araab
(Ciulas16)
#1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:32, on 2008-01-26
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
F:\programy\3dsmax\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: XBTP01621 Class - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~1\BEARSH~1\MediaBar.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TrayMin210.exe.lnk = ?
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - F:\programy\3dsmax\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 6888 bytes
Skan ComboFix:
ComboFix 08-01-23.1C - Kacper 2008-01-26 11:33:19.2 - [color=red][b]FAT32[/b][/color]x86
araab
(Ciulas16)
#3
nie moge wlaczyc trybu awaryjnego bo gdy zaczyna sie ladowac, to komputer sie restartuje.
Wlaczylem sdfixa, mial mozliwosci sciagniecia roznego softu, ale to zostawilem i wcisnalem ‘A’(create system report), wypluł to:
System Report
*************
Run on 2008-01-26 at 14:40
Microsoft Windows XP [Wersja 5.1.2600]
Current user is an administrator
Running Processes:
\SystemRoot\System32\smss.exe [804]
\??\C:\WINDOWS\system32\csrss.exe [864]
\??\C:\WINDOWS\system32\winlogon.exe [896]
C:\WINDOWS\system32\services.exe [940]
C:\WINDOWS\system32\lsass.exe [952]
C:\WINDOWS\system32\svchost.exe [1112]
C:\WINDOWS\system32\svchost.exe [1168]
C:\WINDOWS\System32\svchost.exe [1264]
C:\WINDOWS\System32\svchost.exe [1300]
C:\WINDOWS\System32\svchost.exe [1388]
C:\WINDOWS\system32\spoolsv.exe [1448]
C:\WINDOWS\Explorer.EXE [1760]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [1868]
C:\Program Files\Winamp\winampa.exe [1880]
C:\WINDOWS\VM_STI.EXE [1888]
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [1896]
C:\Documents and Settings\Kacper\Dane aplikacji\m\flec006.exe [1912]
C:\Program Files\Gadu-Gadu\gg.exe [1920]
C:\WINDOWS\system32\ctfmon.exe [1944]
C:\Program Files\eMule\emule.exe [1956]
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe [260]
C:\Program Files\Last.fm\LastFMHelper.exe [288]
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [484]
C:\Program Files\Bonjour\mDNSResponder.exe [520]
F:\programy\3dsmax\mentalray\satellite\raysat_3dsmax9_32server.exe [632]
C:\Program Files\MioNet\MioNetManager.exe [916]
C:\Program Files\CDBurnerXP\NMSAccessU.exe [1132]
C:\Program Files\MioNet\jvm\bin\MioNet.exe [1244]
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [1252]
C:\WINDOWS\System32\svchost.exe [756]
C:\WINDOWS\system32\wdfmgr.exe [1560]
C:\WINDOWS\System32\alg.exe [2320]
C:\Program Files\Mozilla Firefox\firefox.exe [548]
Drivers - Running:
ACPI
ADIHdAudAddService
AEAudio
AFD
AmdK8
Arp1394
atapi
ati2mtag
atksgt
audstub
Beep
catchme
Cdfs
Cdrom
Disk
dmio
dmload
eeCtrl
Fastfat
Fdc
Fips
FltMgr
Ftdisk
Gpc
HdAudAddService
HDAudBus
HTTP
i8042prt
Imapi
IpNat
IPSec
isapnp
Kbdclass
KSecDD
lirsgt
mnmdd
Mouclass
MountMgr
MRxDAV
MRxSmb
Msfs
mssmbios
MTsensor
Mup
NDIS
NdisTapi
NdisWan
NDProxy
NetBIOS
NetBT
NIC1394
Npfs
Ntfs
Null
nvata
NVENETFD
nvnetbus
ohci1394
Parport
PartMgr
ParVdm
PCI
PCIIde
Pnp680r
PptpMiniport
PSched
Ptilink
PxHelp20
RasAcd
Rasl2tp
RasPppoe
Raspti
Rdbss
RDPCDD
rdpdr
redbook
rtl8139
SenFiltService
serenum
Serial
sptd
sr
Srv
swenum
sysaudio
Tcpip
TermDD
Update
usbehci
usbhub
usbohci
VgaSave
VolSnap
Wanarp
wdmaud
ZSMC301b
Drivers - Stopped:
Abiosdsk
abp480n5
ACPIEC
adpu160m
aec
Aha154x
aic78u2
aic78xx
AliIde
amsint
asc
asc3350p
asc3550
AsyncMac
Atdisk
Atmarpc
cbidf2k
CCDECODE
cd20xrnt
Cdaudio
Changer
CmdIde
Cpqarray
dac960nt
dmboot
DMusic
dpti2o
drmkaud
Flpydisk
hidusb
hpn
i2omgmt
i2omp
IKFileSec
IKSysFlt
ini910u
IntelIde
ip6fw
IpFilterDriver
IpInIp
IRENUM
kmixer
lbrtfdc
Modem
mouhid
mraid35x
MSKSSRV
MSPCLOCK
MSPQM
MSTEE
NABTSFEC
NdisIP
Ndisuio
nm
NPF
NwlnkFlt
NwlnkFwd
PCIDump
Pcmcia
PDCOMP
PDFRAME
PDRELI
PDRFRAME
perc2
perc2hib
Processor
ql1080
Ql10wnt
ql12160
ql1240
ql1280
RDPWD
Secdrv
Sfloppy
Simbad
SLIP
Sparrow
splitter
streamip
swmidi
symc810
symc8xx
SYMIDSCO
sym_hi
sym_u3
TDPIPE
TDTCP
TosIde
Udfs
ultra
usbscan
USBSTOR
ViaIde
WDICA
WpdUsb
WSTCODEC
Services - Running:
ALG
AudioSrv
Autodesk Licensing Service
BITS
Bonjour Service
Browser
CryptSvc
DcomLaunch
Dhcp
dmserver
Dnscache
ERSvc
Eventlog
EventSystem
helpsvc
lanmanserver
lanmanworkstation
LmHosts
mi-raysat_3dsmax9_32
MioNet
Netman
Nla
NMSAccessU
PlugPlay
PolicyAgent
ProtectedStorage
RasMan
RemoteRegistry
RpcSs
SamSs
Schedule
seclogon
SENS
SharedAccess
ShellHWDetection
Spooler
srservice
SSDPSRV
StarWindServiceAE
stisvc
TapiSrv
TermService
Themes
TrkWks
UMWdf
W32Time
WebClient
winmgmt
wscsvc
wuauserv
Services - Stopped:
Alerter
AppMgmt
aspnet_state
Ati HotKey Poller
ATI Smart
CiSvc
ClipSrv
clr_optimization_v2.0.50727_32
COMSysApp
dmadmin
FastUserSwitchingCompatibility
FLEXnet Licensing Service
HidServ
HTTPFilter
ImapiService
Messenger
mnmsrvc
MSDTC
MSIServer
NetDDE
NetDDEdsdm
Netlogon
NtLmSsp
NtmsSvc
PnkBstrA
PnkBstrB
RasAuto
RDSessMgr
RemoteAccess
rpcapd
RpcLocator
RSVP
SCardSvr
SwPrv
SysmonLog
TlntSvr
upnphost
UPS
VSS
WmdmPmSN
Wmi
WmiApSrv
WZCSVC
xmlprov
Files Created/Modified - 60 Days :
C:\
2008-01-26 14:32:58 2 145 386 496 A.SH. "C:\pagefile.sys"
2008-01-26 0:00:00 223 ..SHR "C:\boot.ini"
2007-12-03 17:48:56 11 002 A.... "C:\index.php"
2007-12-15 21:44:54 5 120 A.SH. "C:\Thumbs.db"
2007-12-25 19:57:20 226 164 A.... "C:\zrzut.JPG"
2007-12-26 23:58:16 155 035 A.... "C:\ciastka.txt"
2007-12-26 21:09:56 2 777 A.... "C:\czysc_zera.php"
2007-12-27 10:09:40 2 777 A.... "C:\klucz_gen.php"
2007-12-28 22:17:38 80 054 A.... "C:\extraporn.JPG"
2008-01-11 21:42:08 4 333 568 A.... "C:\dajmisiebie.mp3"
2007-12-25 13:08:02 421 266 A.... "C:\IMG_0111.jpg"
2008-01-11 19:18:26 388 327 ..... "C:\IMG_0117.jpg"
2008-01-26 14:30:34 90 556 A.... "C:\mksbasel.cpp.log"
2008-01-26 11:39:34 10 958 A.... "C:\ComboFix.txt"
C:\WINDOWS\
2008-01-26 11:38:12 227 A.... "C:\WINDOWS\system.ini"
2008-01-26 0:00:00 923 A.... "C:\WINDOWS\win.ini"
2008-01-25 20:19:22 176 844 A.... "C:\WINDOWS\setupact.log"
2008-01-26 14:30:40 50 A.... "C:\WINDOWS\wiaservc.log"
2008-01-26 14:33:44 159 A.... "C:\WINDOWS\wiadebug.log"
2007-12-15 21:45:04 44 032 A.SH. "C:\WINDOWS\Thumbs.db"
2008-01-18 23:27:28 273 A.... "C:\WINDOWS\game.ini"
2008-01-13 13:09:06 78 762 A.... "C:\WINDOWS\ntbtlog.txt"
2008-01-26 14:33:06 2 048 A.S.. "C:\WINDOWS\bootstat.dat"
2008-01-26 14:30:40 32 572 A.... "C:\WINDOWS\SchedLgU.Txt"
2008-01-26 14:33:56 0 A.... "C:\WINDOWS\0.log"
2008-01-25 23:43:30 51 A.... "C:\WINDOWS\bestplayer.bpp"
2008-01-25 23:43:30 1 796 A.... "C:\WINDOWS\bestplayer.ini"
2008-01-25 23:43:30 3 808 A.... "C:\WINDOWS\bestplayer.bbt"
2008-01-25 19:12:54 58 A.... "C:\WINDOWS\FirewallPlus3Setup.log"
2008-01-05 22:59:12 24 612 A.... "C:\WINDOWS\wmsetup.log"
2008-01-26 14:30:42 1 686 516 A.... "C:\WINDOWS\WindowsUpdate.log"
2007-12-26 13:12:44 331 759 A.... "C:\WINDOWS\DirectX.log"
2008-01-21 13:21:30 418 409 A.... "C:\WINDOWS\setupapi.log"
2008-01-15 18:34:46 2 206 A.... "C:\WINDOWS\system32\wpa.dbl"
2008-01-04 18:14:16 1 543 064 A.... "C:\WINDOWS\system32\FNTCACHE.DAT"
2008-01-20 18:27:48 13 312 A.... "C:\WINDOWS\system32\BASSMOD.dll"
2008-01-26 10:42:58 5 401 A.... "C:\WINDOWS\system32\ban_list.txt"
2008-01-26 10:42:50 70 660 A.... "C:\WINDOWS\system32\mdelk.exe"
2007-12-15 21:45:04 7 680 A.SH. "C:\WINDOWS\system32\Thumbs.db"
2007-12-24 19:29:44 43 520 A.... "C:\WINDOWS\system32\CmdLineExt03.dll"
2008-01-18 23:27:32 66 872 A.... "C:\WINDOWS\system32\PnkBstrA.exe"
2008-01-18 23:27:42 103 736 A.... "C:\WINDOWS\system32\PnkBstrB.exe"
2007-12-26 22:56:20 10 820 A..H. "C:\WINDOWS\Help\update.GID"
2007-12-15 21:45:02 7 168 A.SH. "C:\WINDOWS\Web\Thumbs.db"
2008-01-26 14:39:56 0 A.... "C:\WINDOWS\TEMP\scs5.tmp"
2008-01-26 14:33:06 0 A.... "C:\WINDOWS\Debug\PASSWD.LOG"
2007-12-15 21:45:04 5 120 A.SH. "C:\WINDOWS\ShellNew\Thumbs.db"
2008-01-26 11:35:44 110 A.... "C:\WINDOWS\erdnt\CFrecovery.bat"
2008-01-26 14:33:08 6 A..H. "C:\WINDOWS\Tasks\SA.DAT"
2007-12-15 21:45:02 5 120 A.SH. "C:\WINDOWS\$NtServicePackUninstall$\Thumbs.db"
2007-12-15 21:45:02 5 632 A.SH. "C:\WINDOWS\ASUSInstAll\Thumbs.db"
2008-01-25 16:05:48 102 400 A.... "C:\WINDOWS\Minidump\Mini012508-01.dmp"
2008-01-25 19:10:52 102 400 A.... "C:\WINDOWS\Minidump\Mini012508-02.dmp"
2008-01-26 10:40:04 102 400 A.... "C:\WINDOWS\Minidump\Mini012608-01.dmp"
2008-01-26 0:00:00 223 ..... "C:\WINDOWS\pss\boot.ini.backup"
2007-12-24 19:29:40 1 407 ..... "C:\WINDOWS\pss\RollerCoaster Tycoon 3 Registration.lnkStartup"
2008-01-26 14:33:08 64 A.S.. "C:\WINDOWS\CSC\00000001"
2008-01-25 19:11:04 64 A.S.. "C:\WINDOWS\CSC\csc1.tmp"
2008-01-25 19:21:04 64 A.S.. "C:\WINDOWS\CSC\00000002"
2008-01-18 23:27:56 22 328 A.... "C:\WINDOWS\system32\drivers\PnkBstrK.sys"
2008-01-26 11:19:22 70 144 A.... "C:\WINDOWS\system32\dllcache\sysinfo.exe"
2008-01-26 11:19:22 14 848 A.... "C:\WINDOWS\system32\dllcache\register.exe"
2007-12-05 17:48:08 3 950 A.... "C:\WINDOWS\security\logs\scecomp.old"
2007-12-05 17:48:08 3 153 920 A.... "C:\WINDOWS\security\Database\secedit.sdb"
2007-12-17 0:10:08 309 228 A.... "C:\WINDOWS\Debug\UserMode\userenv.bak"
2008-01-26 14:33:18 168 884 A.... "C:\WINDOWS\Debug\UserMode\userenv.log"
