Your IP : 192.168.165.1


Current Path : C:/Users/Administrator/AppData/Local/Temp/
Upload File :
Current File : C:/Users/Administrator/AppData/Local/Temp/ucaevents.log


04/09/21 19:35:44 GetSettingsVersion: entry point

04/09/21 19:35:44 GetSettingsVersion: can't open Software\KasperskyLab\protected\KES10SP2\settings: 0x00000002

04/09/21 19:35:44 GetSettingsVersion: can't open Software\KasperskyLab\protected\KES10SP2\environment: 0x00000002

04/09/21 19:35:44 GetSettingsVersion: SettingsVersion get from ProductVersion property: 10.3.0.6294

04/09/21 19:35:44 GetSettingsVersion: return point

04/09/21 19:35:44 Action start : SetSTATUSProp.

04/09/21 19:35:44 Action ended : SetSTATUSProp. Return value 0.

04/09/21 19:35:44 InitKAVUnPasswd entry point

04/09/21 19:35:44 Use new login.

04/09/21 19:35:46 FixExclusionsEnumeration: entry point

04/09/21 19:35:50 Action start : SetOS4Updater.

04/09/21 19:35:50 GetOsVersionNumbers, windows version from NT dll: major: 10, minor: 0, build: 14393

04/09/21 19:35:50 GetOsVersionNumbers EXIT

04/09/21 19:35:50 SetOS4Updater: WinSP = 0

04/09/21 19:35:50 SetOS4Updater: WinType  = 3

04/09/21 19:35:50 SetOS4Updater: WinX64  = 603

04/09/21 19:35:50 SetOS4Updater: final verdict OSFORUPDATER Win-1000-S-0

04/09/21 19:35:50 SetOS4Updater: final verdict SYSARCHFORUPDATER x64

04/09/21 19:35:50 SetOS4Updater: final verdict ARCHFORUPDATER i386

04/09/21 19:35:50 MakeMachineID entry point

04/09/21 19:35:52 SetServiceRestart: entry point

04/09/21 19:35:52 SetServiceRestart: Service name  = AVP

04/09/21 19:35:52 SetServiceRestart: Set = no

04/09/21 19:35:52 SetServiceRestartImpl: entry point

04/09/21 19:35:52 Get context returned 1. Error: 0x80070002

04/09/21 19:35:52 Failed to get context.

04/09/21 19:35:52 RegisterDriver: OpenService failed: 0x00000424

04/09/21 19:35:52 SetServiceRestart: return point 1603

04/09/21 19:35:57 The service 'klif' started.

04/09/21 19:35:57 Action start : CheckDriverKlifAvailable.

04/09/21 19:35:57 CheckDriverKlifAvailable: check succeeded. Service available.

04/09/21 19:35:57 Action ended : CheckDriverKlifAvailable. Return value 0.

04/09/21 19:36:01 AddLicenseFile Unicode entry point

04/09/21 19:36:01 Srcdir C:\Users\Administrator\Desktop\kasper\

04/09/21 19:36:01 Targetdir C:\Users\ADMINI~1\AppData\Local\Temp\{3AD0B374-17DB-4073-ADA1-1DE3489F3409}\

04/09/21 19:36:01 FindFirstFile *.key

04/09/21 19:36:01 The first file found is 553DEF76.key

04/09/21 19:36:01 Copy file successful.

04/09/21 19:36:01 FindFirstFile *.eyk

04/09/21 19:36:01 FindFirstFile failed. Invalid File Handle. GetLastError reports 2


04/09/21 19:36:01 AddLicenseFile return point

04/09/21 19:36:01 AddLicenseFile Unicode entry point

04/09/21 19:36:01 Srcdir C:\Users\ADMINI~1\AppData\Local\Temp\{3AD0B374-17DB-4073-ADA1-1DE3489F3409}\

04/09/21 19:36:01 Targetdir C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\

04/09/21 19:36:01 FindFirstFile *.key

04/09/21 19:36:01 The first file found is 553DEF76.key

04/09/21 19:36:01 Copy file successful.

04/09/21 19:36:01 FindFirstFile *.eyk

04/09/21 19:36:01 FindFirstFile failed. Invalid File Handle. GetLastError reports 2


04/09/21 19:36:01 AddLicenseFile return point

04/09/21 19:36:01 Action start : CopyFolderDeferred.

04/09/21 19:36:01 CopyFolderImpl: Unicode entry point

04/09/21 19:36:01 CopyFilesEx: (ca_error) FindFirstFileW failed 'C:\ProgramData\Kaspersky Lab\KES8\QB\\*':0x00000003

04/09/21 19:36:01 CopyFolderImpl: (ca_error) unable to copy from C:\ProgramData\Kaspersky Lab\KES8\QB\ to C:\ProgramData\Kaspersky Lab\KES10SP2\QB\.

