Date: Today (events: 945)

Protection (events: 945)

10/10/2009 22:32:32 Threats have been detected Kaspersky Internet Security

09/10/2009 22:43:57 Databases are obsolete Kaspersky Internet Security

09/10/2009 22:41:48 Protection is not running Kaspersky Internet Security

09/10/2009 22:22:11 Databases are obsolete Kaspersky Internet Security

09/10/2009 00:31:33 Protection is not running Kaspersky Internet Security

09/10/2009 00:23:30 Databases are obsolete Kaspersky Internet Security

08/10/2009 21:57:27 Protection is not running Kaspersky Internet Security

08/10/2009 20:19:03 Databases are obsolete Kaspersky Internet Security

06/10/2009 22:47:54 Protection is not running Kaspersky Internet Security

06/10/2009 22:27:08 Databases are obsolete Kaspersky Internet Security

Protection (events: 945)

10/10/2009 22:36:45 Untreated: Trojan-Downloader.WMA.GetCodec.f Explorateur
Windows E:\CD 1\Occidental\JENNEFIER LOPEZ\JENNIFER LOPEZ CD QUALITY.MP3
Skipped by user
10/10/2009 22:36:45 Detected: Trojan-Downloader.WMA.GetCodec.f Explorateur
Windows E:\CD 1\Occidental\JENNEFIER LOPEZ\JENNIFER LOPEZ CD QUALITY.MP3

