Posted by: bugmenot
« on: 19. October 2010., 09:27:18 »thaks guys
Posted by: bimen
« on: 18. October 2010., 10:25:38 »thanks for ur help
Posted by: Samker
« on: 12. October 2010., 14:31:47 »check your computer for spyware too (spybot S&D) uninstall mcafee and reinstall it
You have Spybot - Search & Destroy here: http://scforum.info/index.php/topic,24.0.html
Posted by: manual2100
« on: 12. October 2010., 11:39:23 »check your computer for spyware too (spybot S&D) uninstall mcafee and reinstall it
Posted by: Samker
« on: 18. January 2010., 17:56:35 »AntiVirus and Firewall are controlled by group access policy that I don't have access...
You have PC which is part of Corporate Network?
In that case We'll have problem to investigate this, probably you'll need to talk with some guy from your IT department.
Is't possible to you make and post some screenshoot of mentioned message ("Your computer is at risk, Anti-Virus Protection needs Attention and Firewall is Off") ??
Also please post new HJT log.
Regards,
S.
Posted by: mikewu
« on: 18. January 2010., 03:02:02 »AntiVirus and Firewall are controlled by group access policy that I don't have access...
Posted by: Samker
« on: 17. January 2010., 10:40:18 »It's Enterprise 8.5.0i. Full Paid license of cause.
DAT created on: Jan 16, 2010
Installed Patches: 8
Ok Mike, now please open Control Panel, after that open Security Center and check what Windows say about AntiVirus and Firewall??
I need information about both.
Also try to manually start Windows Firewall from there.
I'll wait for news from you...
S.
Posted by: mikewu
« on: 17. January 2010., 04:26:11 »It's Enterprise 8.5.0i. Full Paid license of cause.
DAT created on: Jan 16, 2010
Installed Patches: 8
DAT created on: Jan 16, 2010
Installed Patches: 8
Posted by: Samker
« on: 09. January 2010., 17:34:30 »On-Access Scnner is enabled.
The problem is the McAfee Sceurity Scan still shows "Your computer is at risk, Anti-Virus Protection needs Attention and Firewall is Off"
"Fix Now" opens the browser to McAfee purchasing site. Installed McAfee Virtual Technician, no error was found.
Ok Mike, now I need information which McAfee version You use 8.5 or 8.7 and do you have installed latest Patches for them?? Check there also date of latest Update "DAT created on"?
You can find this information if you make right click on McAfee tray icon and choose About VirusScan...
Also I need information did you maybe use Trial version of McAfee Enterprise or it's "Full" paid license?
Regards,
S.
Posted by: mikewu
« on: 09. January 2010., 15:09:01 »On-Access Scnner is enabled.
The problem is the McAfee Sceurity Scan still shows "Your computer is at risk, Anti-Virus Protection needs Attention and Firewall is Off"
"Fix Now" opens the browser to McAfee purchasing site. Installed McAfee Virtual Technician, no error was found.
The problem is the McAfee Sceurity Scan still shows "Your computer is at risk, Anti-Virus Protection needs Attention and Firewall is Off"
"Fix Now" opens the browser to McAfee purchasing site. Installed McAfee Virtual Technician, no error was found.
Posted by: Samker
« on: 09. January 2010., 08:39:04 »Ok Mike, this look much better. 
McAfee still doesn't work, right?
If not, please follow next instructions:
1. Right click on McAfee tray icon (near clock), chose VirusScan Console, right click on On-Access Scanner and click on Enable.
If this doesn't work give us details what's happened and did you receive some message??
2. If you fail with No1., try to completely remove/reinstall McAfee AV through Ad-Remove Programs, restart your PC and install McAfee again.
3. If you fail with No2. also, run McAfee Virtual Technician and give us infos about problem from them: http://mvt.mcafee.com/mvt/en-us/default.html?en-us
cya,
S.
McAfee still doesn't work, right?
If not, please follow next instructions:
1. Right click on McAfee tray icon (near clock), chose VirusScan Console, right click on On-Access Scanner and click on Enable.
If this doesn't work give us details what's happened and did you receive some message??
2. If you fail with No1., try to completely remove/reinstall McAfee AV through Ad-Remove Programs, restart your PC and install McAfee again.
