2007-03-19 02:31:28, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 02:31:30, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 02:34:50, C:\WINDOWS\Explorer.EXE, C:\Program Files\Mozilla Firefox\firefox.exe, Explorer.EXE launched firefox.exe, , AllowAll, Advanced
2007-03-19 02:38:06, C:\WINDOWS\Explorer.EXE, C:\Program Files\Mozilla Firefox\firefox.exe, Explorer.EXE launched firefox.exe, , AllowAll, Advanced
2007-03-19 02:41:47, C:\WINDOWS\Explorer.EXE, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, Explorer.EXE launched iexplore.exe, , AllowAll, Advanced
2007-03-19 02:42:08, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 02:42:09, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 02:42:56, C:\WINDOWS\Explorer.EXE, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, Explorer.EXE launched iexplore.exe, , AllowAll, Advanced
2007-03-19 02:42:56, C:\WINDOWS\Explorer.EXE, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, Explorer.EXE launched iexplore.exe, , AllowAll, Advanced
2007-03-19 02:44:21, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 02:44:21, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 02:44:33, C:\Documents and Settings\Administrator\Desktop\iexplore.exe, C:\WINDOWS\system32\rundll32.exe, iexplore.exe launched rundll32.exe, , AllowAll, Advanced
2007-03-19 02:46:12, C:\WINDOWS\system32\winlogon.exe, C:\WINDOWS\system32\logonui.exe, winlogon.exe launched logonui.exe, , AllowAll, Advanced
2007-03-19 02:46:27, C:\WINDOWS\System32\svchost.exe, C:\WINDOWS\system32\wuauclt.exe, svchost.exe launched wuauclt.exe, , AllowAll, Advanced
2007-03-19 02:46:28, C:\WINDOWS\System32\svchost.exe, C:\WINDOWS\system32\winlogon.exe, svchost.exe modified winlogon.exe, , AllowAll, Advanced
2007-03-19 02:47:49, C:\WINDOWS\system32\userinit.exe, C:\WINDOWS\explorer.exe, userinit.exe launched explorer.exe, , AllowAll, Advanced
2007-03-19 02:47:50, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\verclsid.exe, Explorer.EXE launched verclsid.exe, , AllowAll, Advanced
2007-03-19 02:47:51, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\verclsid.exe, Explorer.EXE launched verclsid.exe, , AllowAll, Advanced
2007-03-19 02:47:53, C:\WINDOWS\Explorer.EXE, C:\Program Files\Sandboxie\Control.exe, Explorer.EXE launched Control.exe, , AllowAll, Advanced
2007-03-19 02:47:53, C:\WINDOWS\Explorer.EXE, C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe, Explorer.EXE launched TeaTimer.exe, , AllowAll, Advanced
2007-03-19 02:47:53, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\ctfmon.exe, Explorer.EXE launched ctfmon.exe, , AllowAll, Advanced
2007-03-19 02:47:55, C:\WINDOWS\Explorer.EXE, C:\Program Files\My Book\WD Backup\uBBMonitor.exe, Explorer.EXE launched uBBMonitor.exe, , AllowAll, Advanced
2007-03-19 02:47:55, C:\WINDOWS\system32\ctfmon.exe, All applications and services, A startup application ctfmon.exe has been installed, , AllowAll, Advanced
2007-03-19 02:47:55, C:\WINDOWS\system32\services.exe, C:\WINDOWS\system32\imapi.exe, services.exe launched imapi.exe, , AllowAll, Advanced
2007-03-19 02:47:55, C:\WINDOWS\system32\ctfmon.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 02:48:29, C:\WINDOWS\System32\svchost.exe, C:\WINDOWS\system32\wuauclt.exe, svchost.exe launched wuauclt.exe, , AllowAll, Advanced