2008-01-26 11:31:52 1 239 A.... "C:\WINDOWS\erdnt\Hiv-backup\ERDNT.INF"
2008-01-26 11:31:52 673 A.... "C:\WINDOWS\erdnt\Hiv-backup\ERDNT.CON"
2008-01-26 11:31:50 45 056 A.... "C:\WINDOWS\erdnt\Hiv-backup\SECURITY"
2008-01-26 11:31:52 25 120 768 A.... "C:\WINDOWS\erdnt\Hiv-backup\SOFTWARE"
2008-01-26 11:31:52 6 127 616 A.... "C:\WINDOWS\erdnt\Hiv-backup\SYSTEM"
2008-01-26 11:31:52 253 952 A.... "C:\WINDOWS\erdnt\Hiv-backup\DEFAULT"
2008-01-26 11:31:52 28 672 A.... "C:\WINDOWS\erdnt\Hiv-backup\SAM"
2008-01-26 11:35:48 460 A.... "C:\WINDOWS\erdnt\subs\ERDNT.INF"
2008-01-26 11:35:48 673 A.... "C:\WINDOWS\erdnt\subs\ERDNT.CON"
2008-01-26 11:35:46 45 056 A.... "C:\WINDOWS\erdnt\subs\SECURITY"
2008-01-26 11:35:46 25 124 864 A.... "C:\WINDOWS\erdnt\subs\SOFTWARE"
2008-01-26 11:35:48 6 127 616 A.... "C:\WINDOWS\erdnt\subs\SYSTEM"
2008-01-26 11:35:48 253 952 A.... "C:\WINDOWS\erdnt\subs\DEFAULT"
2008-01-26 11:35:48 28 672 A.... "C:\WINDOWS\erdnt\subs\SAM"
2008-01-26 11:35:48 6 127 616 A.... "C:\WINDOWS\erdnt\subs\system.bak"
2008-01-26 11:35:46 25 124 864 A.... "C:\WINDOWS\erdnt\subs\software.bak"
2008-01-26 11:35:50 1 024 A..H. "C:\WINDOWS\erdnt\subs\system.LOG"
2008-01-26 11:35:50 1 024 A..H. "C:\WINDOWS\erdnt\subs\software.LOG"
2008-01-26 11:38:06 27 A.... "C:\WINDOWS\system32\drivers\etc\hosts"
2008-01-20 18:15:16 93 188 A.... "C:\WINDOWS\system32\drivers\down\26761562.exe"
2008-01-26 10:42:50 70 660 A.... "C:\WINDOWS\system32\drivers\down\115468.exe"
2008-01-20 18:15:30 13 824 A.... "C:\WINDOWS\system32\drivers\down\26780359.exe"
2008-01-26 10:45:02 628 A.... "C:\WINDOWS\system32\drivers\down\312828.exe"
2008-01-20 18:15:52 70 660 A.... "C:\WINDOWS\system32\drivers\down\26799390.exe"
2008-01-20 18:15:54 628 A.... "C:\WINDOWS\system32\drivers\down\26804109.exe"
2008-01-20 18:15:58 8 034 A.... "C:\WINDOWS\system32\drivers\down\26807640.exe"
2008-01-20 18:16:22 8 084 A.... "C:\WINDOWS\system32\drivers\down\26832750.exe"
2008-01-20 18:16:26 805 A.... "C:\WINDOWS\system32\drivers\down\26835406.exe"
2008-01-20 18:16:28 1 125 A.... "C:\WINDOWS\system32\drivers\down\26836109.exe"
2008-01-20 18:16:36 6 958 A.... "C:\WINDOWS\system32\drivers\down\26846421.exe"
2008-01-20 18:16:44 494 A.... "C:\WINDOWS\system32\drivers\down\26853515.exe"
2008-01-20 18:16:46 685 A.... "C:\WINDOWS\system32\drivers\down\26855375.exe"
2008-01-20 18:16:50 34 214 A.... "C:\WINDOWS\system32\drivers\down\26858140.exe"
2008-01-20 18:16:50 648 A.... "C:\WINDOWS\system32\drivers\down\26860437.exe"
2008-01-20 18:16:56 7 895 A.... "C:\WINDOWS\system32\drivers\down\26865671.exe"
2008-01-20 18:16:58 212 A.... "C:\WINDOWS\system32\drivers\down\26868031.exe"
2008-01-20 18:16:58 212 A.... "C:\WINDOWS\system32\drivers\down\26868250.exe"
2008-01-20 18:17:04 1 609 A.... "C:\WINDOWS\system32\drivers\down\26869156.exe"
2008-01-20 18:17:06 212 A.... "C:\WINDOWS\system32\drivers\down\26874203.exe"
2008-01-20 18:17:08 608 A.... "C:\WINDOWS\system32\drivers\down\26877718.exe"
2008-01-20 18:17:20 1 621 A.... "C:\WINDOWS\system32\drivers\down\26889750.exe"
2008-01-20 18:20:32 873 A.... "C:\WINDOWS\system32\drivers\down\27080359.exe"
2008-01-20 18:20:34 632 A.... "C:\WINDOWS\system32\drivers\down\27084484.exe"
2008-01-20 18:20:46 9 761 A.... "C:\WINDOWS\system32\drivers\down\27095359.exe"
2008-01-20 22:22:10 483 844 A.... "C:\WINDOWS\system32\drivers\down\41567703.exe"
2008-01-20 22:22:10 13 824 A.... "C:\WINDOWS\system32\drivers\down\41580578.exe"
2008-01-20 22:22:28 657 412 A.... "C:\WINDOWS\system32\drivers\down\41581015.exe"
2008-01-20 22:22:30 70 660 A.... "C:\WINDOWS\system32\drivers\down\41598546.exe"
2008-01-20 22:22:32 628 A.... "C:\WINDOWS\system32\drivers\down\41603296.exe"
2008-01-20 22:22:38 8 034 A.... "C:\WINDOWS\system32\drivers\down\41607421.exe"
2008-01-20 22:23:16 8 084 A.... "C:\WINDOWS\system32\drivers\down\41645093.exe"
2008-01-20 22:23:16 805 A.... "C:\WINDOWS\system32\drivers\down\41647562.exe"
2008-01-20 22:23:20 1 125 A.... "C:\WINDOWS\system32\drivers\down\41647578.exe"
2008-01-20 22:23:28 6 958 A.... "C:\WINDOWS\system32\drivers\down\41658343.exe"
2008-01-20 22:23:38 494 A.... "C:\WINDOWS\system32\drivers\down\41668625.exe"
2008-01-20 22:23:40 685 A.... "C:\WINDOWS\system32\drivers\down\41670484.exe"
2008-01-20 22:23:44 34 214 A.... "C:\WINDOWS\system32\drivers\down\41671343.exe"
2008-01-20 22:23:44 648 A.... "C:\WINDOWS\system32\drivers\down\41675265.exe"
2008-01-20 22:23:50 7 895 A.... "C:\WINDOWS\system32\drivers\down\41679796.exe"
