6:08:08 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 6:07:42 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 6:05:44 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 5:24:59 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 5:13:25 AM Denied Adobe Reader 9.3 Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/22/2010 4:50:40 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 6)
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
Proactive Defense
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
Proactive Defense
4/22/2010 1:19:36 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/22/2010 1:19:36 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
Proactive Defense
4/22/2010 4:49:38 AM Task started Kaspersky Internet Security
Proactive Defense
Firewall (events: 4)
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
Firewall
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
Firewall
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
Firewall
4/22/2010 4:49:37 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 4)
4/22/2010 9:56:07 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/22/2010 2:24:16 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/22/2010 12:47:42 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/22/2010 4:49:37 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 10)
4/22/2010 10:29:37 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/22/2010 10:26:19 PM Task started Kaspersky Internet Security
Rootkit Scan
4/22/2010 1:21:49 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/22/2010 1:17:46 PM Task started Kaspersky Internet Security
Rootkit Scan
4/22/2010 5:38:42 AM Task completed Kaspersky Internet Security
Virus Scan
4/22/2010 5:38:32 AM Task started Kaspersky Internet Security
Virus Scan
4/22/2010 5:23:37 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/22/2010 5:19:46 AM Task started Kaspersky Internet Security
Rootkit Scan
4/22/2010 5:04:12 AM Task completed Kaspersky Internet Security
Virus Scan
4/22/2010 4:50:40 AM Task started Kaspersky Internet Security
Virus Scan
My Update Center (events: 8)
4/22/2010 10:19:02 PM Task completed Kaspersky Internet Security
My Update Center
4/22/2010 10:11:33 PM Task started Kaspersky Internet Security
My Update Center
4/22/2010 1:03:48 PM Task completed Kaspersky Internet Security
My Update Center
4/22/2010 1:03:00 PM Task started Kaspersky Internet Security
My Update Center
4/22/2010 7:26:43 AM Task completed Kaspersky Internet Security
My Update Center
4/22/2010 7:24:59 AM Task started Kaspersky Internet Security
My Update Center
4/22/2010 5:10:52 AM Task completed Kaspersky Internet Security
My Update Center
4/22/2010 5:05:01 AM Task started Kaspersky Internet Security
My Update Center
Date: Friday (events: 94)
My Protection (events: 11)
4/23/2010 11:36:22 PM Protection is not running Kaspersky Internet Secur
ity
4/23/2010 10:24:14 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/23/2010 10:24:14 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
4/23/2010 8:07:10 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/23/2010 8:07:10 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
4/23/2010 2:40:51 PM Protection is not running Kaspersky Internet Secur
ity
4/23/2010 1:07:11 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/23/2010 1:07:11 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
4/23/2010 9:57:10 AM Protection is not running Kaspersky Internet Secur
ity
4/23/2010 8:39:30 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/23/2010 8:39:30 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
File Anti-Virus (events: 3)
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
File Anti-Virus
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
File Anti-Virus
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 3)
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 3)
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 3)
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 3)
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
Anti-Spam
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
Anti-Spam
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 27)
4/23/2010 9:35:52 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/23/2010 8:36:00 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/23/2010 8:22:08 PM Removable Storage Sink Layer Placed in group
Trusted Signed by the digital signature of entrusted manufacturers
4/23/2010 8:21:54 PM COMPMGMT.MSC Placed in group Trusted Signed b
y the digital signature of entrusted manufacturers
4/23/2010 7:46:10 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
Application Control
4/23/2010 1:46:54 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/23/2010 1:46:27 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/23/2010 1:46:27 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/23/2010 1:46:27 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/23/2010 1:45:53 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/23/2010 1:43:48 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/23/2010 1:43:33 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/23/2010 1:43:33 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/23/2010 1:43:33 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/23/2010 1:43:20 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/23/2010 1:43:01 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/23/2010 1:42:46 PM Allowed: Pausing other processes and threads DrWatson
Postmortem Debugger Suspend another process c:\windows\system32\drwtsn32.exe
Pausing other processes and threads
4/23/2010 1:42:46 PM Allowed: Code intrusion DrWatson Postmortem Debugger
Code intrusion c:\windows\system32\drwtsn32.exe Code intrusion