2007-03-19 02:48:54, C:\WINDOWS\system32\winlogon.exe, C:\WINDOWS\system32\logonui.exe, winlogon.exe launched logonui.exe, , AllowAll, Advanced
2007-03-19 02:50:02, C:\WINDOWS\System32\svchost.exe, C:\WINDOWS\system32\winlogon.exe, svchost.exe modified winlogon.exe, , AllowAll, Advanced
2007-03-19 08:55:52, C:\WINDOWS\system32\userinit.exe, C:\WINDOWS\explorer.exe, userinit.exe launched explorer.exe, , AllowAll, Advanced
2007-03-19 08:55:54, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\verclsid.exe, Explorer.EXE launched verclsid.exe, , AllowAll, Advanced
2007-03-19 08:55:56, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\verclsid.exe, Explorer.EXE launched verclsid.exe, , AllowAll, Advanced
2007-03-19 08:55:59, C:\WINDOWS\system32\services.exe, C:\WINDOWS\system32\imapi.exe, services.exe launched imapi.exe, , AllowAll, Advanced
2007-03-19 08:56:00, C:\WINDOWS\Explorer.EXE, C:\Program Files\Sandboxie\Control.exe, Explorer.EXE launched Control.exe, , AllowAll, Advanced
2007-03-19 08:56:01, C:\WINDOWS\Explorer.EXE, C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe, Explorer.EXE launched TeaTimer.exe, , AllowAll, Advanced
2007-03-19 08:56:02, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\ctfmon.exe, Explorer.EXE launched ctfmon.exe, , AllowAll, Advanced
2007-03-19 08:56:04, C:\WINDOWS\system32\ctfmon.exe, All applications and services, A startup application ctfmon.exe has been installed, , AllowAll, Advanced
2007-03-19 08:56:04, C:\WINDOWS\system32\ctfmon.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 08:56:04, C:\WINDOWS\Explorer.EXE, C:\Program Files\My Book\WD Backup\uBBMonitor.exe, Explorer.EXE launched uBBMonitor.exe, , AllowAll, Advanced
2007-03-19 08:56:04, C:\WINDOWS\system32\ctfmon.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 08:56:04, C:\WINDOWS\system32\ctfmon.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 08:56:34, C:\WINDOWS\System32\svchost.exe, C:\WINDOWS\system32\wuauclt.exe, svchost.exe launched wuauclt.exe, , AllowAll, Advanced
2007-03-19 08:56:39, C:\WINDOWS\Explorer.EXE, C:\Program Files\Outlook Express\msimn.exe, Explorer.EXE launched msimn.exe, , AllowAll, Advanced
2007-03-19 08:57:01, C:\WINDOWS\system32\svchost.exe, C:\WINDOWS\system32\wbem\wmiprvse.exe, svchost.exe launched wmiprvse.exe, , AllowAll, Advanced
2007-03-19 09:01:37, C:\WINDOWS\Explorer.EXE, C:\Program Files\Mozilla Firefox\firefox.exe, Explorer.EXE launched firefox.exe, , AllowAll, Advanced
2007-03-19 09:02:08, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\rundll32.exe, Explorer.EXE launched rundll32.exe, , AllowAll, Advanced
2007-03-19 09:02:31, C:\WINDOWS\system32\cisvc.exe, C:\WINDOWS\system32\cidaemon.exe, cisvc.exe launched cidaemon.exe, , AllowAll, Advanced
2007-03-19 09:02:41, C:\WINDOWS\Explorer.EXE, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe, Explorer.EXE launched SpybotSD.exe, , AllowAll, Advanced
2007-03-19 09:02:41, C:\WINDOWS\Explorer.EXE, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe, Explorer.EXE launched SpybotSD.exe, , AllowAll, Advanced
2007-03-19 09:03:49, C:\WINDOWS\Explorer.EXE, C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe, Explorer.EXE launched zauninst.exe, , AllowAll, Advanced
2007-03-19 09:03:51, C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLB9.tmp, C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\zauninst.exe, GLB9.tmp launched zauninst.exe, , AllowAll, Advanced