10/10/2009 22:32:34 Untreated: Trojan-Downloader.WMA.GetCodec.a Windows

Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - THINGS CAN
ONLY GET BETTER.MP3 Skipped by user
10/10/2009 22:32:34 Detected: Trojan-Downloader.WMA.GetCodec.a Windows
Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - THINGS CAN
ONLY GET BETTER.MP3
10/10/2009 22:32:34 Untreated: Trojan-Downloader.WMA.GetCodec.c Windows
Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - KYLIE
MINOGUE - YOUR LOVE.MP3 Skipped by user
10/10/2009 22:32:34 Detected: Trojan-Downloader.WMA.GetCodec.c Windows
Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - KYLIE
MINOGUE - YOUR LOVE.MP3
10/10/2009 22:32:32 Untreated: Trojan-Downloader.WMA.GetCodec.f Windows
Media Player E:\CD 1\Occidental\JENNEFIER LOPEZ\JENNIFER LOPEZ CD
QUALITY.MP3 Skipped by user
10/10/2009 22:32:32 Detected: Trojan-Downloader.WMA.GetCodec.f Windows
Media Player E:\CD 1\Occidental\JENNEFIER LOPEZ\JENNIFER LOPEZ CD
QUALITY.MP3
09/10/2009 22:43:58 Task started Kaspersky Internet Security Files
and Memory
09/10/2009 22:22:12 Task started Kaspersky Internet Security Files
and Memory
09/10/2009 00:23:30 Task started Kaspersky Internet Security Files
and Memory
08/10/2009 20:19:03 Task started Kaspersky Internet Security Files
and Memory
06/10/2009 22:27:08 Task started Kaspersky Internet Security Files
and Memory
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security Email
and IM
09/10/2009 22:22:12 Task started Kaspersky Internet Security Email
and IM
09/10/2009 00:23:30 Task started Kaspersky Internet Security Email
and IM
08/10/2009 20:19:03 Task started Kaspersky Internet Security Email
and IM
06/10/2009 22:27:08 Task started Kaspersky Internet Security Email
and IM
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security Web
Traffic
09/10/2009 22:22:12 Task started Kaspersky Internet Security Web
Traffic
09/10/2009 00:23:30 Task started Kaspersky Internet Security Web
Traffic
08/10/2009 20:19:03 Task started Kaspersky Internet Security Web
Traffic
06/10/2009 22:27:08 Task started Kaspersky Internet Security Web
Traffic
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security Anti-
Phishing
09/10/2009 22:22:12 Task started Kaspersky Internet Security Anti-
Phishing
09/10/2009 00:23:30 Task started Kaspersky Internet Security Anti-
Phishing
08/10/2009 20:19:03 Task started Kaspersky Internet Security Anti-
Phishing
06/10/2009 22:27:09 Task started Kaspersky Internet Security Anti-
Phishing
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security Anti-
Dialer
09/10/2009 22:22:12 Task started Kaspersky Internet Security Anti-
Dialer
09/10/2009 00:23:30 Task started Kaspersky Internet Security Anti-
Dialer
08/10/2009 20:19:03 Task started Kaspersky Internet Security Anti-
Dialer
06/10/2009 22:27:09 Task started Kaspersky Internet Security Anti-
Dialer
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security
Network Attack Blocker
09/10/2009 22:22:12 Task started Kaspersky Internet Security
Network Attack Blocker
09/10/2009 00:23:30 Task started Kaspersky Internet Security
Network Attack Blocker
08/10/2009 20:19:03 Task started Kaspersky Internet Security
Network Attack Blocker
06/10/2009 22:27:09 Task started Kaspersky Internet Security
Network Attack Blocker
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security Anti-
Spam
09/10/2009 22:22:12 Task started Kaspersky Internet Security Anti-
Spam
09/10/2009 00:23:30 Task started Kaspersky Internet Security Anti-
Spam
08/10/2009 20:19:03 Task started Kaspersky Internet Security Anti-
Spam
06/10/2009 22:27:09 Task started Kaspersky Internet Security Anti-
Spam
Protection (events: 945)
10/10/2009 22:46:31 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:32:22 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
10/10/2009 22:30:08 RealNetworks Event Launcher Placed in group Low
Restricted High value of threat rating calculated heuristically
10/10/2009 22:30:04 RealNetworks Helper Application Placed in group
Low Restricted High value of threat rating calculated heuristically
10/10/2009 22:26:49 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:26:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
10/10/2009 22:24:54 UnInstall MFC Application Placed in group Low
Restricted High value of threat rating calculated heuristically
10/10/2009 22:24:52 UnInstall MFC Application Placed in group Low
Restricted High value of threat rating calculated heuristically
10/10/2009 22:24:31 BJ Raster Printer Driver Un-Installer Placed in
group Low Restricted High value of threat rating calculated heuristically
10/10/2009 22:22:02 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
10/10/2009 22:21:34 Panneau de configuration Windows Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
10/10/2009 22:19:09 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:28 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:28 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:28 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:28 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:25 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:25 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:18:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:17:02 igfxcfg Module Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
10/10/2009 22:16:16 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
10/10/2009 22:14:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
10/10/2009 22:14:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
10/10/2009 22:14:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
10/10/2009 22:13:09 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:13:09 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:13:09 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:13:09 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
10/10/2009 22:13:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:40 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:37 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:37 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:29 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:29 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:18:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:17:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:17:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 23:17:16 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:17:16 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:17:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:17:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:16:50 Aide Microsoft� Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
09/10/2009 23:09:41 COMPMGMT.MSC Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
09/10/2009 23:08:33 Microsoft Help Center Service Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
09/10/2009 23:07:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:07:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
 KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:07:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:03:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:03:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:03:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:02:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:02:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 23:01:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:01:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:01:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:01:37 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:01:31 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:01:31 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:01:31 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 23:01:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:59:26 VLC media player Placed in group Low Restricted
High value of threat rating calculated heuristically
09/10/2009 22:59:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:59:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:59:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:59:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:59:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:58:52 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:58:52 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:56:42 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:56:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:55:53 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:53:10 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:53:10 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:46:22 Ex�cutable de l'Assistant Publication de sites Web
Placed in group Low Restricted High value of threat rating calculated
heuristically
09/10/2009 22:45:46 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLPrtStgAccess Explorateur
Windows Access to protected storage
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLPrtStgAccess
09/10/2009 22:43:58 Task started Kaspersky Internet Security
Application Filtering
09/10/2009 22:41:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:41:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:41:42 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:41:42 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:41:42 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:41:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:41:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:41:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:40:03 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:40:03 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:39:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:39:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:39:37 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
09/10/2009 22:39:36 Fichier de donn�es de la zone Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
09/10/2009 22:39:29 Gestionnaire des composants optionnels de syst�me
autonome Placed in group Trusted/MICROSOFT Signed by the digital signature of
entrusted manufacturers
09/10/2009 22:28:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:28:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:28:31 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLPrtStgAccess Ex�cuter une
DLL en tant qu'application Access to protected storage
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLPrtStgAccess
09/10/2009 22:24:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:24:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:24:18 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:24:18 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:24:18 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 22:23:07 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
09/10/2009 22:23:07 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
09/10/2009 22:23:06 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
BLUESOLEIL.MSI Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:23:06 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc SETUP.EXE
Process start e:\windows xp\bluetooth driver\bluesoleil.msi
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
09/10/2009 22:23:06 BLUESOLEIL.MSI Placed in group Low Restricted
High value of threat rating calculated heuristically
09/10/2009 22:22:59 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\windows xp\bluetooth driver\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
09/10/2009 22:22:59 SETUP.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
09/10/2009 22:22:31 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart Absent
Start driver C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart
09/10/2009 22:22:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:22:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 22:22:12 Task started Kaspersky Internet Security
Application Filtering