4/23/2010 1:42:46 PM Allowed: Setting debug privileges DrWatson Postmor
tem Debugger Setting debug privileges Setting debug privileges
4/23/2010 1:42:37 PM Allowed: Pausing other processes and threads Microsof
t Application Error Reporting Suspend another process c:\windows\system32\dwwi
n.exe Pausing other processes and threads
4/23/2010 12:50:51 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/23/2010 12:49:08 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
Application Control
4/23/2010 8:24:21 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/23/2010 8:21:16 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 4)
4/23/2010 7:46:05 PM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/23/2010 1:46:27 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/23/2010 1:43:33 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
4/23/2010 1:42:46 PM Denied DrWatson Postmortem Debugger Open C:\Progr
am Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 17)
4/23/2010 9:35:49 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 9:35:49 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 8:36:06 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 8:36:06 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
Proactive Defense
4/23/2010 1:46:51 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 1:46:51 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 1:43:45 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 1:43:45 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 1:42:58 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 1:42:58 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 12:50:48 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 12:50:47 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
Proactive Defense
4/23/2010 8:24:27 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 8:24:27 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
Proactive Defense
Firewall (events: 3)
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
Firewall
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
Firewall
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 3)
4/23/2010 7:45:35 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/23/2010 12:48:39 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/23/2010 8:20:54 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 6)
4/23/2010 8:19:03 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/23/2010 8:15:46 PM Task started Kaspersky Internet Security
Rootkit Scan
4/23/2010 1:21:27 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/23/2010 1:18:48 PM Task started Kaspersky Internet Security
Rootkit Scan
4/23/2010 8:53:36 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/23/2010 8:51:06 AM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 8)
4/23/2010 10:24:16 PM Task completed Kaspersky Internet Security
My Update Center
4/23/2010 10:21:02 PM Task started Kaspersky Internet Security
My Update Center
4/23/2010 8:07:12 PM Task completed Kaspersky Internet Security
My Update Center
4/23/2010 8:01:03 PM Task started Kaspersky Internet Security
My Update Center
4/23/2010 1:07:13 PM Task completed Kaspersky Internet Security
My Update Center
4/23/2010 1:04:02 PM Task started Kaspersky Internet Security
My Update Center
4/23/2010 8:39:33 AM Task completed Kaspersky Internet Security
My Update Center
4/23/2010 8:36:21 AM Task started Kaspersky Internet Security
My Update Center
Date: Yesterday (events: 58)
My Protection (events: 8)
4/24/2010 8:14:49 PM Protection is not running Kaspersky Internet Secur
ity
4/24/2010 6:14:19 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/24/2010 6:14:19 PM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
4/24/2010 12:03:32 PM Protection is not running Kaspersky Internet Secur
ity
4/24/2010 10:06:55 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/24/2010 10:06:55 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
4/24/2010 7:47:31 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/24/2010 7:47:31 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
File Anti-Virus (events: 2)
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
File Anti-Virus
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 2)
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
Mail Anti-Virus
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 2)
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
Web Anti-Virus
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 2)
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
Network Attack Blocker
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 2)
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
Anti-Spam
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 11)
4/24/2010 8:00:27 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/24/2010 7:55:56 PM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/24/2010 7:50:54 PM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/24/2010 5:55:08 PM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
Application Control
4/24/2010 11:55:29 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/24/2010 11:45:33 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/24/2010 11:37:02 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/24/2010 11:02:26 AM Allowed: Using program interfaces of other process
Adobe Photoshop Using program interfaces of other process c:\program files
\adobe\photoshop 7.0\photoshop.exe Using program interfaces of other proces
s
4/24/2010 9:37:27 AM Allowed: Using system program interfaces (DNS) Pro Evol
ution Soccer 2010 Use DNS caching system for conversion locate.godserver
.net Using system program interfaces (DNS)
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 1)
4/24/2010 10:27:14 AM Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP9\Trace\Default
