Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with unknown virus


  • This topic is locked This topic is locked
2 replies to this topic

#1 Techscan

Techscan

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 27 September 2009 - 02:13 PM

My original post was "undetected malicious virus" posted in the "Am I infected?" forum. Since my last post I was hit again by this virus.
The virus removed the programs from my start menu, wouldn't allow me to open any applications or my email or browser, all of the shortcut icons on my desktop became inactive, and when I clicked on a text file I was given the error message "wrong picture." I had to reboot the computer in order to get it working again, however, if left alone it would eventually crash and reboot.


DDS File:


DDS (Ver_09-09-24.01) - NTFSx86
Run by Buzz at 13:54:45.33 on Sun 09/27/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.3325.2204 [GMT -4:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Miramar\PC MACLAN\ATMsg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\NeoSmart Technologies\iReboot\iRebootd.exe
C:\Program Files\Miramar\PC MACLAN\ATSPOOL.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NeoSmart Technologies\iReboot\iReboot.exe
C:\Program Files\PrintKey2000\Printkey2000.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
c:\Hold\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.news.google.com/
mStart Page =
uInternet Settings,ProxyOverride = *.local
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
uRun: [Speech Recognition] "c:\windows\speech\common\sapisvr.exe" -SpeechUX -Startup
mRun: [ToolBoxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LifeChat] "c:\program files\microsoft lifechat\LifeChat.exe"
mRun: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe"
StartupFolder: c:\users\buzz\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ireboo~1.lnk - c:\program files\neosmart technologies\ireboot\iReboot.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\printk~1.lnk - c:\program files\printkey2000\Printkey2000.exe
uPolicies-explorer: TaskbarNoThumbnail = 0 (0x0)
uPolicies-explorer: HideSCABattery = 1 (0x1)
uPolicies-explorer: HideSCANetwork = 0 (0x0)
uPolicies-explorer: HideSCAVolume = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://activation.rr.com/install/downloads/tgctlcm.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241963691635
DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\buzz\appdata\roaming\mozilla\firefox\profiles\ygxze732.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1698.5652\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
user_pref('capability.policy.policynames', 'localfilelinks');user_pref('capability.policy.localfilelinks.sites', 'hxxp://www.webmynd.com http://www.google.com');user_pref('...ri.enabled', 'allAccess');
============= SERVICES / DRIVERS ===============


============== File Associations ===============

vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=%SystemRoot%\System32\CScript.exe "%1" %*