3. If you fail with No2. also, run McAfee Virtual Technician and give us infos about problem from them: http://mvt.mcafee.com/mvt/en-us/default.html?en-us
cya,
S.
Posted by: mikewu
« on: 09. January 2010., 03:24:16 »BitDefender Online Scanner - Real Time Virus Report
Generated at: Fri, Jan 08, 2010 - 21:18:55
Scan Info
Scanned Files 7487293
Infected Files 0
Virus Detected No virus found.
================================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:51 PM, on 1/8/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ACS\DPA\ACSDPA.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Hyperion\BIPlus\bin\SQR\Remote\bin\atrls.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\NALNTSRV.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wm.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\NOVELL\ZENRC\WUOLService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\NOVELL\ZENRC\wuser32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\WINDOWS\system32\iprntctl.exe
C:\WINDOWS\system32\iprntlgn.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClientUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Lotus\Sametime Client\Connect.exe
C:\Documents and Settings\40800036\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\IBM\WebSphere MQ\bin\amqmtbrn.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Verizon\McciBrowser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://infobank.acs-inc.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [DPRINT] C:\Program Files\ACS\DPA\DPAUI.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [iPrint Tray] C:\WINDOWS\system32\iprntctl.exe TRAY_ICON
O4 - HKLM\..\Run: [iPrint Event Monitor] C:\WINDOWS\system32\iprntlgn.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Sametime Connect] "C:\Program Files\Lotus\Sametime Client\Connect.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\40800036\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: PGPtray.exe.lnk = ?
O4 - Global Startup: WebSphere MQ Task Bar.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195494235122
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195494225349
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://www-307.ibm.com/pc/support/access/aslibmain/content/IbmEgath.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://acs-inc.webex.com/client/wbs26-vzbprodcn/webex/ieatgpc.cab
O16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) - https://www-307.ibm.com/pc/support/access/aslibmain/content/AcpControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Americas.ONEACS.COM
O17 - HKLM\Software\..\Telephony: DomainName = Americas.ONEACS.COM
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Americas.ONEACS.COM
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ACSDPA - ACS - C:\Program Files\ACS\DPA\ACSDPA.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ataman TCP Remote Logon Services - Unknown owner - C:\Hyperion\BIPlus\bin\SQR\Remote\bin\atrls.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: BEA Products NodeManager (C_bea10_wlserver10) - BEA Systems, Inc. - C:\bea10\WLSERV~1\server\bin\beasvc.exe
O23 - Service: BEA WebLogic Platform 8.1 NodeManager - BEA Systems, Inc. - C:\bea815\WEBLOG~1\server\bin\beasvc.exe
O23 - Service: BES Client (BESClient) - BigFix Inc. - C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: IBM MQSeries (MQSeriesServices) - IBM Corporation - C:\Program Files\IBM\WebSphere MQ\bin\amqsvc.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\WINDOWS\system32\NALNTSRV.EXE
O23 - Service: Remote management (Novell WUser Agent) - Novell, Inc. - C:\NOVELL\ZENRC\wuser32.exe
O23 - Service: Novell Workstation Manager (WM) - Novell, Inc. - C:\WINDOWS\system32\wm.exe
O23 - Service: WUOLservice (WUOLService) - Novell, Inc. - C:\NOVELL\ZENRC\WUOLService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 13393 bytes
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
Generated at: Fri, Jan 08, 2010 - 21:18:55
Scan Info
Scanned Files 7487293
Infected Files 0
Virus Detected No virus found.
================================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:51 PM, on 1/8/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ACS\DPA\ACSDPA.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Hyperion\BIPlus\bin\SQR\Remote\bin\atrls.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\NALNTSRV.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wm.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\NOVELL\ZENRC\WUOLService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\NOVELL\ZENRC\wuser32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\WINDOWS\system32\iprntctl.exe
C:\WINDOWS\system32\iprntlgn.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BigFix Enterprise\BES Client\BESClientUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Lotus\Sametime Client\Connect.exe
C:\Documents and Settings\40800036\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\IBM\WebSphere MQ\bin\amqmtbrn.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Verizon\McciBrowser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://infobank.acs-inc.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [DPRINT] C:\Program Files\ACS\DPA\DPAUI.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [iPrint Tray] C:\WINDOWS\system32\iprntctl.exe TRAY_ICON
O4 - HKLM\..\Run: [iPrint Event Monitor] C:\WINDOWS\system32\iprntlgn.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Sametime Connect] "C:\Program Files\Lotus\Sametime Client\Connect.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\40800036\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: PGPtray.exe.lnk = ?