09/10/2009 00:31:27 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:31:27 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:31:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:31:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:31:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:31:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:31:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:25:02 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Informations syst�me Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 00:25:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Informations syst�me Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
09/10/2009 00:24:59 Informations syst�me Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
09/10/2009 00:24:48 Interpr�teur de commandes Windows Placed in group
Low Restricted High value of threat rating calculated heuristically
09/10/2009 00:23:48 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart Absent
Start driver C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart
09/10/2009 00:23:47 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:23:47 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:23:47 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:23:47 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
09/10/2009 00:23:30 Task started Kaspersky Internet Security
Application Filtering
08/10/2009 21:57:20 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:20 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 21:57:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 20:59:34 Denied: KLSystemData/KLSystemFiles/Drivers IS-3GQKJ.TMP
Create C:\WINDOWS\system32\drivers\drhard.sys
KLSystemData/KLSystemFiles/Drivers
08/10/2009 20:59:21 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
168PARNASSE22.EXE Process start c:\documents and
settings\administrateur\local settings\temp\is-q80gs.tmp\is-3gqkj.tmp
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:59:21 IS-3GQKJ.TMP Placed in group Trusted Known
on the database of the known software
08/10/2009 20:59:21 168PARNASSE22.EXE Placed in group High Restricted
High value of threat rating calculated heuristically
08/10/2009 20:58:53 NVUNINST.EXE Placed in group Trusted/NVIDIA
Known on the database of the known software
08/10/2009 20:58:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLPrtStgAccess Setup.exe
Access to protected storage
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLPrtStgAccess
08/10/2009 20:58:15 Setup.exe Placed in group Trusted/INSTALLSHIELD
SOFTWARE Signed by the digital signature of entrusted manufacturers
08/10/2009 20:58:05 130PARNASSE22.EXE Placed in group Trusted/NVIDIA
Signed by the digital signature of entrusted manufacturers
08/10/2009 20:56:09 PARNASSE22DVD1.EXE Placed in group Low
Restricted High value of threat rating calculated heuristically
08/10/2009 20:56:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:56:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:56:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:56:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:56:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:56:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:56:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
 KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:56:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:55:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Explorateur Windows Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:55:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:53:34 Denied: KLPrivileges/KLSelfStart 104PARNASSE22.EXE
Autorun KLPrivileges/KLSelfStart
08/10/2009 20:53:33 104PARNASSE22.EXE Placed in group Untrusted High
value of threat rating calculated heuristically
08/10/2009 20:52:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:51:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:50:28 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:48:27 Windows Media Player Folder Sharing Executable Placed
in group Trusted/MICROSOFT Signed by the digital signature of entrusted
manufacturers
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
 Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:48:26 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:47:50 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:46:20 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess ACDSee
9 Photo Manager Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
08/10/2009 20:46:13 ACDSee 9 Photo Manager Placed in group Low
Restricted High value of threat rating calculated heuristically
08/10/2009 20:46:00 PARNASSE22DVD2.EXE Placed in group Low
Restricted High value of threat rating calculated heuristically
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:45:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:44:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:44:07 MSIINST.EXE Placed in group Trusted/MICROSOFT Known
on the database of the known software
08/10/2009 20:44:06 INSTMSIW.EXE Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
08/10/2009 20:44:02 MSIINST.EXE Placed in group Trusted/MICROSOFT Known
on the database of the known software
08/10/2009 20:44:01 INSTMSIA.EXE Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
08/10/2009 20:43:27 SETUP.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
08/10/2009 20:42:47 _ISDEL.EXE Placed in group Trusted/INSTALLSHIELD
SOFTWARE Known on the database of the known software
08/10/2009 20:42:46 _INS5576._MP Placed in group
Trusted/INSTALLSHIELD SOFTWARE Known on the database of the known
software
08/10/2009 20:42:45 SETUP.EXE Placed in group Trusted/INSTALLSHIELD
SOFTWARE Known on the database of the known software
08/10/2009 20:42:13 CNMVSA.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
08/10/2009 20:41:59 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart Absent
Start driver C:\BJPRINTER\CNMWINDOWS\CANON PIXMA IP1500
INSTALLER\INST2\CNMPAR21.SYS
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart
08/10/2009 20:41:35 SETUP.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
08/10/2009 20:40:51 Denied: KLSystemData/KLSystemFiles/SystemExe SETUP.EXE
Create C:\WINDOWS\system32\CNMCP5y.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:40:51 Denied: KLSystemData/KLSystemFiles/SystemExe SETUP.EXE
Create C:\WINDOWS\system32\CNMCP5y.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:40:51 Denied: KLSystemData/KLSystemFiles/SystemExe SETUP.EXE
Create C:\WINDOWS\system32\CNMCP5y.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:40:48 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc MSETUP4.EXE
Process start e:\win2000\printer\e16\disk0\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:40:22 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:39:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:39:40 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
 Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:39:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:39:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:39:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:39:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
08/10/2009 20:39:14 Internet Explorer Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
08/10/2009 20:38:46 Denied: KLSystemData/KLSystemFiles/SystemExe SETUP.EXE
Create C:\WINDOWS\system32\CNMCP5y.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:38:46 Denied: KLSystemData/KLSystemFiles/SystemExe SETUP.EXE
Create C:\WINDOWS\system32\CNMCP5y.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:38:46 Denied: KLSystemData/KLSystemFiles/SystemExe SETUP.EXE
Create C:\WINDOWS\system32\CNMCP5y.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:38:32 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc MSETUP4.EXE
Process start e:\win2000\printer\e16\disk0\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:38:32 SETUP.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
08/10/2009 20:38:24 Denied: KLSystemData/KLSystemFiles/SystemExe STARTHTM.EXE
Create C:\WINDOWS\IP1500\uninstall.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:38:24 Denied: KLSystemData/KLSystemFiles/SystemExe STARTHTM.EXE
Create C:\WINDOWS\IP1500\uninstall.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:38:24 Denied: KLSystemData/KLSystemFiles/SystemExe STARTHTM.EXE
Create C:\WINDOWS\IP1500\uninstall.exe
KLSystemData/KLSystemFiles/SystemExe
08/10/2009 20:38:18 Denied: KLSystemData/KLStartupRegKeys/Common Startup
STARTHTM.EXE Modification
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
08/10/2009 20:38:18 Denied: KLSystemData/KLStartupRegKeys/Common Startup
STARTHTM.EXE Modification hkey_users\S-1-5-21-484763869-651377827-
682003330-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
08/10/2009 20:38:13 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc SETUP.EXE
Process start e:\manual\starthtm.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:38:13 STARTHTM.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
08/10/2009 20:38:13 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc MSETUP4.EXE
Process start e:\manual\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:38:13 SETUP.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
08/10/2009 20:37:50 MSETUP4.EXE Placed in group High Restricted High
value of threat rating calculated heuristically
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:37:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
08/10/2009 20:36:05 Utilitaire d'installation du Lecteur Windows Media de
Microsoft Placed in group Trusted/MICROSOFT Signed by the digital signature of
entrusted manufacturers
08/10/2009 20:36:04 Windows NT User Data Migration Tool Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
08/10/2009 20:36:02 IE Per-User Initialization Utility Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
08/10/2009 20:34:56 Windows Media Player Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
08/10/2009 20:33:06 DEVMGMT.MSC Placed in group Trusted/MICROSOFT Signed
by the digital signature of entrusted manufacturers
08/10/2009 20:33:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
 Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
08/10/2009 20:33:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 20:22:44 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUETOOTH USB DONGLE.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
08/10/2009 20:22:44 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown BLUETOOTH
USB DONGLE.MSI Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 20:22:44 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Setup
Launcher Process start c:\windows\downloaded installations\{f07f29cd-639d-
4a19-8e54-1f5a1bf6cb12}\bluetooth usb dongle.msi
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:22:43 BLUETOOTH USB DONGLE.MSI Placed in group High
Restricted High value of threat rating calculated heuristically
08/10/2009 20:22:37 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\windows vista\vista_setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:22:37 Setup Launcher Placed in group Low Restricted
High value of threat rating calculated heuristically
08/10/2009 20:22:15 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
08/10/2009 20:22:14 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
08/10/2009 20:22:14 Windows� installer Placed in group Low
Restricted High value of threat rating calculated heuristically
08/10/2009 20:22:14 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
BLUESOLEIL.MSI Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc SETUP.EXE
Process start e:\windows xp\bluetooth driver\bluesoleil.msi
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:22:13 BLUESOLEIL.MSI Placed in group Low Restricted
High value of threat rating calculated heuristically
08/10/2009 20:22:06 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\windows xp\bluetooth driver\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
08/10/2009 20:22:06 SETUP.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
08/10/2009 20:21:52 AUTORUN.EXE Placed in group High Restricted High
value of threat rating calculated heuristically