=============== Created Last 30 ================

2009-09-27 08:32 <DIR> --d----- c:\program files\ListMaker
2009-09-27 08:32 249,856 -------- c:\windows\Setup1.exe
2009-09-27 08:32 73,216 a------- c:\windows\ST6UNST.EXE
2009-09-26 10:45 <DIR> --d----- c:\programdata\SUPERAntiSpyware.com
2009-09-26 10:45 <DIR> --d----- c:\progra~2\SUPERAntiSpyware.com
2009-09-26 10:45 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-09-26 10:45 <DIR> --d----- c:\users\buzz\appdata\roaming\SUPERAntiSpyware.com
2009-09-25 12:48 <DIR> --d----- c:\users\buzz\DoctorWeb
2009-09-23 10:02 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-09-23 09:05 318,976 a------- c:\windows\system32\cmd.execf
2009-09-20 17:38 604,140 a--sh--- c:\windows\system32\drivers\ISwift3.dat
2009-09-20 17:33 107,547 a------- c:\windows\system32\drivers\klin.dat
2009-09-20 17:33 95,259 a------- c:\windows\system32\drivers\klick.dat
2009-09-20 17:28 <DIR> --d----- c:\programdata\Kaspersky Lab
2009-09-20 17:28 <DIR> --d----- c:\progra~2\Kaspersky Lab
2009-09-20 14:41 229,888 a------- c:\windows\PEV.exe
2009-09-20 12:52 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-09-20 10:59 <DIR> --d----- c:\program files\common files\ParetoLogic
2009-09-19 13:14 <DIR> --d----- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-09-19 13:14 <DIR> --d----- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-09-19 13:14 <DIR> --d----- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-09-19 13:14 <DIR> --d----- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-09-19 13:12 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-09-19 13:12 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-09-18 17:06 128,104 a------- c:\windows\system32\drivers\WimFltr.sys
2009-09-18 16:47 62,464 a------- c:\windows\system32\drivers\famfd.sys
2009-09-18 16:47 <DIR> --d----- c:\programdata\FAM
2009-09-18 16:47 <DIR> --d----- c:\progra~2\FAM
2009-09-18 16:46 <DIR> --d----- c:\programdata\Genie-Soft
2009-09-18 16:46 <DIR> --d----- c:\progra~2\Genie-Soft
2009-09-18 16:33 <DIR> --d----- c:\users\buzz\appdata\roaming\Genie-Soft
2009-09-18 16:33 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-09-18 16:33 <DIR> --d----- c:\program files\Genie-Soft
2009-09-18 11:21 1,857,116,525 a------- c:\windows\MEMORY.DMP
2009-09-17 07:48 <DIR> --d----- c:\programdata\SkyGolf
2009-09-17 07:48 <DIR> --d----- c:\progra~2\SkyGolf
2009-09-17 07:40 <DIR> --d----- c:\users\buzz\{5e3f4791-d8af-48b7-939d-3b168817a2da}
2009-09-17 07:39 <DIR> --d----- c:\users\buzz\{0f862dc5-1d50-489f-85ec-3c156960e8f2}
2009-09-17 07:38 <DIR> --d----- c:\program files\SG2
2009-09-17 07:38 <DIR> --d----- c:\users\buzz\{ece879b0-0541-4713-8270-c49194a760eb}
2009-09-17 07:36 <DIR> --d----- c:\program files\SkyGolf
2009-09-14 18:59 354 a------- c:\windows\_delis43.ini
2009-09-14 18:48 61,712 a------- c:\windows\system32\clicbe1f.rra
2009-09-14 18:48 37,136 a------- c:\windows\system32\clicbce7.rra
2009-09-14 18:48 33,040 a------- c:\windows\system32\dbnmbd44.rra
2009-09-14 18:48 24,576 a------- c:\windows\SCRemove.exe
2009-09-14 18:48 80,024 a------- c:\windows\system\LINEDRAW.TTF
2009-09-14 18:44 450,560 a------- c:\windows\system32\HHActiveX.dll
2009-09-14 18:44 183,808 a------- c:\windows\system32\Csh.dll
2009-09-14 18:44 128,000 a------- c:\windows\system32\Npwsc32.dll
2009-09-14 18:44 85,504 a------- c:\windows\system32\HtmlWH.dll
2009-09-14 18:44 69,632 a------- c:\windows\system32\ActxWH.dll
2009-09-14 18:44 43,520 a------- c:\windows\system32\CsHtml.dll
2009-09-14 18:44 29,184 a------- c:\windows\system32\Popup.ocx
2009-09-14 18:44 9,552 a------- c:\windows\system32\INETWH16.DLL
2009-09-13 17:42 <DIR> --d----- c:\programdata\Google
2009-09-13 17:24 <DIR> --d----- c:\programdata\Google Updater
2009-09-13 15:18 230 a------- c:\windows\MSREGUSR.INI
2009-09-13 15:12 <DIR> --d----- c:\windows\system32\Parsons
2009-09-13 15:06 <DIR> --d----- c:\program files\Parsons Technology
2009-09-10 18:52 <DIR> --d----- c:\users\buzz\appdata\roaming\Samsung
2009-09-10 15:12 5,632 a------- c:\windows\system32\drivers\StarOpen.sys
2009-09-10 15:04 239 a------- c:\windows\wininit.ini
2009-09-10 14:36 22,486 a----r-- c:\windows\system32\UnInstall_Sample.ico
2009-09-10 14:25 57,344 a------- c:\windows\system32\BBDesktop.dll
2009-09-10 14:13 766 a------- c:\windows\system32\Uninstall.ico
2009-09-06 22:21 <DIR> --d----- c:\users\buzz\appdata\roaming\editNC
2009-09-01 18:54 <DIR> --d----- c:\program files\SafeNet Sentinel
2009-09-01 18:52 61,712 a------- c:\windows\system32\clic38f4.rra
2009-09-01 18:52 37,136 a------- c:\windows\system32\clic35f8.rra
2009-09-01 18:52 33,040 a------- c:\windows\system32\dbnm3720.rra
2009-09-01 18:51 3,200,960 a------- c:\program files\common files\vcredist_x64.exe
2009-09-01 18:51 2,723,264 a------- c:\program files\common files\vcredist_x86.exe
2009-09-01 18:43 <DIR> --d----- c:\program files\Document Manager