2008-01-20 22:23:52 212 A.... "C:\WINDOWS\system32\drivers\down\41681968.exe"
2008-01-20 22:23:52 212 A.... "C:\WINDOWS\system32\drivers\down\41682203.exe"
2008-01-20 22:23:52 1 609 A.... "C:\WINDOWS\system32\drivers\down\41682406.exe"
2008-01-20 22:23:52 212 A.... "C:\WINDOWS\system32\drivers\down\41683468.exe"
2008-01-20 22:23:54 608 A.... "C:\WINDOWS\system32\drivers\down\41685000.exe"
2008-01-20 22:24:10 1 621 A.... "C:\WINDOWS\system32\drivers\down\41700406.exe"
2008-01-20 22:27:20 873 A.... "C:\WINDOWS\system32\drivers\down\41890593.exe"
2008-01-20 22:27:24 632 A.... "C:\WINDOWS\system32\drivers\down\41894015.exe"
2008-01-20 22:27:34 9 761 A.... "C:\WINDOWS\system32\drivers\down\41904421.exe"
2008-01-26 10:45:54 9 245 A.... "C:\WINDOWS\system32\drivers\down\365078.exe"
2008-01-21 10:12:54 70 656 A.... "C:\WINDOWS\system32\drivers\down\91968.exe"
2008-01-26 10:46:22 805 A.... "C:\WINDOWS\system32\drivers\down\392281.exe"
2008-01-26 10:46:22 1 125 A.... "C:\WINDOWS\system32\drivers\down\392812.exe"
2008-01-21 10:13:14 13 824 A.... "C:\WINDOWS\system32\drivers\down\136406.exe"
2008-01-21 10:13:32 657 412 A.... "C:\WINDOWS\system32\drivers\down\137203.exe"
2008-01-21 10:13:36 70 656 A.... "C:\WINDOWS\system32\drivers\down\155265.exe"
2008-01-21 10:13:40 628 A.... "C:\WINDOWS\system32\drivers\down\163203.exe"
2008-01-21 10:13:46 8 034 A.... "C:\WINDOWS\system32\drivers\down\168390.exe"
2008-01-21 10:14:26 8 084 A.... "C:\WINDOWS\system32\drivers\down\208734.exe"
2008-01-21 10:14:32 805 A.... "C:\WINDOWS\system32\drivers\down\214890.exe"
2008-01-21 10:14:34 1 125 A.... "C:\WINDOWS\system32\drivers\down\216265.exe"
2008-01-21 10:14:36 6 958 A.... "C:\WINDOWS\system32\drivers\down\220000.exe"
2008-01-21 10:14:40 494 A.... "C:\WINDOWS\system32\drivers\down\222890.exe"
2008-01-21 10:14:48 685 A.... "C:\WINDOWS\system32\drivers\down\229859.exe"
2008-01-21 10:14:54 34 214 A.... "C:\WINDOWS\system32\drivers\down\232437.exe"
2008-01-21 10:14:54 648 A.... "C:\WINDOWS\system32\drivers\down\237312.exe"
2008-01-21 10:15:06 7 895 A.... "C:\WINDOWS\system32\drivers\down\249078.exe"
2008-01-21 10:15:10 212 A.... "C:\WINDOWS\system32\drivers\down\253109.exe"
2008-01-21 10:15:10 212 A.... "C:\WINDOWS\system32\drivers\down\253765.exe"
2008-01-21 10:15:12 1 609 A.... "C:\WINDOWS\system32\drivers\down\254140.exe"
2008-01-21 10:15:12 212 A.... "C:\WINDOWS\system32\drivers\down\254906.exe"
2008-01-21 10:15:14 608 A.... "C:\WINDOWS\system32\drivers\down\256187.exe"
2008-01-21 10:15:20 1 621 A.... "C:\WINDOWS\system32\drivers\down\263703.exe"
2008-01-21 10:18:32 873 A.... "C:\WINDOWS\system32\drivers\down\455171.exe"
2008-01-21 10:18:38 632 A.... "C:\WINDOWS\system32\drivers\down\461703.exe"
2008-01-21 10:18:52 9 761 A.... "C:\WINDOWS\system32\drivers\down\474828.exe"
2008-01-21 14:19:10 70 656 A.... "C:\WINDOWS\system32\drivers\down\14884578.exe"
2008-01-26 10:46:26 6 958 A.... "C:\WINDOWS\system32\drivers\down\397421.exe"
2008-01-26 10:46:28 494 A.... "C:\WINDOWS\system32\drivers\down\398984.exe"
2008-01-21 14:19:10 13 824 A.... "C:\WINDOWS\system32\drivers\down\14893906.exe"
2008-01-21 14:19:26 657 412 A.... "C:\WINDOWS\system32\drivers\down\14894203.exe"
2008-01-21 14:19:28 70 656 A.... "C:\WINDOWS\system32\drivers\down\14910296.exe"
2008-01-21 14:19:30 628 A.... "C:\WINDOWS\system32\drivers\down\14912796.exe"
2008-01-21 14:19:34 8 034 A.... "C:\WINDOWS\system32\drivers\down\14916000.exe"
2008-01-21 14:20:08 8 084 A.... "C:\WINDOWS\system32\drivers\down\14950500.exe"
2008-01-21 14:20:10 805 A.... "C:\WINDOWS\system32\drivers\down\14952890.exe"
2008-01-21 14:20:10 1 125 A.... "C:\WINDOWS\system32\drivers\down\14952906.exe"
2008-01-21 14:20:14 6 958 A.... "C:\WINDOWS\system32\drivers\down\14957109.exe"
2008-01-21 14:20:16 494 A.... "C:\WINDOWS\system32\drivers\down\14959593.exe"
2008-01-21 14:20:18 685 A.... "C:\WINDOWS\system32\drivers\down\14961406.exe"
2008-01-21 14:20:32 34 214 A.... "C:\WINDOWS\system32\drivers\down\14962265.exe"
2008-01-21 14:20:32 648 A.... "C:\WINDOWS\system32\drivers\down\14974671.exe"
2008-01-21 14:20:36 7 895 A.... "C:\WINDOWS\system32\drivers\down\14978703.exe"
2008-01-21 14:20:40 212 A.... "C:\WINDOWS\system32\drivers\down\14981421.exe"
2008-01-21 14:20:40 212 A.... "C:\WINDOWS\system32\drivers\down\14983781.exe"
2008-01-21 14:20:40 1 609 A.... "C:\WINDOWS\system32\drivers\down\14983921.exe"
2008-01-21 14:20:42 212 A.... "C:\WINDOWS\system32\drivers\down\14984265.exe"
2008-01-21 14:20:42 608 A.... "C:\WINDOWS\system32\drivers\down\14986093.exe"