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
 KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
 KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess HP
Software Update Client Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
08/10/2009 20:21:19 HP Software Update Client Placed in group
Trusted/HEWLETT-PACKARD Signed by the digital signature of entrusted
manufacturers
08/10/2009 20:20:57 Run Once Wrapper Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
08/10/2009 20:19:22 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart Absent
Start driver C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart
08/10/2009 20:19:22 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 20:19:22 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
08/10/2009 20:19:03 Task started Kaspersky Internet Security
Application Filtering
06/10/2009 22:47:46 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:46 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:44 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:44 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:44 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:44 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:44 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:47:20 Microsoft Help and Support Center Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:44:14 Notepad2 Placed in group Low Restricted High
value of threat rating calculated heuristically
06/10/2009 22:43:44 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:43:44 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:43:37 FIREWORKS_MX_TRIAL_FR.EXE Placed in group Low
Restricted High value of threat rating calculated heuristically
06/10/2009 22:42:59 RealPlayer Placed in group Trusted/REALNETWORKS
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:42:46 Firefox Placed in group Trusted/MOZILLA Signed
by the digital signature of entrusted manufacturers
06/10/2009 22:42:46 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:42:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:42:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:42:38 VSETUPT.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
06/10/2009 22:42:35 Microsoft(C) Register Server Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:42:34 REGSVR32.EXE Placed in group Trusted/MICROSOFT
Known on the database of the known software
06/10/2009 22:41:59 InstallShield (R) Setup Engine Placed in group
Trusted/INSTALLSHIELD SOFTWARE Known on the database of the known
software
06/10/2009 22:41:58 SETUP.EXE Placed in group Trusted/INSTALLSHIELD
SOFTWARE Known on the database of the known software
06/10/2009 22:41:32 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:41:32 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:41:24 DW_MX_TRIAL_FR.EXE Placed in group Low
Restricted High value of threat rating calculated heuristically
06/10/2009 22:40:42 CRACK.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
06/10/2009 22:39:43 Macromedia Flash Player 6.0 r21 Placed in group
Low Restricted High value of threat rating calculated heuristically
06/10/2009 22:39:39 Macromedia Projector Placed in group Low
Restricted High value of threat rating calculated heuristically
06/10/2009 22:39:22 Macromedia Flash Player 6.0 r21 Placed in group
Low Restricted High value of threat rating calculated heuristically
06/10/2009 22:39:08 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
D�bogueur Postmortem Dr Watson Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
06/10/2009 22:39:07 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Explorateur
Windows Process start c:\windows\system32\drwtsn32.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
06/10/2009 22:39:07 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Explorateur
Windows Process start
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
06/10/2009 22:39:07 D�bogueur Postmortem Dr Watson Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:39:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:39:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:39:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:39:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:39:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:39:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
06/10/2009 22:39:04 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Macromedia
Director 8 Process start c:\windows\explorer.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
06/10/2009 22:39:04 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Macromedia
Director 8 Process start c:\windows\explorer.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
06/10/2009 22:39:02 Denied: KLSystemData/KLStartupRegKeys/Common Startup
Macromedia Director 8 Modification
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
06/10/2009 22:39:02 Denied: KLSystemData/KLStartupRegKeys/Common Startup
Macromedia Director 8 Modification
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
06/10/2009 22:39:02 Denied: KLSystemData/KLStartupRegKeys/Common Startup
Macromedia Director 8 Modification hkey_users\S-1-5-21-484763869-
651377827-682003330-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell
Folders KLSystemData/KLStartupRegKeys/Common Startup
06/10/2009 22:39:02 Denied: KLSystemData/KLStartupRegKeys/Common Startup
Macromedia Director 8 Modification hkey_users\S-1-5-21-484763869-
651377827-682003330-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell
Folders KLSystemData/KLStartupRegKeys/Common Startup
06/10/2009 22:38:49 Macromedia Director 8 Placed in group High
Restricted High value of threat rating calculated heuristically
06/10/2009 22:38:08 Macromedia Flash Player 6.0 r21 Placed in group
Trusted/MACROMEDIA Known on the database of the known software
06/10/2009 22:37:58 Runtime Module for MMB presentation Placed in group
Low Restricted High value of threat rating calculated heuristically
06/10/2009 22:35:25 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:35:25 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:35:17 CPU-Z Application Placed in group High Restricted
High value of threat rating calculated heuristically
06/10/2009 22:31:07 WMI Placed in group Trusted/MICROSOFT Signed by
the digital signature of entrusted manufacturers
06/10/2009 22:29:41 Gestionnaire des t�ches de Windows Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:28:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
06/10/2009 22:28:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
06/10/2009 22:28:48 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
 Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
06/10/2009 22:27:58 Verify Class ID Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:50 Windows Update Automatic Updates Placed in group
Low Restricted High value of threat rating calculated heuristically
06/10/2009 22:27:39 HpqToaster Module Placed in group Trusted/HEWLETT-
PACKARD Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:35 Presentation Action Placed in group
Trusted/HEWLETT-PACKARD Signed by the digital signature of entrusted
manufacturers
06/10/2009 22:27:34 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart Absent
Start driver C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLDrvStart
06/10/2009 22:27:33 Download Accelerator Plus (DAP) Placed in group
Trusted/SPEED-BIT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:32 CTF Loader Placed in group Trusted/MICROSOFT Signed
by the digital signature of entrusted manufacturers
06/10/2009 22:27:32 WMI Placed in group Trusted/MICROSOFT Signed by
the digital signature of entrusted manufacturers
06/10/2009 22:27:32 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:27:32 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
06/10/2009 22:27:31 RealNetworks Scheduler Placed in group
Trusted/REALNETWORKS Signed by the digital signature of entrusted
manufacturers
06/10/2009 22:27:31 Atheros Client Utility Placed in group Low
Restricted High value of threat rating calculated heuristically
06/10/2009 22:27:31 hpqwmiex Module Placed in group Trusted/HEWLETT-
PACKARD Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:30 HPWAMain Module Placed in group Trusted/HEWLETT-
PACKARD Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:30 Quick Launch Buttons Placed in group
Trusted/HEWLETT-PACKARD Signed by the digital signature of entrusted
manufacturers
06/10/2009 22:27:30 Hewlett-Packard Product Assistant Placed in group
Trusted/HEWLETT-PACKARD Known on the database of the known software
06/10/2009 22:27:30 persistence Module Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:30 igfxsrvc Module Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:29 hkcmd Module Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:29 igfxTray Module Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:29 ???????? 2002a Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:29 IMSCINST.EXE Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:28 Microsoft IME Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:28 Language Application Placed in group
 Trusted/CYBERLINK Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:27 PowerDVD RC Service Placed in group Low
Restricted High value of threat rating calculated heuristically
06/10/2009 22:27:27 Adobe Acrobat SpeedLauncher Placed in group
Trusted/ADOBE SYSTEMS Signed by the digital signature of entrusted
manufacturers
06/10/2009 22:27:25 Ex�cuter une DLL en tant qu'application Placed in
group Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:25 Explorateur Windows Placed in group Low
Restricted High value of threat rating calculated heuristically
06/10/2009 22:27:24 Application d'ouverture de session Userinit Placed
in group Trusted/MICROSOFT Signed by the digital signature of entrusted
manufacturers
06/10/2009 22:27:21 HP Health Check Service Placed in group
Trusted/HEWLETT-PACKARD Known on the database of the known software
06/10/2009 22:27:21 Kaspersky Internet Security Placed in group
Trusted/KASPERSKY LAB Signed by the digital signature of entrusted
manufacturers
06/10/2009 22:27:21 ACS Placed in group Low Restricted High value
of threat rating calculated heuristically
06/10/2009 22:27:21 Spooler SubSystem App Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:21 Generic Host Process for Win32 Services Placed in
group Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:21 LSA Shell (Export Version) Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:21 Applications Services et Contr�leur Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:21 Application d'ouverture de session Windows NT Placed
in group Trusted/MICROSOFT Signed by the digital signature of entrusted
manufacturers
06/10/2009 22:27:21 Client Server Runtime Process Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:21 Application Layer Gateway Service Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:21 Gestionnaire de session Windows NT Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
06/10/2009 22:27:21 Windows NT Multiple Provider Notification Application
Placed in group Trusted/MICROSOFT Signed by the digital signature of
entrusted manufacturers
06/10/2009 22:27:09 Task started Kaspersky Internet Security
Application Filtering
Protection (events: 945)
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
 REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 22:22:26 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
09/10/2009 00:23:43 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
08/10/2009 20:19:19 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:47:45 Denied Explorateur Windows Open C:\Program
Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
 REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
06/10/2009 22:27:32 Denied Kaspersky Internet Security Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\Trace\Default
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security
Proactive Defense
09/10/2009 22:22:26 Not terminated: Keylogger PowerDVD RC Service
Keylogger activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE

09/10/2009 22:22:26 Detected: Keylogger PowerDVD RC Service Keylogger

activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
09/10/2009 22:22:26 Detected: Keylogger PowerDVD RC Service Keylogger
activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
09/10/2009 22:22:12 Task started Kaspersky Internet Security
Proactive Defense
09/10/2009 00:23:42 Not terminated: Keylogger PowerDVD RC Service
Keylogger activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE

09/10/2009 00:23:42 Detected: Keylogger PowerDVD RC Service Keylogger

activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
09/10/2009 00:23:42 Detected: Keylogger PowerDVD RC Service Keylogger
activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
09/10/2009 00:23:30 Task started Kaspersky Internet Security
Proactive Defense
08/10/2009 20:41:59 Not terminated: Suspicious driver installation Absent

08/10/2009 20:41:59 Detected: Suspicious driver installation Absent

08/10/2009 20:41:53 Detected: Suspicious driver installation Absent

08/10/2009 20:19:18 Not terminated: Keylogger PowerDVD RC Service

Keylogger activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE

08/10/2009 20:19:18 Detected: Keylogger PowerDVD RC Service Keylogger

activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
08/10/2009 20:19:18 Detected: Keylogger PowerDVD RC Service Keylogger
activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
08/10/2009 20:19:03 Task started Kaspersky Internet Security
Proactive Defense
06/10/2009 22:27:28 Not terminated: Keylogger PowerDVD RC Service
Keylogger activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE

06/10/2009 22:27:28 Detected: Keylogger PowerDVD RC Service Keylogger

activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
06/10/2009 22:27:28 Detected: Keylogger PowerDVD RC Service Keylogger
activity C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
06/10/2009 22:27:09 Task started Kaspersky Internet Security
Proactive Defense
Protection (events: 945)
09/10/2009 22:43:58 Task started Kaspersky Internet Security
Firewall
09/10/2009 22:22:12 Task started Kaspersky Internet Security
 Firewall
09/10/2009 00:23:30 Task started Kaspersky Internet Security
Firewall
08/10/2009 20:19:03 Task started Kaspersky Internet Security
Firewall
06/10/2009 22:27:09 Task started Kaspersky Internet Security
Firewall
Protection (events: 945)
08/10/2009 20:36:25 Task completed Kaspersky Internet Security Virus
Scan
08/10/2009 20:36:23 Task started Kaspersky Internet Security Virus
Scan
06/10/2009 22:36:09 Task completed Kaspersky Internet Security Virus
Scan
06/10/2009 22:36:04 Task started Kaspersky Internet Security Virus
Scan
06/10/2009 22:35:46 Task completed Kaspersky Internet Security Virus
Scan
06/10/2009 22:35:41 Task started Kaspersky Internet Security Virus
Scan
06/10/2009 22:34:24 Task completed Kaspersky Internet Security Virus
Scan
06/10/2009 22:34:11 Task started Kaspersky Internet Security Virus
Scan
06/10/2009 22:33:46 Task completed Kaspersky Internet Security Virus
Scan
06/10/2009 22:33:32 Task started Kaspersky Internet Security Virus
Scan
06/10/2009 22:33:14 Task completed Kaspersky Internet Security Virus
Scan
06/10/2009 22:28:59 Task completed Kaspersky Internet Security Quick
Scan
06/10/2009 22:28:00 Task started Kaspersky Internet Security Virus
Scan
06/10/2009 22:27:09 Task started Kaspersky Internet Security Quick
Scan
Date: Today (events: 945)
Protection (events: 945)
12/10/2009 21:09:16 Untreated: Trojan-Downloader.WMA.GetCodec.a Windows
Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - THINGS CAN
ONLY GET BETTER.MP3 Skipped by user
12/10/2009 21:09:16 Detected: Trojan-Downloader.WMA.GetCodec.a Windows
Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - THINGS CAN
ONLY GET BETTER.MP3
12/10/2009 21:09:15 Untreated: Trojan-Downloader.WMA.GetCodec.c Windows
Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - KYLIE
MINOGUE - YOUR LOVE.MP3 Skipped by user
12/10/2009 21:09:15 Detected: Trojan-Downloader.WMA.GetCodec.c Windows
Media Player E:\CD 1\Occidental\KyLIE MINOGUE\KYLIE MINOGUE - KYLIE
MINOGUE - YOUR LOVE.MP3
12/10/2009 21:09:14 Untreated: Trojan-Downloader.WMA.GetCodec.f Windows
Media Player E:\CD 1\Occidental\JENNEFIER LOPEZ\JENNIFER LOPEZ CD
QUALITY.MP3 Skipped by user
12/10/2009 21:09:13 Detected: Trojan-Downloader.WMA.GetCodec.f Windows
Media Player E:\CD 1\Occidental\JENNEFIER LOPEZ\JENNIFER LOPEZ CD
QUALITY.MP3
Protection (events: 945)
12/10/2009 21:08:38 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:38 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:38 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:38 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:38 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:38 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:37 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:37 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:08:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:50 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
BOITE.EXE Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:50 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
BOITE.EXE Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:50 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
BOITE.EXE Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:33 BOITE.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:17 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:07:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:06:25 Denied: KLPrivileges/KLSelfStart DRVKIT.EXE Autorun
KLPrivileges/KLSelfStart
12/10/2009 21:06:25 DRVKIT.EXE Placed in group Untrusted High value
of threat rating calculated heuristically
12/10/2009 21:06:12 Device Driver Installer Placed in group Low
Restricted High value of threat rating calculated heuristically
12/10/2009 21:06:06 _TMPDGP.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
12/10/2009 21:05:58 DRIVER BACKUP 5-2-2009-23107.EXE Placed in group
Low Restricted High value of threat rating calculated heuristically
12/10/2009 21:05:29 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:05:18 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:04:43 Microsoft Help Center Hosting Server Placed in
group Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
12/10/2009 21:04:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 21:04:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 21:03:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 21:03:59 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 21:02:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\Harddisk1\DP(1)0-0+6
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:02:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\Harddisk1\DP(1)0-0+6
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:02:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\Harddisk1\DP(1)0-0+6
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:02:57 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\Harddisk1\DP(1)0-0+6
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:01:56 Microsoft Office Word Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
12/10/2009 21:01:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
 Explorateur Windows Low level disk access Device\Harddisk1\DP(1)0-0+6
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 21:00:58 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 21:00:49 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:59:24 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUETOOTH USB DONGLE.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
12/10/2009 20:59:24 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown BLUETOOTH
USB DONGLE.MSI Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:59:23 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Setup
Launcher Process start c:\windows\downloaded installations\{f07f29cd-639d-
4a19-8e54-1f5a1bf6cb12}\bluetooth usb dongle.msi
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:59:19 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\windows vista\vista_setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:59:18 Setup Launcher Placed in group Low Restricted
High value of threat rating calculated heuristically
12/10/2009 20:59:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
 KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:59:07 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots AUTORUN.EXE
Take screenshot
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLScreenshots
12/10/2009 20:58:54 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
12/10/2009 20:58:54 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
12/10/2009 20:58:54 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
BLUESOLEIL.MSI Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:58:54 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc SETUP.EXE
Process start e:\windows xp\bluetooth driver\bluesoleil.msi
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:58:47 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\windows xp\bluetooth driver\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:58:39 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:57:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:57:23 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
12/10/2009 20:57:22 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
BLUESOLEIL.MSI Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
12/10/2009 20:57:22 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
BLUESOLEIL.MSI Windows shutdown
 KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:57:22 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc SETUP.EXE
Process start e:\windows xp\bluetooth driver\bluesoleil.msi
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:57:16 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\windows xp\bluetooth driver\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:56:54 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:55:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:55:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
 KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:54:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:53:25 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:50:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Microsoft
Office PowerPoint Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:50:36 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Microsoft
Office PowerPoint Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:50:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:50:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:46:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:46:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:46:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:45:49 COM Surrogate Placed in group Trusted/MICROSOFT
Signed by the digital signature of entrusted manufacturers
12/10/2009 20:45:33 Microsoft Office PowerPoint Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
12/10/2009 20:45:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:45:25 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:45:25 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:45:24 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:45:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:44:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:44:22 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:44:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:44:20 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:44:02 Adobe Reader 8.1 Placed in group Trusted/ADOBE
SYSTEMS Signed by the digital signature of entrusted manufacturers
12/10/2009 20:43:54 Microsoft� HTML Help Executable Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
12/10/2009 20:43:47 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:43 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:40 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:27 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:21 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Internet Explorer Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:43:00 Adobe Reader 8.0 Placed in group Trusted/ADOBE
SYSTEMS Signed by the digital signature of entrusted manufacturers
12/10/2009 20:42:56 Denied: KLSystemData/KLStartupRegKeys/Main_Run EasyPHP
Manager Delete hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
KLSystemData/KLStartupRegKeys/Main_Run
12/10/2009 20:42:47 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc EasyPHP
Manager Process start c:\program files\easyphp1-8\mysql\bin\mysqld.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:42:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:42:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:42:27 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc EasyPHP
Manager Process start c:\program files\easyphp1-8\mysql\bin\mysqld.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:42:27 MYSQLD.EXE Placed in group Low Restricted High
value of threat rating calculated heuristically
12/10/2009 20:42:24 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc APACHE.EXE
Process start c:\program files\easyphp1-8\apache\apache.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:42:23 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc EasyPHP