==================== Find3M ====================

2009-09-27 13:46 31,776 a------- c:\programdata\nvModes.dat
2009-09-27 13:46 31,776 a------- c:\progra~2\nvModes.dat
2009-09-20 20:47 143,360 a------- c:\windows\inf\infstrng.dat
2009-09-20 20:47 86,016 a------- c:\windows\inf\infstor.dat
2009-09-20 20:47 51,200 a------- c:\windows\inf\infpub.dat
2009-09-14 21:45 138,464 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-14 21:45 111,928 a------- c:\windows\system32\PnkBstrB.exe
2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-08-14 08:44 51,304 a------- c:\windows\system32\drivers\atnt40k.sys
2009-08-14 08:44 202,832 a------- c:\windows\system32\atasnt40.dll
2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2009-07-03 15:48 219,664 a------- c:\windows\system32\klogon.dll
2009-06-27 14:36 22,328 a------- c:\users\buzz\appdata\roaming\PnkBstrK.sys
2009-05-26 16:11 60,744 a------- c:\users\buzz\g2mdlhlpx.exe
2009-05-04 17:42 665,600 a------- c:\windows\inf\drvindex.dat
2009-05-03 22:34 174 a--sh--- c:\program files\desktop.ini
2006-11-02 08:40 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:40 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:40 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:40 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-09-27 13:56 262,144 a--sh--- c:\windows\serviceprofiles\networkservice\NTUSER.DAT
2009-05-04 18:07 608 a--sh--- c:\windows\system32\winzvprt5.sys

============= FINISH: 13:58:28.69 ===============



Kaspersky scan:


Date: Last week (events: 73)
My Protection (events: 13)
9/20/2009 10:53:25 PM Cannot be deleted: not-a-virus:FraudTool.Win32.AdwareAlert.r Kaspersky Anti-Virus C:\$RECYCLE.BIN\S-1-5-21-263553491-1439983960-3543861736-1000\$RH80N5G.exe
9/20/2009 10:33:00 PM Detected: not-a-virus:FraudTool.Win32.AdwareAlert.r Kaspersky Anti-Virus C:\$RECYCLE.BIN\S-1-5-21-263553491-1439983960-3543861736-1000\$RH80N5G.exe/AdwareAlert/AdwareAlert.exe
9/20/2009 10:32:15 PM Threats have been detected Kaspersky Anti-Virus
9/20/2009 10:22:44 PM Detected: not-a-virus:FraudTool.Win32.AdwareAlert.r Kaspersky Anti-Virus C:\$RECYCLE.BIN\S-1-5-21-263553491-1439983960-3543861736-1000\$RH80N5G.exe/AdwareAlert/AdwareAlert.exe
9/20/2009 10:13:34 PM Threats have been detected Kaspersky Anti-Virus
9/20/2009 10:10:28 PM Protection is not running Kaspersky Anti-Virus
9/20/2009 9:19:45 PM Threats have been detected Kaspersky Anti-Virus
9/20/2009 8:43:36 PM Protection is not running Kaspersky Anti-Virus
9/20/2009 8:42:11 PM Threats have been detected Kaspersky Anti-Virus
9/20/2009 8:04:30 PM Detected: not-a-virus:FraudTool.Win32.AdwareAlert.r Kaspersky Anti-Virus C:\Documents and Settings\Buzz\Desktop\Techscan Documents\Appz\setupxv.exe/AdwareAlert/AdwareAlert.exe
9/20/2009 7:48:15 PM Threats have been detected Kaspersky Anti-Virus
9/20/2009 5:47:21 PM Protection is not running Kaspersky Anti-Virus
9/20/2009 5:38:02 PM Databases are obsolete Kaspersky Anti-Virus
File Anti-Virus (events: 8)
9/20/2009 10:32:15 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/20/2009 10:11:41 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/20/2009 9:32:33 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/20/2009 9:23:50 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/20/2009 9:19:45 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/20/2009 8:42:11 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/20/2009 5:48:57 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/20/2009 5:38:02 PM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 8)
9/20/2009 10:32:15 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/20/2009 10:11:41 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/20/2009 9:32:33 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/20/2009 9:23:50 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/20/2009 9:19:45 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/20/2009 8:42:11 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/20/2009 5:48:57 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/20/2009 5:38:02 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 8)
9/20/2009 10:32:15 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/20/2009 10:11:41 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/20/2009 9:32:34 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/20/2009 9:23:50 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/20/2009 9:19:45 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/20/2009 8:42:11 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/20/2009 5:48:57 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/20/2009 5:38:02 PM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 8)
9/20/2009 10:32:15 PM Task started Kaspersky Anti-Virus Proactive Defense
9/20/2009 10:11:41 PM Task started Kaspersky Anti-Virus Proactive Defense
9/20/2009 9:32:34 PM Task started Kaspersky Anti-Virus Proactive Defense
9/20/2009 9:23:50 PM Task started Kaspersky Anti-Virus Proactive Defense
9/20/2009 9:19:45 PM Task started Kaspersky Anti-Virus Proactive Defense
9/20/2009 8:42:11 PM Task started Kaspersky Anti-Virus Proactive Defense
9/20/2009 5:48:57 PM Task started Kaspersky Anti-Virus Proactive Defense
9/20/2009 5:38:02 PM Task started Kaspersky Anti-Virus Proactive Defense
License (events: 2)
9/20/2009 9:28:02 PM A license agreement has been violated Kaspersky Anti-Virus
9/20/2009 9:21:58 PM A license agreement has been violated Kaspersky Anti-Virus
IM Anti-Virus (events: 8)
9/20/2009 10:32:15 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/20/2009 10:11:41 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/20/2009 9:32:33 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/20/2009 9:23:50 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/20/2009 9:19:45 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/20/2009 8:42:11 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/20/2009 5:48:57 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/20/2009 5:38:02 PM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 13)
9/20/2009 11:02:29 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/20/2009 10:36:44 PM Task started Kaspersky Anti-Virus Objects Scan