04/09/21 19:36:01 Action ended : CopyFolderDeferred. Return value 3.

04/09/21 19:36:01 Action start : CopyFolderDeferred.

04/09/21 19:36:01 CopyFolderImpl: Unicode entry point

04/09/21 19:36:01 CopyFilesEx: (ca_error) FindFirstFileW failed 'C:\ProgramData\Kaspersky Lab\KES10\QB\\*':0x00000003

04/09/21 19:36:01 CopyFolderImpl: (ca_error) unable to copy from C:\ProgramData\Kaspersky Lab\KES10\QB\ to C:\ProgramData\Kaspersky Lab\KES10SP2\QB\.

04/09/21 19:36:01 Action ended : CopyFolderDeferred. Return value 3.

04/09/21 19:36:11 Action start : SetKlwfpParameters.

04/09/21 19:36:11 Action ended : SetKlwfpParameters. Return value 1.

04/09/21 19:36:34 MakeINSTALLBASESID: GH succeeded, result: 1567611824

04/09/21 19:36:34 MakeINSTALLBASESID: returning ERROR_SUCCESS

04/09/21 19:36:34 Get context returned 1. Error: 0x00000000

04/09/21 19:36:34 Registered (36120).

04/09/21 19:36:34 SetDoNotAllowServiceStop: entry point

04/09/21 19:36:34 SetDoNotAllowServiceStop: set AllowServiceStop to 0

04/09/21 19:36:34 Unregistered (36120).

04/09/21 19:36:34 SetInsOSver entry point

04/09/21 19:36:34 GetOsVersionNumbers, windows version from NT dll: major: 10, minor: 0, build: 14393

04/09/21 19:36:34 GetOsVersionNumbers EXIT

04/09/21 19:36:34 SetInsOSVer: WinVersion  = 1000

04/09/21 19:36:41 Action start : EnableRebootPending.

04/09/21 19:36:41 Action ended : EnableRebootPending. Return value 1.

04/09/21 19:36:42 SetServiceRestart: entry point

04/09/21 19:36:42 SetServiceRestart: Service name  = AVP

04/09/21 19:36:42 SetServiceRestart: Set = yes

04/09/21 19:36:42 SetServiceRestartImpl: entry point

04/09/21 19:36:42 Get context returned 1. Error: 0x00000000

04/09/21 19:36:42 Registered (36120).

04/09/21 19:36:42 SetServiceRestartImpl: exit success

04/09/21 19:36:42 Unregistered (36120).

04/09/21 19:36:42 SetServiceRestart: return point 0

04/09/21 19:36:42 SetLSPApplicationCategory: entry point

04/09/21 19:36:42 SetLSPApplicationCategory: setting LSP category for application C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe failed

04/09/21 19:36:42 CheckExecutability: Unicode entry point (deferred)

04/09/21 19:36:42 Get context returned 1. Error: 0x00000000

04/09/21 19:36:42 Registered (36120).

04/09/21 19:36:42 CheckExecutability: CreateProcess name='C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe' res=1 err=b7 pid=b3c0 tid=a99c

04/09/21 19:36:44 FindProcess(avp.exe) - found

04/09/21 19:36:44 CheckExecutability: TerminateProcess: res=1 err=b7

04/09/21 19:36:44 Unregistered (36120).

04/09/21 19:36:46 FlushRegistry: entry point

04/09/21 19:36:46 FlushRegistry: retutn point

04/09/21 19:36:46 Action start : RemoveFolderImmediate.

04/09/21 19:36:46 RemoveFolderImpl: Unicode entry point

04/09/21 19:36:46 DeleteDirectoryExW: \\?\C:\Users\ADMINI~1\AppData\Local\Temp\{3AD0B374-17DB-4073-ADA1-1DE3489F3409} recursively

04/09/21 19:36:46 DeleteDirectoryExW: \\?\C:\Users\ADMINI~1\AppData\Local\Temp\{3AD0B374-17DB-4073-ADA1-1DE3489F3409}\553DEF76.key

04/09/21 19:36:46 DeleteDirectoryExW: exit point

04/09/21 19:36:46 Action ended : RemoveFolderImmediate. Return value 1.

04/09/21 19:36:46 Action start : ExecImmediate.