Manager Process start c:\program files\easyphp1-8\apache\apache.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:42:22 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc CHKAP.BAT
Process start c:\program files\easyphp1-8\apache\apache.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:42:22 APACHE.EXE Placed in group Trusted Known on the
database of the known software
12/10/2009 20:42:21 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc EasyPHP
Manager Process start c:\program files\easyphp1-8\apache\chkap.bat
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:42:21 CHKAP.BAT Placed in group Low Restricted High
value of threat rating calculated heuristically
12/10/2009 20:42:21 EasyPHP Manager Placed in group High Restricted
High value of threat rating calculated heuristically
12/10/2009 20:42:00 Setup/Uninstall Placed in group Low Restricted
High value of threat rating calculated heuristically
12/10/2009 20:42:00 EasyPHP Setup Placed in group Low Restricted
High value of threat rating calculated heuristically
12/10/2009 20:41:34 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:40:13 Microsoft (R) HTML Application host Placed in group
Trusted/MICROSOFT Signed by the digital signature of entrusted manufacturers
12/10/2009 20:40:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:39:50 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:39:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:39:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:36:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:36:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:35:52 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:34:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
WINDOWSDOCTOR.EXE Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
12/10/2009 20:34:06 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
WINDOWSDOCTOR.EXE Access to global memory
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLDirectMemAccess
12/10/2009 20:34:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINDOWSDOCTOR.EXE Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:34:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINDOWSDOCTOR.EXE Low level disk access Device\Harddisk0\DR0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:34:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINDOWSDOCTOR.EXE Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:34:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINDOWSDOCTOR.EXE Low level disk access Device\HarddiskVolume2
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:34:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINDOWSDOCTOR.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:33:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:33:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:31:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:31:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:29:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:29:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:28:14 Denied: KLSystemData/KLStartupRegKeys/Common Startup
WINDOWSDOCTOR.EXE Modification hkey_users\S-1-5-21-484763869-651377827-
682003330-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
12/10/2009 20:28:14 Denied: KLSystemData/KLStartupRegKeys/Common Startup
WINDOWSDOCTOR.EXE Modification hkey_users\S-1-5-21-484763869-651377827-
682003330-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
12/10/2009 20:28:14 Denied: KLSystemData/KLStartupRegKeys/Common Startup
WINDOWSDOCTOR.EXE Modification
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
12/10/2009 20:28:14 Denied: KLSystemData/KLStartupRegKeys/Common Startup
WINDOWSDOCTOR.EXE Modification
 hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
12/10/2009 20:28:12 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
WINDOWSDOCTOR.EXE Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
12/10/2009 20:28:12 Denied:
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
WINDOWSDOCTOR.EXE Setting debug privileges
KLPrivileges/KLPermissionSystem/KLPermissionPrivileges/KLSetDbgPrivilege
12/10/2009 20:28:11 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
Setup/Uninstall Process start c:\program files\windows
doctor\1.6\windowsdoctor.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:28:11 WINDOWSDOCTOR.EXE Placed in group Low Restricted
High value of threat rating calculated heuristically
12/10/2009 20:27:52 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start c:\windows\system32\notepad.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:27:51 Denied: KLSystemData/KLStartupRegKeys/Common Startup
Setup/Uninstall Modification
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
12/10/2009 20:27:51 Denied: KLSystemData/KLStartupRegKeys/Common Startup
Setup/Uninstall Modification hkey_users\S-1-5-21-484763869-651377827-
682003330-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
KLSystemData/KLStartupRegKeys/Common Startup
12/10/2009 20:27:43 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc Windows
Doctor Setup Process start c:\documents and settings\administrateur\local
settings\temp\is-11j2j.tmp\is-m369c.tmp
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:27:43 Setup/Uninstall Placed in group Trusted Known
on the database of the known software
12/10/2009 20:27:42 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\shkeer\system\windows doctor v1.6\windowsdoctor16(1).exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:27:42 Windows Doctor Setup Placed in group Low
Restricted High value of threat rating calculated heuristically
12/10/2009 20:27:30 Allowed:
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc AUTORUN.EXE
Process start e:\shkeer\system\ccleaner v1.40.520\setup.exe
KLPrivileges/KLPermissionAppAccess/KLPermissionProcManage/KLStartProc
12/10/2009 20:27:30 SETUP.EXE Placed in group Trusted/PIRIFORM Signed
by the digital signature of entrusted manufacturers
12/10/2009 20:27:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:27:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:25:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
 Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:25:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:25:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:25:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:25:02 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:25:02 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:25:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:24:10 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:24:10 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Explorateur Windows Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:24:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:24:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:23:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:23:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:22:54 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:22:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:14 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
 KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:11 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:22:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
RealPlayer Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:21:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:21:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:20:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:20:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:19:58 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:18:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:18:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
 Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:18:01 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Windows Media Player Low level disk access Device\CdRom0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:17:37 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
Ex�cuter une DLL en tant qu'application Low level disk access
Device\Harddisk0\DR0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:17:22 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:17:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:17:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:16:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\Harddisk0\DR0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:16:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:15:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:15:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:15:22 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:14:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:14:30 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:14:27 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
 Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:13:56 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:13:20 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\Harddisk0\DR0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:13:20 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:13:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:13:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:13:13 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:13:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\Harddisk0\DR0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:13:12 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:13:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:13:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\Harddisk0\DR0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:13:04 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:12:55 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:12:52 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
WINNT32.EXE Low level disk access Device\Harddisk0\DR0
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:12:52 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
 WINNT32.EXE Low level disk access Device\HarddiskVolume1
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLLLDiskAccess
12/10/2009 20:12:46 WINNT32.EXE Placed in group Trusted/MICROSOFT Signed
by the digital signature of entrusted manufacturers
12/10/2009 20:12:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:12:15 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:11:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:11:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:10:50 SETUP.EXE Placed in group Trusted/MICROSOFT Signed
by the digital signature of entrusted manufacturers
12/10/2009 20:10:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:10:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:08:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:08:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:08:41 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:07:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:07:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:07:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
Ex�cuter une DLL en tant qu'application Access to critical system objects
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLCriticalCOMAccess
12/10/2009 20:07:08 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Ex�cuter une
DLL en tant qu'application Windows shutdown
 KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:06:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:06:45 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:06:32 Flash 6.0 r25 Placed in group Low Restricted
High value of threat rating calculated heuristically
12/10/2009 20:06:19 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
Explorateur Windows Access to internal browser data