9/20/2009 10:13:16 PM Task started Kaspersky Anti-Virus Objects Scan
9/20/2009 10:10:27 PM Task stopped Kaspersky Anti-Virus Full Scan
9/20/2009 10:10:11 PM Task stopped Kaspersky Anti-Virus Rootkit Scan
9/20/2009 10:02:47 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/20/2009 9:42:45 PM Task started Kaspersky Anti-Virus Full Scan
9/20/2009 9:42:37 PM Task stopped Kaspersky Anti-Virus Full Scan
9/20/2009 9:33:55 PM Task started Kaspersky Anti-Virus Full Scan
9/20/2009 9:20:40 PM Task started Kaspersky Anti-Virus Full Scan
9/20/2009 7:11:25 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/20/2009 6:19:10 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/20/2009 6:11:08 PM Task started Kaspersky Anti-Virus Full Scan
My Update Center (events: 5)
9/20/2009 9:57:34 PM Task completed Kaspersky Anti-Virus My Update Center
9/20/2009 9:48:03 PM Task started Kaspersky Anti-Virus My Update Center
9/20/2009 8:04:24 PM Task started Kaspersky Anti-Virus My Update Center
9/20/2009 5:46:52 PM Task completed Kaspersky Anti-Virus My Update Center
9/20/2009 5:38:10 PM Task started Kaspersky Anti-Virus My Update Center
Date: Monday (events: 67)
My Protection (events: 11)
9/21/2009 11:56:23 PM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/21/2009 9:36:12 PM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/21/2009 7:31:14 PM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/21/2009 5:10:53 PM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/21/2009 2:51:12 PM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/21/2009 2:17:15 PM Threats have been detected Kaspersky Anti-Virus
9/21/2009 8:31:50 AM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/21/2009 8:30:48 AM Threats have been detected Kaspersky Anti-Virus
9/21/2009 7:33:45 AM Detected: Rootkit.Win32.Agent.osp Kaspersky Anti-Virus C:\Qoobox\Quarantine\C\Windows\System32\drivers\SKYNETditpibuf.sys.vir
9/21/2009 7:21:14 AM Detected: Packed.Win32.TDSS.z Kaspersky Anti-Virus C:\Qoobox\Quarantine\C\Windows\System32\SKYNETbmvcbbvk.dll.vir
9/21/2009 7:20:29 AM Threats have been detected Kaspersky Anti-Virus
File Anti-Virus (events: 3)
9/21/2009 8:59:54 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/21/2009 2:34:38 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/21/2009 7:20:29 AM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 3)
9/21/2009 8:59:54 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/21/2009 2:34:38 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/21/2009 7:20:29 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 3)
9/21/2009 8:59:54 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/21/2009 2:34:38 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/21/2009 7:20:29 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 3)
9/21/2009 8:59:54 PM Task started Kaspersky Anti-Virus Proactive Defense
9/21/2009 2:34:38 PM Task started Kaspersky Anti-Virus Proactive Defense
9/21/2009 7:20:29 AM Task started Kaspersky Anti-Virus Proactive Defense
License (events: 1)
9/21/2009 4:52:29 AM Invalid key Kaspersky Anti-Virus
IM Anti-Virus (events: 3)
9/21/2009 8:59:54 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/21/2009 2:34:38 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/21/2009 7:20:29 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 11)
9/21/2009 9:36:11 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/21/2009 9:30:08 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/21/2009 3:23:37 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/21/2009 3:04:51 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/21/2009 2:18:46 PM Task completed Kaspersky Anti-Virus Objects Scan
9/21/2009 10:06:25 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/21/2009 9:01:01 AM Task started Kaspersky Anti-Virus Rootkit Scan
9/21/2009 8:33:06 AM Task started Kaspersky Anti-Virus Objects Scan
9/21/2009 8:23:01 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/21/2009 7:50:43 AM Task started Kaspersky Anti-Virus Rootkit Scan
9/21/2009 12:14:42 AM Task completed Kaspersky Anti-Virus Rootkit Scan
My Update Center (events: 29)
9/21/2009 11:56:23 PM Task completed Kaspersky Anti-Virus My Update Center
9/21/2009 11:55:36 PM Task started Kaspersky Anti-Virus My Update Center
9/21/2009 9:36:12 PM Task completed Kaspersky Anti-Virus My Update Center
9/21/2009 9:35:21 PM Task started Kaspersky Anti-Virus My Update Center
9/21/2009 7:31:15 PM Task completed Kaspersky Anti-Virus My Update Center
9/21/2009 7:30:05 PM Task started Kaspersky Anti-Virus My Update Center
9/21/2009 5:10:53 PM Task completed Kaspersky Anti-Virus My Update Center
9/21/2009 5:10:05 PM Task started Kaspersky Anti-Virus My Update Center