2008-01-21 14:20:48 1 621 A.... "C:\WINDOWS\system32\drivers\down\14991968.exe"
2008-01-21 14:23:58 873 A.... "C:\WINDOWS\system32\drivers\down\15180406.exe"
2008-01-21 14:24:02 632 A.... "C:\WINDOWS\system32\drivers\down\15186312.exe"
2008-01-21 14:24:16 9 761 A.... "C:\WINDOWS\system32\drivers\down\15199484.exe"
2008-01-21 19:41:08 70 656 A.... "C:\WINDOWS\system32\drivers\down\72921.exe"
2008-01-26 10:46:28 685 A.... "C:\WINDOWS\system32\drivers\down\400078.exe"
2008-01-26 10:49:32 33 858 A.... "C:\WINDOWS\system32\drivers\down\581718.exe"
2008-01-21 19:41:24 13 824 A.... "C:\WINDOWS\system32\drivers\down\96968.exe"
2008-01-26 10:49:32 648 A.... "C:\WINDOWS\system32\drivers\down\583375.exe"
2008-01-21 19:41:42 70 656 A.... "C:\WINDOWS\system32\drivers\down\113921.exe"
2008-01-21 19:41:44 628 A.... "C:\WINDOWS\system32\drivers\down\118046.exe"
2008-01-21 19:41:50 8 034 A.... "C:\WINDOWS\system32\drivers\down\122265.exe"
2008-01-21 19:42:28 8 084 A.... "C:\WINDOWS\system32\drivers\down\161828.exe"
2008-01-21 19:42:32 805 A.... "C:\WINDOWS\system32\drivers\down\164609.exe"
2008-01-21 19:42:34 1 125 A.... "C:\WINDOWS\system32\drivers\down\165328.exe"
2008-01-21 19:42:44 6 958 A.... "C:\WINDOWS\system32\drivers\down\176234.exe"
2008-01-21 19:42:46 494 A.... "C:\WINDOWS\system32\drivers\down\178406.exe"
2008-01-21 19:42:48 685 A.... "C:\WINDOWS\system32\drivers\down\180328.exe"
2008-01-21 19:42:54 34 214 A.... "C:\WINDOWS\system32\drivers\down\182125.exe"
2008-01-21 19:42:54 648 A.... "C:\WINDOWS\system32\drivers\down\187390.exe"
2008-01-21 19:43:02 7 895 A.... "C:\WINDOWS\system32\drivers\down\195718.exe"
2008-01-21 19:43:06 212 A.... "C:\WINDOWS\system32\drivers\down\197906.exe"
2008-01-21 19:43:06 212 A.... "C:\WINDOWS\system32\drivers\down\199562.exe"
2008-01-21 19:43:06 1 609 A.... "C:\WINDOWS\system32\drivers\down\200031.exe"
2008-01-21 19:43:06 212 A.... "C:\WINDOWS\system32\drivers\down\200531.exe"
2008-01-21 19:43:08 608 A.... "C:\WINDOWS\system32\drivers\down\201593.exe"
2008-01-21 19:43:14 1 621 A.... "C:\WINDOWS\system32\drivers\down\207343.exe"
2008-01-21 19:46:34 873 A.... "C:\WINDOWS\system32\drivers\down\397062.exe"
2008-01-21 19:46:36 632 A.... "C:\WINDOWS\system32\drivers\down\409906.exe"
2008-01-21 19:46:48 9 761 A.... "C:\WINDOWS\system32\drivers\down\420625.exe"
2008-01-26 10:49:40 9 171 A.... "C:\WINDOWS\system32\drivers\down\592031.exe"
2008-01-26 10:49:42 212 A.... "C:\WINDOWS\system32\drivers\down\593328.exe"
2008-01-22 14:21:56 14 122 A.... "C:\WINDOWS\system32\drivers\down\1367015.exe"
2008-01-22 14:22:10 657 412 A.... "C:\WINDOWS\system32\drivers\down\1367828.exe"
2008-01-22 14:22:14 70 660 A.... "C:\WINDOWS\system32\drivers\down\1382578.exe"
2008-01-22 14:22:18 96 260 A.... "C:\WINDOWS\system32\drivers\down\1386265.exe"
2008-01-22 14:22:20 628 A.... "C:\WINDOWS\system32\drivers\down\1391125.exe"
2008-01-22 14:22:26 8 034 A.... "C:\WINDOWS\system32\drivers\down\1396953.exe"
2008-01-22 14:23:02 8 084 A.... "C:\WINDOWS\system32\drivers\down\1431718.exe"
2008-01-22 14:23:04 805 A.... "C:\WINDOWS\system32\drivers\down\1434312.exe"
2008-01-22 14:23:06 1 125 A.... "C:\WINDOWS\system32\drivers\down\1435031.exe"
2008-01-22 14:23:14 6 958 A.... "C:\WINDOWS\system32\drivers\down\1445156.exe"
2008-01-22 14:23:16 494 A.... "C:\WINDOWS\system32\drivers\down\1447328.exe"
2008-01-22 14:23:22 685 A.... "C:\WINDOWS\system32\drivers\down\1451781.exe"
2008-01-22 14:23:24 34 255 A.... "C:\WINDOWS\system32\drivers\down\1453500.exe"
2008-01-22 14:23:26 648 A.... "C:\WINDOWS\system32\drivers\down\1456375.exe"
2008-01-22 14:23:32 7 895 A.... "C:\WINDOWS\system32\drivers\down\1462218.exe"
2008-01-22 14:23:38 212 A.... "C:\WINDOWS\system32\drivers\down\1464562.exe"
2008-01-22 14:23:38 212 A.... "C:\WINDOWS\system32\drivers\down\1469734.exe"
2008-01-22 14:23:38 1 609 A.... "C:\WINDOWS\system32\drivers\down\1470125.exe"
2008-01-22 14:23:40 212 A.... "C:\WINDOWS\system32\drivers\down\1470250.exe"
2008-01-22 14:23:40 608 A.... "C:\WINDOWS\system32\drivers\down\1471828.exe"
2008-01-22 14:23:50 1 621 A.... "C:\WINDOWS\system32\drivers\down\1482203.exe"
2008-01-22 14:27:04 873 A.... "C:\WINDOWS\system32\drivers\down\1671468.exe"
2008-01-22 14:27:06 632 A.... "C:\WINDOWS\system32\drivers\down\1676890.exe"
2008-01-22 14:27:16 9 761 A.... "C:\WINDOWS\system32\drivers\down\1687531.exe"
2008-01-26 10:49:42 212 A.... "C:\WINDOWS\system32\drivers\down\594031.exe"
2008-01-26 10:49:42 1 609 A.... "C:\WINDOWS\system32\drivers\down\594234.exe"