KLPrivileges/KLPermissionSystem/KLPermissionSysObjAccess/KLShellWindowsAcceess
12/10/2009 20:06:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:06:00 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:05:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:05:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
12/10/2009 20:05:05 Allowed:
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown Explorateur
Windows Windows shutdown
KLPrivileges/KLPermissionSystem/KLPermissionStrange/KLWindowsShutDown
Protection (events: 945)
12/10/2009 20:32:05 Denied WINDOWSDOCTOR.EXE Modification

REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\profiles\Statistics\settings
\def
12/10/2009 20:32:05 Denied WINDOWSDOCTOR.EXE Modification

REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\profiles\Hips\settings\Appli
cation\Childs\0001\Childs\0017
12/10/2009 20:32:05 Denied WINDOWSDOCTOR.EXE Modification

REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\profiles\Hips\settings\Appli
cation\Childs\0001\Childs\0018
12/10/2009 20:32:05 Denied WINDOWSDOCTOR.EXE Modification

REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\profiles\Hips\settings\Appli
cation\Childs\0002\Childs\0004
12/10/2009 20:32:05 Denied WINDOWSDOCTOR.EXE Modification

REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\profiles\Hips\settings\Appli
cation\Childs\0002\Childs\0005
12/10/2009 20:32:05 Denied WINDOWSDOCTOR.EXE Modification
REGISTRY\MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\profiles\Hips\settings\Appli
cation\Childs\0000\Childs\0000\Childs\0033
Protection (events: 945)
12/10/2009 21:01:08 Task completed Kaspersky Internet Security Virus
Scan
12/10/2009 21:01:07 Task started Kaspersky Internet Security Virus
Scan
12/10/2009 21:01:03 Task completed Kaspersky Internet Security Virus
Scan
12/10/2009 21:01:03 Task started Kaspersky Internet Security Virus
Scan
12/10/2009 20:16:27 Task completed Kaspersky Internet Security Virus
Scan
12/10/2009 20:16:26 Task started Kaspersky Internet Security Virus
Scan