04/09/21 19:36:46 ExecCommon: CommandLine = "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe"

04/09/21 19:36:46 ExecCommon: CurrentDir  = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\

04/09/21 19:36:46 ExecCommon: Wait        = no

04/09/21 19:36:46 ExecCommon: WaitTimeOut = 

04/09/21 19:36:46 ExecCommon: Username    = Administrator

04/09/21 19:36:46 Exec: enter, timeout: 641481

04/09/21 19:36:46 Exec: start timer waiting cycle

04/09/21 19:36:46 Exec launched pid: 38892, "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe"

04/09/21 19:36:46 Exec do not wait for the launched process, exiting successfully

04/09/21 19:36:46 ExecCommon: process started

04/09/21 19:36:46 Action ended : ExecImmediate. Return value 0.

04/11/21 21:11:58 SetIsKAVUnPasswd entry point

04/11/21 21:11:58 SetIsKAVUnPasswd: password protection on uninstall disabled.

04/11/21 21:12:01 Action start : SetSTATUSProp.

04/11/21 21:12:01 Action ended : SetSTATUSProp. Return value 0.

04/11/21 21:12:01 InitKAVUnPasswd entry point

04/11/21 21:12:01 Use previous login.

04/11/21 21:12:03 FixExclusionsEnumeration: entry point

04/11/21 21:12:03 Action start : RemoveRegistryKey.

04/11/21 21:12:03 RemoveRegistryKey: root value is 0x00000002

04/11/21 21:12:03 INSERT INTO `Registry` (`Registry`,`Root`,`Key`,`Name`,`Value`,`Component_`) VALUES ('A0C64BA4F0B24FC882B36616D8615B06',2,'SOFTWARE\KasperskyLab\protected\WmiHlp','-','','MainRootComponent') TEMPORARY

04/11/21 21:12:03 Action ended : RemoveRegistryKey. Return value 1.

04/11/21 21:12:23 SaveSettings entry point

04/11/21 21:12:23 Copy file successful.

04/11/21 21:12:23 SaveSettings return point

04/11/21 21:12:23 SetServiceRestart: entry point

04/11/21 21:12:23 SetServiceRestart: Service name  = AVP

04/11/21 21:12:23 SetServiceRestart: Set = no

04/11/21 21:12:23 SetServiceRestartImpl: entry point

04/11/21 21:12:23 Get context returned 1. Error: 0x00000000

04/11/21 21:12:23 Registered (1108).

04/11/21 21:12:23 SetServiceRestartImpl: exit success

04/11/21 21:12:23 Unregistered (1108).

04/11/21 21:12:23 SetServiceRestart: return point 0

04/11/21 21:12:23 Exec: enter, timeout: 300000

04/11/21 21:12:23 Exec: start timer waiting cycle

04/11/21 21:12:23 Exec launched pid: 5108, "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe" -e -nsp

04/11/21 21:12:23 Exec start waiting for launched process

04/11/21 21:12:23 Exec stop waiting for launched process, waitRes: 1

04/11/21 21:12:23 Exec trial 1, process 5108 finished, retcode: 0x00000000

04/11/21 21:12:23 Exec process successfully finished, exit success

04/11/21 21:12:23 Action start : ExecDeferred.

04/11/21 21:12:23 ExecCommon: CommandLine = "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe" -u -nsp

04/11/21 21:12:23 ExecCommon: CurrentDir  = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\

04/11/21 21:12:23 ExecCommon: Wait        = yes

04/11/21 21:12:23 ExecCommon: WaitTimeOut = 

04/11/21 21:12:23 ExecCommon: Username    = SYSTEM

04/11/21 21:12:23 Exec: enter, timeout: 641481

04/11/21 21:12:23 Exec: start timer waiting cycle

04/11/21 21:12:23 Exec launched pid: 4384, "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe" -u -nsp

04/11/21 21:12:23 Exec start waiting for launched process

04/11/21 21:12:23 Exec stop waiting for launched process, waitRes: 1

04/11/21 21:12:23 Exec trial 1, process 4384 finished, retcode: 0x00000000

04/11/21 21:12:23 Exec process successfully finished, exit success

04/11/21 21:12:23 Action ended : ExecDeferred. Return value 0.

04/11/21 21:12:26 Action start : RemoveKlwfpParameters.

04/11/21 21:12:26 Action ended : RemoveKlwfpParameters. Return value 1.

04/11/21 21:12:29 Action start : DisableFidbox.

04/11/21 21:12:29 Action ended : DisableFidbox. Return value 0.

04/11/21 21:12:29 Action start : CleanSystemVolumeInfo.