2008-01-22 18:27:42 14 122 A.... "C:\WINDOWS\system32\drivers\down\16113875.exe"
2008-01-22 18:27:58 657 412 A.... "C:\WINDOWS\system32\drivers\down\16114218.exe"
2008-01-22 18:28:00 70 656 A.... "C:\WINDOWS\system32\drivers\down\16129828.exe"
2008-01-22 18:28:04 96 260 A.... "C:\WINDOWS\system32\drivers\down\16132343.exe"
2008-01-22 18:28:06 628 A.... "C:\WINDOWS\system32\drivers\down\16136796.exe"
2008-01-22 18:28:12 8 034 A.... "C:\WINDOWS\system32\drivers\down\16143109.exe"
2008-01-22 18:28:50 8 084 A.... "C:\WINDOWS\system32\drivers\down\16179921.exe"
2008-01-22 18:28:50 805 A.... "C:\WINDOWS\system32\drivers\down\16182296.exe"
2008-01-22 18:28:50 1 125 A.... "C:\WINDOWS\system32\drivers\down\16182312.exe"
2008-01-22 18:29:04 6 958 A.... "C:\WINDOWS\system32\drivers\down\16192906.exe"
2008-01-22 18:29:06 494 A.... "C:\WINDOWS\system32\drivers\down\16196531.exe"
2008-01-22 18:29:06 685 A.... "C:\WINDOWS\system32\drivers\down\16198328.exe"
2008-01-22 18:29:10 33 858 A.... "C:\WINDOWS\system32\drivers\down\16199265.exe"
2008-01-22 18:29:10 648 A.... "C:\WINDOWS\system32\drivers\down\16201515.exe"
2008-01-22 18:29:24 7 895 A.... "C:\WINDOWS\system32\drivers\down\16214328.exe"
2008-01-22 18:29:24 212 A.... "C:\WINDOWS\system32\drivers\down\16216046.exe"
2008-01-22 18:29:24 212 A.... "C:\WINDOWS\system32\drivers\down\16216171.exe"
2008-01-22 18:29:26 1 609 A.... "C:\WINDOWS\system32\drivers\down\16216312.exe"
2008-01-22 18:29:26 212 A.... "C:\WINDOWS\system32\drivers\down\16217187.exe"
2008-01-22 18:29:26 608 A.... "C:\WINDOWS\system32\drivers\down\16218390.exe"
2008-01-22 18:29:32 1 621 A.... "C:\WINDOWS\system32\drivers\down\16222515.exe"
2008-01-22 18:33:00 873 A.... "C:\WINDOWS\system32\drivers\down\16412234.exe"
2008-01-22 18:33:00 632 A.... "C:\WINDOWS\system32\drivers\down\16432296.exe"
2008-01-22 18:33:12 9 761 A.... "C:\WINDOWS\system32\drivers\down\16442953.exe"
2008-01-22 22:33:46 70 660 A.... "C:\WINDOWS\system32\drivers\down\30871234.exe"
2008-01-26 10:49:44 212 A.... "C:\WINDOWS\system32\drivers\down\594640.exe"
2008-01-26 10:49:44 608 A.... "C:\WINDOWS\system32\drivers\down\595531.exe"
2008-01-22 22:34:10 14 122 A.... "C:\WINDOWS\system32\drivers\down\30901812.exe"
2008-01-26 10:49:48 1 621 A.... "C:\WINDOWS\system32\drivers\down\599078.exe"
2008-01-22 22:34:16 70 660 A.... "C:\WINDOWS\system32\drivers\down\30902796.exe"
2008-01-22 22:34:20 96 260 A.... "C:\WINDOWS\system32\drivers\down\30907390.exe"
2008-01-22 22:34:20 628 A.... "C:\WINDOWS\system32\drivers\down\30912390.exe"
2008-01-22 22:34:26 8 034 A.... "C:\WINDOWS\system32\drivers\down\30917359.exe"
2008-01-22 22:34:58 8 084 A.... "C:\WINDOWS\system32\drivers\down\30949593.exe"
2008-01-22 22:35:00 805 A.... "C:\WINDOWS\system32\drivers\down\30952000.exe"
2008-01-22 22:35:02 1 125 A.... "C:\WINDOWS\system32\drivers\down\30952015.exe"
2008-01-22 22:35:04 6 958 A.... "C:\WINDOWS\system32\drivers\down\30956187.exe"
2008-01-22 22:35:08 494 A.... "C:\WINDOWS\system32\drivers\down\30957781.exe"
2008-01-22 22:35:08 685 A.... "C:\WINDOWS\system32\drivers\down\30959500.exe"
2008-01-22 22:35:10 33 858 A.... "C:\WINDOWS\system32\drivers\down\30960640.exe"
2008-01-22 22:35:10 648 A.... "C:\WINDOWS\system32\drivers\down\30962515.exe"
2008-01-22 22:35:16 7 895 A.... "C:\WINDOWS\system32\drivers\down\30966625.exe"
2008-01-22 22:35:16 212 A.... "C:\WINDOWS\system32\drivers\down\30968078.exe"
2008-01-22 22:35:26 212 A.... "C:\WINDOWS\system32\drivers\down\30968203.exe"
2008-01-22 22:35:28 1 609 A.... "C:\WINDOWS\system32\drivers\down\30977593.exe"
2008-01-22 22:35:28 212 A.... "C:\WINDOWS\system32\drivers\down\30978687.exe"
2008-01-22 22:35:30 608 A.... "C:\WINDOWS\system32\drivers\down\30982515.exe"
2008-01-22 22:35:36 1 621 A.... "C:\WINDOWS\system32\drivers\down\30987984.exe"
2008-01-22 22:38:46 873 A.... "C:\WINDOWS\system32\drivers\down\31176890.exe"
2008-01-22 22:38:48 632 A.... "C:\WINDOWS\system32\drivers\down\31178828.exe"
2008-01-22 22:38:58 9 761 A.... "C:\WINDOWS\system32\drivers\down\31188953.exe"
2008-01-23 9:34:28 70 660 A.... "C:\WINDOWS\system32\drivers\down\302421.exe"
2008-01-23 9:34:34 14 122 A.... "C:\WINDOWS\system32\drivers\down\321671.exe"
2008-01-23 9:34:40 96 260 A.... "C:\WINDOWS\system32\drivers\down\326296.exe"
2008-01-23 9:34:42 628 A.... "C:\WINDOWS\system32\drivers\down\330906.exe"
2008-01-23 9:34:46 8 034 A.... "C:\WINDOWS\system32\drivers\down\334796.exe"
2008-01-23 9:35:22 8 084 A.... "C:\WINDOWS\system32\drivers\down\370265.exe"