O4 - Global Startup: WebSphere MQ Task Bar.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195494235122
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195494225349
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://www-307.ibm.com/pc/support/access/aslibmain/content/IbmEgath.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://acs-inc.webex.com/client/wbs26-vzbprodcn/webex/ieatgpc.cab
O16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) - https://www-307.ibm.com/pc/support/access/aslibmain/content/AcpControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Americas.ONEACS.COM
O17 - HKLM\Software\..\Telephony: DomainName = Americas.ONEACS.COM
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Americas.ONEACS.COM
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ACSDPA - ACS - C:\Program Files\ACS\DPA\ACSDPA.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ataman TCP Remote Logon Services - Unknown owner - C:\Hyperion\BIPlus\bin\SQR\Remote\bin\atrls.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: BEA Products NodeManager (C_bea10_wlserver10) - BEA Systems, Inc. - C:\bea10\WLSERV~1\server\bin\beasvc.exe
O23 - Service: BEA WebLogic Platform 8.1 NodeManager - BEA Systems, Inc. - C:\bea815\WEBLOG~1\server\bin\beasvc.exe
O23 - Service: BES Client (BESClient) - BigFix Inc. - C:\Program Files\BigFix Enterprise\BES Client\BESClient.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: IBM MQSeries (MQSeriesServices) - IBM Corporation - C:\Program Files\IBM\WebSphere MQ\bin\amqsvc.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\WINDOWS\system32\NALNTSRV.EXE
O23 - Service: Remote management (Novell WUser Agent) - Novell, Inc. - C:\NOVELL\ZENRC\wuser32.exe
O23 - Service: Novell Workstation Manager (WM) - Novell, Inc. - C:\WINDOWS\system32\wm.exe
O23 - Service: WUOLservice (WUOLService) - Novell, Inc. - C:\NOVELL\ZENRC\WUOLService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 13393 bytes
This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
Posted by: Samker
« on: 07. January 2010., 18:49:39 »As I suspect, You still have infected files.
We will first clean infection and after that look closer at McAfee problem:
Now please follow next steps:
1. Turn of System Restore
2. Update your McAfee AV and Malwarebytes
3. Download, Install and Update SUPERAntiSpyware: http://scforum.info/index.php/topic,116.0.html
4. Restart your PC and run in Safe Mode.
5. Run Full Scans and Delete all suspected files, first with SUPERAntiSpyware and then with Malwartebytes
5. Run Full Scan with your McAfee AntiVirus
6. After that BitDefender Online Scan: http://scforum.info/index.php/topic,734.0.html
7. After that HijackThis (it's important to before running HJT turn of all possible programs)
8. Finally provide us new logs from both (BitDefender and HJT)
I'll be waiting your next reply.
Regards,
S.
We will first clean infection and after that look closer at McAfee problem:
Now please follow next steps:
1. Turn of System Restore
Quote
Steps to turn off System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. In the System Properties dialog box, click the System Restore tab.
3. Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
4. Click OK.
5. When you receive the following message, click Yes to confirm that you want to turn off System Restore:
You have chosen to turn off System Restore. If you continue, all existing restore points will be deleted, and you will not be able to track or undo changes to your computer.
Do you want to turn off System Restore?
After a few moments, the System Properties dialog box closes.
2. Update your McAfee AV and Malwarebytes
3. Download, Install and Update SUPERAntiSpyware: http://scforum.info/index.php/topic,116.0.html
4. Restart your PC and run in Safe Mode.
Quote
To start the computer in safe mode
1.
You should print these instructions before continuing. They will not be available after you shut your computer down in step 2.
2.
Click Start and then click Shut Down.
3.
In the drop-down list of the Shut Down Windows dialog box, click Restart, and then click OK.
4.
As your computer restarts but before Windows launches, press F8.
On a computer that is configured for booting to multiple operating systems, you can press F8 when the boot menu appears.
5.
Use the arrow keys to highlight the appropriate safe mode option, and then press ENTER.
6.
If you have a dual-boot or multiple-boot system, choose the installation that you need to access using the arrow keys, and then press ENTER.
