Vino's Event Viewer v01c run on Windows 2008 in English Report run at 14/03/2016 6:48:35 PM Note: All dates below are in the format dd/mm/yyyy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'Application' Log - Critical Type ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'Application' Log - Error Type ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 'Application' Log - Warning Type ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Log: 'Application' Date/Time: 14/03/2016 5:41:58 PM Type: Warning Category: 3 Event: 3086 Source: Microsoft-Windows-Search The system locale has changed. Existing data will be deleted and the index must be recreated. Context: Application, SystemIndex Catalog Log: 'Application' Date/Time: 14/03/2016 5:41:39 PM Type: Warning Category: 1 Event: 1000 Source: ISCTAgent ISCT - CAgentService::AgentServiceInit iSCT 3.0 BIOS implementation was not detected - fall back to support 2.x functionality Log: 'Application' Date/Time: 14/03/2016 5:41:39 PM Type: Warning Category: 1 Event: 1000 Source: ISCTAgent ISCT - CAgentService::AgentServiceInit NetDetect is now disabled since this is not a mobile platform Log: 'Application' Date/Time: 14/03/2016 5:40:07 PM Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-2278087175-315393774-4205556306-1000_Classes: Process 3548 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000_CLASSES Log: 'Application' Date/Time: 14/03/2016 5:40:07 PM Type: Warning Category: 0 Event: 1530 Source: Microsoft-Windows-User Profiles Service Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 17 user registry handles leaked from \Registry\User\S-1-5-21-2278087175-315393774-4205556306-1000: Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000 Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000 Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000 Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000 Process 3548 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000 Process 852 (\Device\HarddiskVolume2\Windows\System32\services.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000 Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\SystemCertificates\Root Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\SystemCertificates\trust Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\SystemCertificates\My Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\SystemCertificates\CA Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Policies\Microsoft\SystemCertificates Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Policies\Microsoft\SystemCertificates Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Policies\Microsoft\SystemCertificates Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Policies\Microsoft\SystemCertificates Process 1808 (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-2278087175-315393774-4205556306-1000\Software\Microsoft\SystemCertificates\Disallowed Log: 'Application' Date/Time: 14/03/2016 5:16:04 PM Type: Warning Category: 1 Event: 1000 Source: ISCTAgent ISCT - CAgentService::AgentServiceInit iSCT 3.0 BIOS implementation was not detected - fall back to support 2.x functionality Log: 'Application' Date/Time: 14/03/2016 5:16:04 PM Type: Warning Category: 1 Event: 1000 Source: ISCTAgent ISCT - CAgentService::AgentServiceInit NetDetect is now disabled since this is not a mobile platform