2008-01-23 9:35:24 805 A.... "C:\WINDOWS\system32\drivers\down\371890.exe"
2008-01-23 9:35:26 1 125 A.... "C:\WINDOWS\system32\drivers\down\372421.exe"
2008-01-23 9:35:28 6 958 A.... "C:\WINDOWS\system32\drivers\down\375937.exe"
2008-01-23 9:35:30 494 A.... "C:\WINDOWS\system32\drivers\down\377625.exe"
2008-01-23 9:35:46 685 A.... "C:\WINDOWS\system32\drivers\down\393656.exe"
2008-01-23 9:35:48 33 858 A.... "C:\WINDOWS\system32\drivers\down\395000.exe"
2008-01-23 9:35:48 648 A.... "C:\WINDOWS\system32\drivers\down\396828.exe"
2008-01-23 9:35:54 7 895 A.... "C:\WINDOWS\system32\drivers\down\401156.exe"
2008-01-23 9:35:54 212 A.... "C:\WINDOWS\system32\drivers\down\402859.exe"
2008-01-23 9:35:56 212 A.... "C:\WINDOWS\system32\drivers\down\402968.exe"
2008-01-23 9:35:58 1 609 A.... "C:\WINDOWS\system32\drivers\down\404484.exe"
2008-01-23 9:35:58 212 A.... "C:\WINDOWS\system32\drivers\down\406312.exe"
2008-01-23 9:36:00 608 A.... "C:\WINDOWS\system32\drivers\down\407625.exe"
2008-01-23 9:36:04 1 621 A.... "C:\WINDOWS\system32\drivers\down\413218.exe"
2008-01-23 9:39:18 873 A.... "C:\WINDOWS\system32\drivers\down\605562.exe"
2008-01-23 9:39:18 632 A.... "C:\WINDOWS\system32\drivers\down\607250.exe"
2008-01-23 9:39:30 9 761 A.... "C:\WINDOWS\system32\drivers\down\618031.exe"
2008-01-23 18:26:52 70 660 A.... "C:\WINDOWS\system32\drivers\down\3024890.exe"
2008-01-26 10:52:58 873 A.... "C:\WINDOWS\system32\drivers\down\788203.exe"
2008-01-26 10:52:58 632 A.... "C:\WINDOWS\system32\drivers\down\789968.exe"
2008-01-23 18:26:56 14 122 A.... "C:\WINDOWS\system32\drivers\down\3033140.exe"
2008-01-23 18:26:56 657 412 A.... "C:\WINDOWS\system32\drivers\down\3034062.exe"
2008-01-23 18:26:58 70 660 A.... "C:\WINDOWS\system32\drivers\down\3035187.exe"
2008-01-23 18:27:04 96 772 A.... "C:\WINDOWS\system32\drivers\down\3037656.exe"
2008-01-23 18:27:06 628 A.... "C:\WINDOWS\system32\drivers\down\3043812.exe"
2008-01-23 18:27:12 8 034 A.... "C:\WINDOWS\system32\drivers\down\3049843.exe"
2008-01-23 18:27:58 8 084 A.... "C:\WINDOWS\system32\drivers\down\3096890.exe"
2008-01-23 18:28:08 805 A.... "C:\WINDOWS\system32\drivers\down\3105750.exe"
2008-01-23 18:28:10 1 125 A.... "C:\WINDOWS\system32\drivers\down\3106437.exe"
2008-01-23 18:28:12 6 958 A.... "C:\WINDOWS\system32\drivers\down\3110937.exe"
2008-01-23 18:28:22 494 A.... "C:\WINDOWS\system32\drivers\down\3120359.exe"
2008-01-23 18:28:26 685 A.... "C:\WINDOWS\system32\drivers\down\3124609.exe"
2008-01-23 18:28:42 33 858 A.... "C:\WINDOWS\system32\drivers\down\3125968.exe"
2008-01-23 18:28:42 648 A.... "C:\WINDOWS\system32\drivers\down\3140781.exe"
2008-01-23 18:30:48 7 895 A.... "C:\WINDOWS\system32\drivers\down\3265062.exe"
2008-01-23 18:30:54 212 A.... "C:\WINDOWS\system32\drivers\down\3269984.exe"
2008-01-23 18:30:58 212 A.... "C:\WINDOWS\system32\drivers\down\3273187.exe"
2008-01-23 18:31:02 1 609 A.... "C:\WINDOWS\system32\drivers\down\3277687.exe"
2008-01-23 18:31:04 212 A.... "C:\WINDOWS\system32\drivers\down\3281562.exe"
2008-01-23 18:31:06 608 A.... "C:\WINDOWS\system32\drivers\down\3283468.exe"
2008-01-23 18:31:18 1 621 A.... "C:\WINDOWS\system32\drivers\down\3297031.exe"
2008-01-23 18:34:28 873 A.... "C:\WINDOWS\system32\drivers\down\3485171.exe"
2008-01-23 18:34:30 632 A.... "C:\WINDOWS\system32\drivers\down\3488578.exe"
2008-01-23 18:34:42 9 761 A.... "C:\WINDOWS\system32\drivers\down\3500312.exe"
2008-01-23 22:38:20 70 660 A.... "C:\WINDOWS\system32\drivers\down\18094250.exe"
2008-01-23 22:38:22 14 122 A.... "C:\WINDOWS\system32\drivers\down\18099531.exe"
2008-01-23 22:38:22 657 412 A.... "C:\WINDOWS\system32\drivers\down\18099875.exe"
2008-01-23 22:38:26 70 660 A.... "C:\WINDOWS\system32\drivers\down\18100953.exe"
2008-01-23 22:38:28 628 A.... "C:\WINDOWS\system32\drivers\down\18106093.exe"
2008-01-23 22:38:32 8 034 A.... "C:\WINDOWS\system32\drivers\down\18109812.exe"
2008-01-23 22:39:22 8 084 A.... "C:\WINDOWS\system32\drivers\down\18158765.exe"
2008-01-23 22:39:22 805 A.... "C:\WINDOWS\system32\drivers\down\18161093.exe"
2008-01-23 22:39:24 1 125 A.... "C:\WINDOWS\system32\drivers\down\18161109.exe"
2008-01-23 22:39:32 6 958 A.... "C:\WINDOWS\system32\drivers\down\18170828.exe"
2008-01-23 22:39:36 494 A.... "C:\WINDOWS\system32\drivers\down\18172562.exe"
2008-01-23 22:39:36 685 A.... "C:\WINDOWS\system32\drivers\down\18174281.exe"
2008-01-23 22:39:40 33 858 A.... "C:\WINDOWS\system32\drivers\down\18175546.exe"
2008-01-23 22:39:40 648 A.... "C:\WINDOWS\system32\drivers\down\18178468.exe"