2007-03-19 09:04:11, C:\WINDOWS\system32\services.exe, All programs and the entire OS, A kernel driver or rootkit has been installed, , AllowAll, Advanced
2007-03-19 09:04:12, C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLBC.tmp, C:\WINDOWS\system32\ZoneLabs\isafe.exe, GLBC.tmp launched isafe.exe, , AllowAll, Advanced
2007-03-19 09:04:24, C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLBC.tmp, C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\UNWISE.EXE, GLBC.tmp launched UNWISE.EXE, , AllowAll, Advanced
2007-03-19 09:04:26, C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\UNWISE.EXE, C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLB1A2B.EXE, UNWISE.EXE launched GLB1A2B.EXE, , AllowAll, Advanced
2007-03-19 09:05:39, C:\WINDOWS\Explorer.EXE, C:\Program Files\InfoProcess\AntiHook\3.0\HipEnabler.exe, Explorer.EXE launched HipEnabler.exe, , AllowAll, Advanced
2007-03-19 09:05:56, C:\WINDOWS\Explorer.EXE, C:\Program Files\InfoProcess\AntiHook\3.0\HipEnforceFrontend.exe, Explorer.EXE launched HipEnforceFrontend.exe, , AllowAll, Advanced
2007-03-19 09:07:04, C:\WINDOWS\Explorer.EXE, C:\Documents and Settings\Administrator\Desktop\Installation files\avg75free_441a944.exe, Explorer.EXE launched avg75free_441a944.exe, , AllowAll, Advanced
2007-03-19 09:07:07, C:\Documents and Settings\Administrator\Desktop\Installation files\avg75free_441a944.exe, C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX0\avgsetup.exe, avg75free_441a944.exe launched avgsetup.exe, , AllowAll, Advanced
2007-03-19 09:08:03, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\rundll32.exe, Explorer.EXE launched rundll32.exe, , AllowAll, Advanced
2007-03-19 09:08:04, C:\WINDOWS\Explorer.EXE, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe, Explorer.EXE launched SpybotSD.exe, , AllowAll, Advanced
2007-03-19 09:15:28, C:\WINDOWS\system32\cidaemon.exe, C:\WINDOWS\system32\verclsid.exe, cidaemon.exe launched verclsid.exe, , AllowAll, Advanced
2007-03-19 09:18:10, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe, All applications and services, A startup application ctfmon.exe has been installed, , AllowAll, Advanced
2007-03-19 09:20:49, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\rundll32.exe, Explorer.EXE launched rundll32.exe, , AllowAll, Advanced
2007-03-19 09:20:50, C:\WINDOWS\Explorer.EXE, C:\WINDOWS\system32\rundll32.exe, Explorer.EXE launched rundll32.exe, , AllowAll, Advanced
2007-03-19 09:20:57, C:\WINDOWS\System32\svchost.exe, C:\WINDOWS\system32\wuauclt.exe, svchost.exe launched wuauclt.exe, , AllowAll, Advanced
2007-03-19 09:22:35, C:\WINDOWS\Explorer.EXE, C:\Program Files\InfoProcess\AntiHook\3.0\HipEnforceFrontend.exe, Explorer.EXE launched HipEnforceFrontend.exe, , AllowAll, Advanced
2007-03-19 09:45:16, C:\WINDOWS\system32\cidaemon.exe, C:\WINDOWS\system32\verclsid.exe, cidaemon.exe launched verclsid.exe, , AllowAll, Advanced
2007-03-19 10:12:16, C:\Program Files\InfoProcess\AntiHook\3.0\HipEnforceFrontend.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced
2007-03-19 10:12:20, C:\Program Files\InfoProcess\AntiHook\3.0\HipEnforceFrontend.exe, All GUI applications, A system-wide Windows hook has been installed, , AllowAll, Advanced