Note•
If Windows launches before you can choose a safe mode, restart your computer and try again.
•
In safe mode, you have access to only basic files and drivers (mouse, monitor, keyboard, mass storage, base video, default system services, and no network connections). You can choose the Safe Mode with Networking option, which loads all of the above files and drivers and the essential services and drivers to start networking, or you can choose the Safe Mode with Command Prompt option, which is exactly the same as safe mode except that a command prompt is started instead of the graphical user interface. You can also choose Last Known Good Configuration, which starts your computer using the registry information that was saved at the last shutdown.
•
Safe mode helps you diagnose problems. If a symptom does not reappear when you start in safe mode, you can eliminate the default settings and minimum device drivers as possible causes. If a newly added device or a changed driver is causing problems, you can use safe mode to remove the device or reverse the change.
•
There are circumstances where safe mode will not be able to help you, such as when Windows system files that are required to start the system are corrupted or damaged. In this case, the Recovery Console may help you.
•
NUM LOCK must be off before the arrow keys on the numeric keypad will function.
5. Run Full Scans and Delete all suspected files, first with SUPERAntiSpyware and then with Malwartebytes
5. Run Full Scan with your McAfee AntiVirus
6. After that BitDefender Online Scan: http://scforum.info/index.php/topic,734.0.html
7. After that HijackThis (it's important to before running HJT turn of all possible programs)
8. Finally provide us new logs from both (BitDefender and HJT)
I'll be waiting your next reply.
Regards,
S.
Posted by: mikewu
« on: 07. January 2010., 01:50:23 »Here is the report:
Date: Yesterday (events: 38)
My Protection (events: 2)
1/5/2010 7:40:33 PM Your computer is protected Kaspersky Anti-Virus
1/5/2010 7:40:18 PM Databases are obsolete Kaspersky Anti-Virus
File Anti-Virus (events: 23)
1/5/2010 11:50:47 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:32:02 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:17:46 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:16:42 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:14:14 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:00:40 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:58:13 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:46:28 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:36:57 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:25:03 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 9:53:25 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 9:07:19 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:53:47 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:52:55 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:51:56 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:48:55 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:48:30 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:46:23 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:45:18 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:28:54 PM Processing error Yahoo! Messenger C:\Program Files\YAHOO!\MESSENGER\Cache\WH.ul3YzZ.8tXOlFm3WKlQ--.slotmgr.ini Read error
1/5/2010 8:28:06 PM Processing error Yahoo! Messenger C:\Program Files\YAHOO!\MESSENGER\Cache\WH.ul3YzZ.8tXOlFm3WKlQ--.slotmgr.ini Read error
1/5/2010 8:06:22 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\172.ini Read error
1/5/2010 7:40:19 PM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 1)
1/5/2010 7:40:18 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 1)
1/5/2010 7:40:18 PM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 7)
1/5/2010 8:31:42 PM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE Action selected by user
1/5/2010 8:31:42 PM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE
1/5/2010 7:42:04 PM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE Action selected by user
1/5/2010 7:42:04 PM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE
1/5/2010 7:40:57 PM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS Action selected by user
1/5/2010 7:40:57 PM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS
1/5/2010 7:40:18 PM Task started Kaspersky Anti-Virus Proactive Defense
IM Anti-Virus (events: 1)
1/5/2010 7:40:19 PM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 1)
1/5/2010 7:45:17 PM Task started Kaspersky Anti-Virus Full Scan
My Update Center (events: 2)
1/5/2010 7:44:36 PM Task completed Kaspersky Anti-Virus My Update Center
1/5/2010 7:40:30 PM Task started Kaspersky Anti-Virus My Update Center
Date: Today (events: 61)
My Protection (events: 6)
1/6/2010 12:07:47 PM Potentially unwanted software detected Kaspersky Anti-Virus
1/6/2010 12:02:46 PM Threats have been detected Kaspersky Anti-Virus
1/6/2010 8:17:04 AM Potentially unwanted software detected Kaspersky Anti-Virus
1/6/2010 8:13:39 AM Threats have been detected Kaspersky Anti-Virus
1/6/2010 7:40:41 AM Potentially unwanted software detected Kaspersky Anti-Virus
1/6/2010 7:09:18 AM Your computer is protected Kaspersky Anti-Virus
File Anti-Virus (events: 10)
1/6/2010 9:13:56 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\37.ini Read error
1/6/2010 9:13:39 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\67.ini Read error
1/6/2010 9:13:28 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\6.ini Read error
1/6/2010 9:13:16 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\6.ini Read error