9/21/2009 2:51:12 PM Task completed Kaspersky Anti-Virus My Update Center
9/21/2009 2:50:06 PM Task started Kaspersky Anti-Virus My Update Center
9/21/2009 2:26:24 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 2:06:24 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 1:46:23 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 1:26:23 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 1:06:22 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 12:46:21 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 12:26:21 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 12:06:20 PM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 11:46:19 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 11:26:20 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 11:06:19 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 10:46:18 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 10:26:23 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 10:06:18 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 9:46:17 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 9:26:16 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 9:06:16 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 8:46:16 AM Task cannot be started Kaspersky Anti-Virus My Update Center Task cannot be started in the safe mode
9/21/2009 7:35:42 AM Task started Kaspersky Anti-Virus My Update Center
Date: Tuesday (events: 41)
My Protection (events: 4)
9/22/2009 8:10:29 PM Protection is not running Kaspersky Anti-Virus
9/22/2009 6:54:06 AM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/22/2009 4:34:18 AM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
9/22/2009 2:17:17 AM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
File Anti-Virus (events: 4)
9/22/2009 8:47:22 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/22/2009 4:58:29 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/22/2009 10:20:28 AM Task started Kaspersky Anti-Virus File Anti-Virus
9/22/2009 3:37:51 AM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 4)
9/22/2009 8:47:22 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/22/2009 4:58:29 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/22/2009 10:20:28 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/22/2009 3:37:51 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 4)
9/22/2009 8:47:23 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/22/2009 4:58:29 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/22/2009 10:20:28 AM Task started Kaspersky Anti-Virus Web Anti-Virus
9/22/2009 3:37:51 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 4)
9/22/2009 8:47:22 PM Task started Kaspersky Anti-Virus Proactive Defense
9/22/2009 4:58:29 PM Task started Kaspersky Anti-Virus Proactive Defense
9/22/2009 10:20:28 AM Task started Kaspersky Anti-Virus Proactive Defense
9/22/2009 3:37:51 AM Task started Kaspersky Anti-Virus Proactive Defense
License (events: 1)
9/22/2009 4:55:41 PM Invalid key Kaspersky Anti-Virus
IM Anti-Virus (events: 4)
9/22/2009 8:47:22 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/22/2009 4:58:29 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/22/2009 10:20:28 AM Task started Kaspersky Anti-Virus IM Anti-Virus
9/22/2009 3:37:51 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 8)
9/22/2009 9:52:48 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/22/2009 9:17:36 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/22/2009 5:47:20 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/22/2009 5:28:43 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/22/2009 11:09:30 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/22/2009 10:50:41 AM Task started Kaspersky Anti-Virus Rootkit Scan
9/22/2009 4:26:41 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/22/2009 4:08:04 AM Task started Kaspersky Anti-Virus Rootkit Scan
My Update Center (events: 8)
9/22/2009 9:14:12 AM Task completed Kaspersky Anti-Virus My Update Center
9/22/2009 9:13:33 AM Task started Kaspersky Anti-Virus My Update Center
9/22/2009 6:54:06 AM Task completed Kaspersky Anti-Virus My Update Center
9/22/2009 6:53:18 AM Task started Kaspersky Anti-Virus My Update Center
9/22/2009 4:34:17 AM Task completed Kaspersky Anti-Virus My Update Center
9/22/2009 4:33:18 AM Task started Kaspersky Anti-Virus My Update Center
9/22/2009 2:17:15 AM Task completed Kaspersky Anti-Virus My Update Center
9/22/2009 2:15:36 AM Task started Kaspersky Anti-Virus My Update Center
Date: Wednesday (events: 24)
My Protection (events: 2)
9/23/2009 10:45:26 PM Protection is not running Kaspersky Anti-Virus
9/23/2009 9:05:45 AM Protection is not running Kaspersky Anti-Virus