2008-01-23 22:39:48 7 895 A.... "C:\WINDOWS\system32\drivers\down\18184703.exe"
2008-01-23 22:39:48 212 A.... "C:\WINDOWS\system32\drivers\down\18186218.exe"
2008-01-23 22:39:48 212 A.... "C:\WINDOWS\system32\drivers\down\18186328.exe"
2008-01-23 22:39:48 1 609 A.... "C:\WINDOWS\system32\drivers\down\18186437.exe"
2008-01-23 22:39:48 212 A.... "C:\WINDOWS\system32\drivers\down\18186531.exe"
2008-01-23 22:39:50 608 A.... "C:\WINDOWS\system32\drivers\down\18187687.exe"
2008-01-23 22:40:06 1 621 A.... "C:\WINDOWS\system32\drivers\down\18203171.exe"
2008-01-23 22:43:14 873 A.... "C:\WINDOWS\system32\drivers\down\18391343.exe"
2008-01-23 22:43:16 632 A.... "C:\WINDOWS\system32\drivers\down\18393765.exe"
2008-01-23 22:43:26 9 761 A.... "C:\WINDOWS\system32\drivers\down\18403734.exe"
2008-01-24 8:26:42 70 660 A.... "C:\WINDOWS\system32\drivers\down\1341875.exe"
2008-01-26 10:53:08 9 919 A.... "C:\WINDOWS\system32\drivers\down\799187.exe"
2008-01-24 8:27:12 14 122 A.... "C:\WINDOWS\system32\drivers\down\1377359.exe"
2008-01-24 8:27:12 657 412 A.... "C:\WINDOWS\system32\drivers\down\1378359.exe"
2008-01-24 8:27:20 96 772 A.... "C:\WINDOWS\system32\drivers\down\1383218.exe"
2008-01-24 8:27:22 628 A.... "C:\WINDOWS\system32\drivers\down\1388875.exe"
2008-01-24 8:27:30 8 034 A.... "C:\WINDOWS\system32\drivers\down\1396687.exe"
2008-01-24 8:28:08 8 084 A.... "C:\WINDOWS\system32\drivers\down\1433125.exe"
2008-01-24 8:28:08 805 A.... "C:\WINDOWS\system32\drivers\down\1434937.exe"
2008-01-24 8:28:10 1 125 A.... "C:\WINDOWS\system32\drivers\down\1435656.exe"
2008-01-24 8:28:18 6 958 A.... "C:\WINDOWS\system32\drivers\down\1443906.exe"
2008-01-24 8:28:20 494 A.... "C:\WINDOWS\system32\drivers\down\1445937.exe"
2008-01-24 8:28:24 685 A.... "C:\WINDOWS\system32\drivers\down\1448718.exe"
2008-01-24 8:28:26 33 858 A.... "C:\WINDOWS\system32\drivers\down\1451015.exe"
2008-01-24 8:28:28 648 A.... "C:\WINDOWS\system32\drivers\down\1453312.exe"
2008-01-24 8:28:36 7 895 A.... "C:\WINDOWS\system32\drivers\down\1462140.exe"
2008-01-24 8:28:40 212 A.... "C:\WINDOWS\system32\drivers\down\1465156.exe"
2008-01-24 8:28:40 212 A.... "C:\WINDOWS\system32\drivers\down\1465859.exe"
2008-01-24 8:28:40 1 609 A.... "C:\WINDOWS\system32\drivers\down\1466000.exe"
2008-01-24 8:28:40 212 A.... "C:\WINDOWS\system32\drivers\down\1466281.exe"
2008-01-24 8:28:42 608 A.... "C:\WINDOWS\system32\drivers\down\1468468.exe"
2008-01-24 8:28:48 1 621 A.... "C:\WINDOWS\system32\drivers\down\1474375.exe"
2008-01-24 8:31:58 873 A.... "C:\WINDOWS\system32\drivers\down\1664312.exe"
2008-01-24 8:32:00 632 A.... "C:\WINDOWS\system32\drivers\down\1666437.exe"
2008-01-24 8:32:10 9 761 A.... "C:\WINDOWS\system32\drivers\down\1676984.exe"
2008-01-24 22:41:24 14 122 A.... "C:\WINDOWS\system32\drivers\down\81390.exe"
2008-01-24 22:41:28 70 660 A.... "C:\WINDOWS\system32\drivers\down\83062.exe"
2008-01-24 22:41:30 96 772 A.... "C:\WINDOWS\system32\drivers\down\85593.exe"
2008-01-24 22:41:32 628 A.... "C:\WINDOWS\system32\drivers\down\89640.exe"
2008-01-24 22:41:36 9 245 A.... "C:\WINDOWS\system32\drivers\down\92828.exe"
2008-01-24 22:42:14 805 A.... "C:\WINDOWS\system32\drivers\down\130781.exe"
2008-01-24 22:42:14 1 125 A.... "C:\WINDOWS\system32\drivers\down\131250.exe"
2008-01-24 22:42:16 6 958 A.... "C:\WINDOWS\system32\drivers\down\134031.exe"
2008-01-24 22:42:38 494 A.... "C:\WINDOWS\system32\drivers\down\144781.exe"
2008-01-24 22:42:38 685 A.... "C:\WINDOWS\system32\drivers\down\155546.exe"
2008-01-24 22:42:40 33 858 A.... "C:\WINDOWS\system32\drivers\down\156562.exe"
2008-01-24 22:42:42 648 A.... "C:\WINDOWS\system32\drivers\down\158500.exe"
2008-01-24 22:42:46 9 171 A.... "C:\WINDOWS\system32\drivers\down\162656.exe"
2008-01-24 22:42:46 212 A.... "C:\WINDOWS\system32\drivers\down\164281.exe"
2008-01-24 22:42:50 212 A.... "C:\WINDOWS\system32\drivers\down\164453.exe"
2008-01-24 22:42:50 1 609 A.... "C:\WINDOWS\system32\drivers\down\166718.exe"
2008-01-24 22:42:50 212 A.... "C:\WINDOWS\system32\drivers\down\167187.exe"
2008-01-24 22:42:52 608 A.... "C:\WINDOWS\system32\drivers\down\168953.exe"
2008-01-24 22:43:08 1 621 A.... "C:\WINDOWS\system32\drivers\down\185078.exe"
2008-01-24 22:46:18 873 A.... "C:\WINDOWS\system32\drivers\down\370078.exe"
2008-01-24 22:46:28 632 A.... "C:\WINDOWS\system32\drivers\down\384703.exe"
2008-01-24 22:46:38 9 919 A.... "C:\WINDOWS\system32\drivers\down\395125.exe"
2008-01-25 2:46:38 70 660 A.... "C:\WINDOWS\system32\drivers\down\78828.exe"