Proactive Defense (events: 14)
4/24/2010 8:00:39 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 8:00:39 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 7:55:55 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 7:55:55 PM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
Proactive Defense
4/24/2010 11:55:26 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 11:55:26 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 11:45:30 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 11:45:30 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 11:37:00 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 11:36:59 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 9:37:24 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 9:37:24 AM Detected: PDM.Keylogger Pro Evolution Soccer 2010
Keylogger activity kernel mode memory patch
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
Proactive Defense
Firewall (events: 2)
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
Firewall
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 2)
4/24/2010 5:54:34 PM Task started Kaspersky Internet Security
IM Anti-Virus
4/24/2010 7:28:58 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 4)
4/24/2010 6:28:09 PM Task completed Kaspersky Internet Security
Rootkit Scan
4/24/2010 6:24:46 PM Task started Kaspersky Internet Security
Rootkit Scan
4/24/2010 8:01:52 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/24/2010 7:59:10 AM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 6)
4/24/2010 6:14:22 PM Task completed Kaspersky Internet Security
My Update Center
4/24/2010 6:10:00 PM Task started Kaspersky Internet Security
My Update Center
4/24/2010 10:06:56 AM Task completed Kaspersky Internet Security
My Update Center
4/24/2010 10:04:24 AM Task started Kaspersky Internet Security
My Update Center
4/24/2010 7:47:34 AM Task completed Kaspersky Internet Security
My Update Center
4/24/2010 7:44:25 AM Task started Kaspersky Internet Security
My Update Center
Date: Today (events: 46)
My Protection (events: 6)
4/25/2010 11:07:36 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/25/2010 11:07:36 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
4/25/2010 5:27:02 AM Protection is not running Kaspersky Internet Secur
ity
4/25/2010 1:04:58 AM Protection is not running Kaspersky Internet Secur
ity
4/25/2010 12:28:41 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\WINDOWS\Vbyxya.exe
4/25/2010 12:28:41 AM Detected: HEUR:Trojan.Win32.Generic Kaspersky Intern
et Security C:\Documents and Settings\ikhfar\Local Settings\Temp\Vj1
.exe
File Anti-Virus (events: 3)
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
File Anti-Virus
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
File Anti-Virus
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
File Anti-Virus
Mail Anti-Virus (events: 3)
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
Mail Anti-Virus
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
Mail Anti-Virus
Web Anti-Virus (events: 5)
4/25/2010 11:21:02 AM Denied: HEUR:Trojan.Script.Iframer Firefox
http://www.blogadvertisingstore.com/js/blogjs.php?blog_id=5786//blogjs
4/25/2010 11:21:02 AM Detected: HEUR:Trojan.Script.Iframer Firefox
http://www.blogadvertisingstore.com/js/blogjs.php?blog_id=5786//blogjs
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
Web Anti-Virus
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
Web Anti-Virus
Network Attack Blocker (events: 3)
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
Network Attack Blocker
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
Network Attack Blocker
Anti-Spam (events: 3)
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
Anti-Spam
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
Anti-Spam
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
Anti-Spam
Application Control (events: 6)
4/25/2010 10:48:37 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
Application Control
4/25/2010 5:18:46 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
Application Control
4/25/2010 12:10:04 AM Allowed: Start driver Absent Start driver C:\WINDO
WS\SYSTEM32\DRIVERS\HTTP.SYS Start driver
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
Application Control
Self-Defense (events: 1)
4/25/2010 11:21:06 AM Denied Windows Explorer Open C:\Program Files
\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
Proactive Defense (events: 3)
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
Proactive Defense
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
Proactive Defense
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
Proactive Defense
Firewall (events: 3)
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
Firewall
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
Firewall
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
Firewall
IM Anti-Virus (events: 3)
4/25/2010 10:48:07 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/25/2010 5:18:18 AM Task started Kaspersky Internet Security
IM Anti-Virus
4/25/2010 12:09:30 AM Task started Kaspersky Internet Security
IM Anti-Virus
Objects Scan (events: 3)
4/25/2010 11:18:19 AM Task started Kaspersky Internet Security
Rootkit Scan
4/25/2010 12:43:09 AM Task completed Kaspersky Internet Security
Rootkit Scan
4/25/2010 12:39:39 AM Task started Kaspersky Internet Security
Rootkit Scan
My Update Center (events: 4)
4/25/2010 11:07:38 AM Task completed Kaspersky Internet Security
My Update Center Not all components were updated
4/25/2010 11:03:33 AM Task started Kaspersky Internet Security
My Update Center
4/25/2010 12:28:43 AM Task completed Kaspersky Internet Security
My Update Center
4/25/2010 12:24:53 AM Task started Kaspersky Internet Security
My Update Center