04/11/21 21:12:29 RemoveUpdaterList: entry point

04/11/21 21:12:29 RemoveUpdaterList: can't read next reg value 0000: 0x00000002

04/11/21 21:12:29 RemoveUpdaterList: finished

04/11/21 21:12:32 RemoveAllUsersRegKey: users key opened with error: 0

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey .DEFAULT\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey S-1-5-19\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey S-1-5-20\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey S-1-5-21-389664355-426879344-1444207994-500\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey S-1-5-21-389664355-426879344-1444207994-500_Classes\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey TEMP_0\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey TEMP_1\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey TEMP_2\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey TEMP_3\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey TEMP_4\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey TEMP_5\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteKey S-1-5-18\SOFTWARE\KasperskyLab\protected\KES10SP2. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: users key opened with error: 0

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey .DEFAULT\SOFTWARE\KasperskyLab\protected. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-19\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-20\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-21-389664355-426879344-1444207994-500\SOFTWARE\KasperskyLab\protected. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-21-389664355-426879344-1444207994-500_Classes\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_0\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_1\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_2\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_3\SOFTWARE\KasperskyLab\protected. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_4\SOFTWARE\KasperskyLab\protected. Error 0.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_5\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:32 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-18\SOFTWARE\KasperskyLab\protected. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: users key opened with error: 0

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey .DEFAULT\Software\KasperskyLab. Error 0.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-19\Software\KasperskyLab. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-20\Software\KasperskyLab. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-21-389664355-426879344-1444207994-500\Software\KasperskyLab. Error 0.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-21-389664355-426879344-1444207994-500_Classes\Software\KasperskyLab. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_0\Software\KasperskyLab. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_1\Software\KasperskyLab. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_2\Software\KasperskyLab. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_3\Software\KasperskyLab. Error 0.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_4\Software\KasperskyLab. Error 0.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey TEMP_5\Software\KasperskyLab. Error 2.

04/11/21 21:12:33 RemoveAllUsersRegKey: DeleteEmptyKey S-1-5-18\Software\KasperskyLab. Error 2.

04/11/21 21:12:38 Action start : RemoveFilesDeferred.

04/11/21 21:12:38 RemoveFilesImpl: 'C:\Windows\SysWOW64\Drivers\ISwift3.dat' in 'C:\Windows\SysWOW64\Drivers\'

04/11/21 21:12:38 RemoveFilesImpl: failed to find file C:\Windows\SysWOW64\Drivers\ISwift3.dat. Error 2.

04/11/21 21:12:38 Action ended : RemoveFilesDeferred. Return value 1.

04/11/21 21:12:38 Action start : RemoveFilesX64Deferred.

04/11/21 21:12:38 RemoveFilesX64Deferred: GetSystemDirectory = C:\Windows\\System32\Drivers\ISwift3.dat

04/11/21 21:12:38 RemoveFilesImpl: 'C:\Windows\\System32\Drivers\ISwift3.dat' in 'C:\Windows\\System32\Drivers\'

04/11/21 21:12:38 RemoveFilesImpl: failed to find file C:\Windows\\System32\Drivers\ISwift3.dat. Error 2.

04/11/21 21:12:38 Action ended : RemoveFilesX64Deferred. Return value 1.

04/11/21 21:12:39 Action start : ExecDeferred.

04/11/21 21:12:39 ExecCommon: CommandLine = "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\avp.exe" -wmi

04/11/21 21:12:39 ExecCommon: CurrentDir  = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP2\

04/11/21 21:12:39 ExecCommon: Wait        = yes

04/11/21 21:12:39 ExecCommon: WaitTimeOut = 

04/11/21 21:12:39 ExecCommon: Username    = SYSTEM

04/11/21 21:12:39 Exec: enter, timeout: 641481

04/11/21 21:12:39 Exec: start timer waiting cycle

04/11/21 21:12:39 Exec CreateProcess failed, error: 0x00000002

04/11/21 21:12:39 ExecCommon: CreateProcess failed: 0x000000B7

04/11/21 21:12:39 Action ended : ExecDeferred. Return value 1603.

04/11/21 21:12:39 Action start : EnableRebootPending.

04/11/21 21:12:39 Action ended : EnableRebootPending. Return value 1.

04/11/21 21:12:39 FlushRegistry: entry point

04/11/21 21:12:39 FlushRegistry: retutn point

04/11/21 21:12:41 Action start : RemoveFolderImmediate.

04/11/21 21:12:41 RemoveFolderImpl: Unicode entry point

04/11/21 21:12:41 DeleteDirectoryExW: \\?\C:\Users\ADMINI~1\AppData\Local\Temp\{E6716D7C-8AEF-4192-B80D-3C40A613B613} recursively

04/11/21 21:12:41 DeleteDirectoryExW: exit point

04/11/21 21:12:41 Action ended : RemoveFolderImmediate. Return value 1.