1/6/2010 9:11:08 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 9:10:26 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 9:09:55 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 9:08:48 AM Processing error NAI Product Manager C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus File Anti-Virus
1/6/2010 12:03:47 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
Mail Anti-Virus (events: 1)
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 1)
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 35)
1/6/2010 6:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 6:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 5:50:01 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 5:50:01 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 4:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 4:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE Action selected by user
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE Action selected by user
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE
1/6/2010 3:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 3:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 2:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 2:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 1:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 1:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 12:50:52 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 12:50:52 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 11:50:08 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 11:50:08 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 10:50:30 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 10:50:30 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 9:50:05 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 9:50:05 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 8:51:14 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 8:51:14 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 7:13:17 AM Detected: PDM.Hidden data sending ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE Action selected by user
1/6/2010 7:13:17 AM Detected: PDM.Hidden data sending ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE
1/6/2010 7:11:32 AM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE Action selected by user
1/6/2010 7:11:32 AM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE
1/6/2010 7:09:13 AM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE Action selected by user
1/6/2010 7:09:13 AM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE
1/6/2010 7:09:13 AM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS Action selected by user
1/6/2010 7:09:13 AM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus Proactive Defense
License manager (events: 1)
1/6/2010 7:06:52 AM License validity period expires soon Kaspersky Anti-Virus
IM Anti-Virus (events: 1)
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 4)
1/6/2010 1:15:06 PM Task completed Kaspersky Anti-Virus Rootkit Scan
1/6/2010 1:07:06 PM Task started Kaspersky Anti-Virus Rootkit Scan
1/6/2010 1:06:56 PM Task completed Kaspersky Anti-Virus Full Scan
1/6/2010 7:11:22 AM Task started Kaspersky Anti-Virus Full Scan
My Update Center (events: 2)
1/6/2010 7:29:18 AM Task completed Kaspersky Anti-Virus My Update Center
1/6/2010 7:22:10 AM Task started Kaspersky Anti-Virus My Update Center
Date: Yesterday (events: 38)
My Protection (events: 2)
1/5/2010 7:40:33 PM Your computer is protected Kaspersky Anti-Virus
1/5/2010 7:40:18 PM Databases are obsolete Kaspersky Anti-Virus
File Anti-Virus (events: 23)
1/5/2010 11:50:47 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:32:02 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:17:46 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:16:42 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:14:14 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 11:00:40 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:58:13 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:46:28 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:36:57 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 10:25:03 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
1/5/2010 9:53:25 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 9:07:19 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:53:47 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:52:55 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:51:56 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:48:55 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:48:30 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:46:23 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:45:18 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/5/2010 8:28:54 PM Processing error Yahoo! Messenger C:\Program Files\YAHOO!\MESSENGER\Cache\WH.ul3YzZ.8tXOlFm3WKlQ--.slotmgr.ini Read error
1/5/2010 8:28:06 PM Processing error Yahoo! Messenger C:\Program Files\YAHOO!\MESSENGER\Cache\WH.ul3YzZ.8tXOlFm3WKlQ--.slotmgr.ini Read error
1/5/2010 8:06:22 PM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\172.ini Read error
1/5/2010 7:40:19 PM Task started Kaspersky Anti-Virus File Anti-Virus
Mail Anti-Virus (events: 1)
1/5/2010 7:40:18 PM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 1)
1/5/2010 7:40:18 PM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 7)
1/5/2010 8:31:42 PM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE Action selected by user
1/5/2010 8:31:42 PM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE
1/5/2010 7:42:04 PM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE Action selected by user