File Anti-Virus (events: 3)
9/23/2009 9:38:39 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/23/2009 10:31:20 AM Task started Kaspersky Anti-Virus File Anti-Virus
9/23/2009 7:32:27 AM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 3)
9/23/2009 9:38:39 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/23/2009 10:31:20 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/23/2009 7:32:28 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 3)
9/23/2009 9:38:39 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/23/2009 10:31:20 AM Task started Kaspersky Anti-Virus Web Anti-Virus
9/23/2009 7:32:28 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 3)
9/23/2009 9:38:39 PM Task started Kaspersky Anti-Virus Proactive Defense
9/23/2009 10:31:20 AM Task started Kaspersky Anti-Virus Proactive Defense
9/23/2009 7:32:28 AM Task started Kaspersky Anti-Virus Proactive Defense
License (events: 1)
9/23/2009 5:01:34 PM Invalid key Kaspersky Anti-Virus
IM Anti-Virus (events: 3)
9/23/2009 9:38:39 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/23/2009 10:31:20 AM Task started Kaspersky Anti-Virus IM Anti-Virus
9/23/2009 7:32:28 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 6)
9/23/2009 10:23:21 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/23/2009 10:08:51 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/23/2009 11:19:14 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/23/2009 11:01:34 AM Task started Kaspersky Anti-Virus Rootkit Scan
9/23/2009 8:28:41 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/23/2009 8:02:41 AM Task started Kaspersky Anti-Virus Rootkit Scan
Date: Thursday (events: 28)
My Protection (events: 2)
9/24/2009 9:53:07 PM Protection is not running Kaspersky Anti-Virus
9/24/2009 12:36:24 PM Detected: Type_Win32 Kaspersky Anti-Virus C:\Holder\Public\Downloads\eMule\Incoming\Alcohol.120% 1.9.8.7117 Incl. Crack Testato by Controller Programmi ITA.rar/Alcohol_120%_Crack\automatico\patch_ssc.exe/PE_Patch.UPX/UPX
File Anti-Virus (events: 3)
9/24/2009 8:38:12 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/24/2009 2:11:10 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/24/2009 7:15:36 AM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 3)
9/24/2009 8:38:12 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/24/2009 2:11:10 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/24/2009 7:15:36 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 3)
9/24/2009 8:38:12 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/24/2009 2:11:10 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/24/2009 7:15:36 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 3)
9/24/2009 8:38:12 PM Task started Kaspersky Anti-Virus Proactive Defense
9/24/2009 2:11:10 PM Task started Kaspersky Anti-Virus Proactive Defense
9/24/2009 7:15:36 AM Task started Kaspersky Anti-Virus Proactive Defense
License (events: 3)
9/24/2009 8:36:23 PM Invalid key Kaspersky Anti-Virus
9/24/2009 2:00:49 PM Invalid key Kaspersky Anti-Virus
9/24/2009 1:45:49 PM Invalid key Kaspersky Anti-Virus
IM Anti-Virus (events: 3)
9/24/2009 8:38:12 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/24/2009 2:11:10 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/24/2009 7:15:36 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 6)
9/24/2009 9:29:35 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/24/2009 9:08:26 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/24/2009 3:00:09 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/24/2009 2:41:23 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/24/2009 8:03:33 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/24/2009 7:45:49 AM Task started Kaspersky Anti-Virus Rootkit Scan
My Update Center (events: 2)
9/24/2009 12:35:42 PM Task completed Kaspersky Anti-Virus My Update Center
9/24/2009 12:32:40 PM Task started Kaspersky Anti-Virus My Update Center
Date: Friday (events: 15)
My Protection (events: 2)
9/25/2009 7:24:56 PM Protection is not running Kaspersky Anti-Virus
9/25/2009 12:45:29 PM Protection is not running Kaspersky Anti-Virus
File Anti-Virus (events: 2)
9/25/2009 7:19:11 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/25/2009 7:34:11 AM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 2)
9/25/2009 7:19:11 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/25/2009 7:34:12 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 2)
9/25/2009 7:19:11 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/25/2009 7:34:12 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 3)
9/25/2009 7:19:11 PM Task started Kaspersky Anti-Virus Proactive Defense