1/5/2010 7:42:04 PM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE
1/5/2010 7:40:57 PM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS Action selected by user
1/5/2010 7:40:57 PM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS
1/5/2010 7:40:18 PM Task started Kaspersky Anti-Virus Proactive Defense
IM Anti-Virus (events: 1)
1/5/2010 7:40:19 PM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 1)
1/5/2010 7:45:17 PM Task started Kaspersky Anti-Virus Full Scan
My Update Center (events: 2)
1/5/2010 7:44:36 PM Task completed Kaspersky Anti-Virus My Update Center
1/5/2010 7:40:30 PM Task started Kaspersky Anti-Virus My Update Center
Date: Today (events: 61)
My Protection (events: 6)
1/6/2010 12:07:47 PM Potentially unwanted software detected Kaspersky Anti-Virus
1/6/2010 12:02:46 PM Threats have been detected Kaspersky Anti-Virus
1/6/2010 8:17:04 AM Potentially unwanted software detected Kaspersky Anti-Virus
1/6/2010 8:13:39 AM Threats have been detected Kaspersky Anti-Virus
1/6/2010 7:40:41 AM Potentially unwanted software detected Kaspersky Anti-Virus
1/6/2010 7:09:18 AM Your computer is protected Kaspersky Anti-Virus
File Anti-Virus (events: 10)
1/6/2010 9:13:56 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\37.ini Read error
1/6/2010 9:13:39 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\67.ini Read error
1/6/2010 9:13:28 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\6.ini Read error
1/6/2010 9:13:16 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\6.ini Read error
1/6/2010 9:11:08 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 9:10:26 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 9:09:55 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 9:08:48 AM Processing error NAI Product Manager C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Agent.ini Read error
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus File Anti-Virus
1/6/2010 12:03:47 AM Processing error Framework Service C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\McAfee\Common Framework\Task\168.ini Read error
Mail Anti-Virus (events: 1)
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus Mail Anti-Virus
Web Anti-Virus (events: 1)
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus Web Anti-Virus
Proactive Defense (events: 35)
1/6/2010 6:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 6:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 5:50:01 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 5:50:01 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 4:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 4:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE Action selected by user
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE Action selected by user
1/6/2010 4:18:07 PM Detected: PDM.DNS Query mcci+McciBrowser C:\PROGRAM FILES\VERIZON\MCCIBROWSER.EXE
1/6/2010 3:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 3:50:02 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 2:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 2:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 1:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 1:50:03 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 12:50:52 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 12:50:52 PM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 11:50:08 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 11:50:08 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 10:50:30 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 10:50:30 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 9:50:05 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 9:50:05 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 8:51:14 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS Action selected by user
1/6/2010 8:51:14 AM Detected: PDM.DNS Query REASSIGN.VBS C:\WINDOWS\SYSTEM32\CCM\CACHE\DAL00011.4.SYSTEM\REASSIGN.VBS
1/6/2010 7:13:17 AM Detected: PDM.Hidden data sending ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE Action selected by user
1/6/2010 7:13:17 AM Detected: PDM.Hidden data sending ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE
1/6/2010 7:11:32 AM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE Action selected by user
1/6/2010 7:11:32 AM Detected: PDM.DNS Query ACS DPA User Interface C:\PROGRAM FILES\ACS\DPA\DPAUI.EXE
1/6/2010 7:09:13 AM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE Action selected by user
1/6/2010 7:09:13 AM Detected: PDM.DNS Query ACS Data Protection Agent C:\PROGRAM FILES\ACS\DPA\ACSDPA.EXE
1/6/2010 7:09:13 AM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS Action selected by user
1/6/2010 7:09:13 AM Detected: PDM.Keylogger Absent C:\WINDOWS\SYSTEM32\DRIVERS\KBLOCK.SYS
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus Proactive Defense
License manager (events: 1)
1/6/2010 7:06:52 AM License validity period expires soon Kaspersky Anti-Virus
IM Anti-Virus (events: 1)
1/6/2010 7:06:57 AM Task started Kaspersky Anti-Virus IM Anti-Virus
Objects Scan (events: 4)
1/6/2010 1:15:06 PM Task completed Kaspersky Anti-Virus Rootkit Scan
1/6/2010 1:07:06 PM Task started Kaspersky Anti-Virus Rootkit Scan
1/6/2010 1:06:56 PM Task completed Kaspersky Anti-Virus Full Scan
1/6/2010 7:11:22 AM Task started Kaspersky Anti-Virus Full Scan
My Update Center (events: 2)
1/6/2010 7:29:18 AM Task completed Kaspersky Anti-Virus My Update Center
1/6/2010 7:22:10 AM Task started Kaspersky Anti-Virus My Update Center
Posted by: mikewu
« on: 05. January 2010., 21:20:32 »Will do as soon as I come back home tonight. Thanks for your quick response!