9/25/2009 8:30:34 AM Detected: PDM.Suspicious driver installation RootRepeal C:\USERS\BUZZ\DESKTOP\NEW FOLDER (3)\ROOTREPEAL.EXE
9/25/2009 7:34:12 AM Task started Kaspersky Anti-Virus Proactive Defense
IM Anti-Virus (events: 2)
9/25/2009 7:19:11 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/25/2009 7:34:12 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 2)
9/25/2009 8:22:01 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/25/2009 8:04:25 AM Task started Kaspersky Anti-Virus Rootkit Scan
Date: Yesterday (events: 27)
My Protection (events: 1)
9/26/2009 10:44:11 AM Protection is not running Kaspersky Anti-Virus
File Anti-Virus (events: 3)
9/26/2009 10:39:48 AM Task started Kaspersky Anti-Virus File Anti-Virus
9/26/2009 3:37:46 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/26/2009 9:31:23 PM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 3)
9/26/2009 9:31:23 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/26/2009 3:37:46 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/26/2009 10:39:48 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 3)
9/26/2009 9:31:23 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/26/2009 3:37:46 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/26/2009 10:39:48 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 5)
9/26/2009 10:39:48 AM Task started Kaspersky Anti-Virus Proactive Defense
9/26/2009 3:37:46 PM Task started Kaspersky Anti-Virus Proactive Defense
9/26/2009 7:10:25 PM Detected: PDM.IrpTableChanged Absent
9/26/2009 9:31:23 PM Task started Kaspersky Anti-Virus Proactive Defense
9/26/2009 9:52:03 PM Detected: PDM.IrpTableChanged Absent
License (events: 1)
9/26/2009 9:28:00 PM A license agreement has been violated Kaspersky Anti-Virus
IM Anti-Virus (events: 3)
9/26/2009 9:31:23 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/26/2009 3:37:46 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/26/2009 10:39:48 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 6)
9/26/2009 10:29:56 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/26/2009 10:01:37 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/26/2009 5:52:40 PM Task completed Kaspersky Anti-Virus Virus Scan
9/26/2009 5:52:40 PM Task started Kaspersky Anti-Virus Virus Scan
9/26/2009 4:24:26 PM Task completed Kaspersky Anti-Virus Rootkit Scan
9/26/2009 4:07:59 PM Task started Kaspersky Anti-Virus Rootkit Scan
My Update Center (events: 2)
9/26/2009 6:21:12 PM Task completed Kaspersky Anti-Virus My Update Center
9/26/2009 6:19:21 PM Task started Kaspersky Anti-Virus My Update Center
Date: Today (events: 18)
File Anti-Virus (events: 2)
9/27/2009 1:46:28 PM Task started Kaspersky Anti-Virus File Anti-Virus
9/27/2009 7:08:08 AM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 2)
9/27/2009 1:46:28 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
9/27/2009 7:08:08 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 2)
9/27/2009 1:46:28 PM Task started Kaspersky Anti-Virus Web Anti-Virus
9/27/2009 7:08:08 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 3)
9/27/2009 7:08:08 AM Task started Kaspersky Anti-Virus Proactive Defense
9/27/2009 1:46:28 PM Task started Kaspersky Anti-Virus Proactive Defense
9/27/2009 2:03:12 PM Detected: PDM.Suspicious driver installation RootRepeal C:\USERS\BUZZ\DESKTOP\NEW FOLDER (3)\ROOTREPEAL.EXE
License (events: 1)
9/27/2009 3:51:37 AM Invalid key Kaspersky Anti-Virus
IM Anti-Virus (events: 2)
9/27/2009 1:46:28 PM Task started Kaspersky Anti-Virus IM Anti-Virus
9/27/2009 7:08:08 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 4)
9/27/2009 7:38:22 AM Task started Kaspersky Anti-Virus Rootkit Scan
9/27/2009 7:55:44 AM Task completed Kaspersky Anti-Virus Rootkit Scan
9/27/2009 2:16:41 PM Task started Kaspersky Anti-Virus Rootkit Scan
9/27/2009 2:39:21 PM Task completed Kaspersky Anti-Virus Rootkit Scan
My Update Center (events: 2)
9/27/2009 12:01:56 AM Task completed Kaspersky Anti-Virus My Update Center
9/27/2009 12:00:21 AM Task started Kaspersky Anti-Virus My Update Center

BC AdBot (Login to Remove)

 


#2 Techscan

Techscan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 02 October 2009 - 06:29 PM

Not mad. Just done. Waited a week and can't get help. If you're going to take this long or only handle the easy ones, you should say so right up front.
I need this computer for my business and as soon as I can copy over the files I need between reboots and vandalism, I'm going to reformat.

#3 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:32 AM

Posted 05 October 2009 - 07:43 AM

Thanks for letting us know :(

Since this issue appears resolved ... this Topic is closed. Glad we could help.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users