Adam,
I did as you requested. I could not repair and uninstall avg - i tried repair, install , uninstall and always got error
message that "sojmething bad happened with application", so I let it stay as is. When I was downloading Kaspersky on-line
scan tool, there was a message that klif.sys was not loaded and I got a blue scree and had to rebbot PC. SInce I had kaspersky antivirus
already downloaded and installed, I ran that one and log is down below.
Thanks.
Branko
DAFT Log saved on 2008-09-12 21:42:08
-----------------------------------------------------------------------
All associations okay!
C:\WINDOWS\system32\opbpsxrk.ini moved successfully.
C:\WINDOWS\system32\QtAGPXyb.ini2 moved successfully.
C:\WINDOWS\system32\QtAGPXyb.ini moved successfully.
C:\WINDOWS\system32\ipukbjit.ini moved successfully.
C:\WINDOWS\system32\bwdwvgas.ini moved successfully.
C:\WINDOWS\system32\LTCMWyxx.ini2 moved successfully.
C:\WINDOWS\system32\LTCMWyxx.ini moved successfully.
C:\WINDOWS\system32\swmrwwma.ini moved successfully.
C:\WINDOWS\system32\0391f468-.txt moved successfully.
C:\WINDOWS\system32\LUFOnnmp.ini2 moved successfully.
C:\WINDOWS\system32\LUFOnnmp.ini moved successfully.
File/Folder C:\WINDOWS\system32\xxyWMCTL.dll not found.
C:\WINDOWS\ALCMTR.EXE moved successfully.
< C:\dgdzsc.dll /s >
File/Folder C:\dgdzsc.dll not found.
< C:\ulluzs.dll /s >
File/Folder C:\ulluzs.dll not found.
< C:\rqRHyYqo.dll /s >
File/Folder C:\rqRHyYqo.dll not found.
C:\Documents and Settings\Branko\Application Data\Azureus\torrents moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\tmp moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\shares moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\plugins moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\net moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\media\azpd moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\media moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\logs\save moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\logs moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\dht moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus\active moved successfully.
C:\Documents and Settings\Branko\Application Data\Azureus moved successfully.
C:\Documents and Settings\All Users\Application Data\Azureus moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09122008_215647
Full Scan: completed 9/13/2008 1:23:40 AM (events: 163, objects: 1104371, time: 02:43:13)
8/19/2008 10:08:00 PM Task started
8/19/2008 10:10:08 PM Task completed
Full Scan: completed 9/13/2008 1:23:40 AM (events: 163, objects: 1104371, time: 02:43:13)
8/19/2008 10:22:52 PM Task started
8/19/2008 10:22:52 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\biueng.dll/UPX
8/19/2008 10:22:52 PM Will be deleted on system restart: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\biueng.dll
8/19/2008 10:22:53 PM Disinfected: not-a-virus:AdWare.Win32.SuperJuan.cqn HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
8/19/2008 10:23:02 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\radjlk.dll/UPX
8/19/2008 10:23:02 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\radjlk.dll/UPX Skipped by user
8/19/2008 10:23:02 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\biueng.dll/UPX
8/19/2008 10:23:03 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\radjlk.dll/UPX
8/19/2008 10:23:03 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\radjlk.dll/UPX Skipped by user
8/19/2008 10:23:03 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\biueng.dll/UPX
8/19/2008 10:23:12 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\radjlk.dll/UPX
8/19/2008 10:23:20 PM Task completed
Full Scan: completed 9/13/2008 1:23:40 AM (events: 163, objects: 1104371, time: 02:43:13)
8/19/2008 10:28:38 PM Task started
8/19/2008 10:29:17 PM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
8/19/2008 10:30:31 PM Detected: Trojan.Win32.Monderb.fim c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe/#
8/19/2008 10:30:31 PM Untreated: Trojan.Win32.Monderb.fim c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe/# Postponed
8/19/2008 10:30:31 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe/#
8/19/2008 10:30:31 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe/#
8/19/2008 10:30:31 PM Detected: Heur.Invader c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe
8/19/2008 10:30:31 PM Detected: Trojan-Downloader.Win32.Small.yrh c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/serial.exe
8/19/2008 10:30:31 PM Detected: Trojan-Downloader.Win32.Small.yxa c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/number.exe/PE_Patch.Upolyx/PE_Patch.UPX/UPX
8/19/2008 10:30:31 PM Detected: Trojan-Downloader.Win32.FraudLoad.vbaf c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/keygen.exe
8/19/2008 10:30:50 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012306.dll/UPX
8/19/2008 10:30:50 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012306.dll/UPX Postponed
8/19/2008 10:30:50 PM Detected: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0011486.dll/UPX
8/19/2008 10:30:50 PM Untreated: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0011486.dll/UPX Postponed
8/19/2008 10:30:50 PM Detected: Heur.Trojan.Generic c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012307.dll
8/19/2008 10:30:50 PM Untreated: Heur.Trojan.Generic c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012307.dll Postponed
8/19/2008 10:30:51 PM Detected: Trojan-Downloader.Win32.FraudLoad.vbae c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012319.dll
8/19/2008 10:30:51 PM Untreated: Trojan-Downloader.Win32.FraudLoad.vbae c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012319.dll Postponed
8/19/2008 10:30:53 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012358.dll
8/19/2008 10:30:53 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012358.dll Postponed
8/19/2008 10:30:53 PM Detected: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012357.dll/UPX
8/19/2008 10:30:53 PM Untreated: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012357.dll/UPX Postponed
8/19/2008 10:30:53 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012359.dll
8/19/2008 10:30:53 PM Untreated: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012359.dll Postponed
8/19/2008 10:30:53 PM Detected: Trojan.Win32.Monder.frx c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012360.dll
8/19/2008 10:30:53 PM Untreated: Trojan.Win32.Monder.frx c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012360.dll Postponed
8/19/2008 10:31:07 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP121\A0012523.dll
8/19/2008 10:31:07 PM Untreated: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP121\A0012523.dll Postponed
8/19/2008 10:32:08 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034645.dll/UPX
8/19/2008 10:32:08 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034645.dll/UPX Postponed
8/19/2008 10:32:08 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034646.dll/UPX
8/19/2008 10:32:08 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034646.dll/UPX Postponed
8/19/2008 10:47:54 PM Detected:
http://www.viruslist.com/en/advisories/30937 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher2340\StagingArea\1313.dll
8/19/2008 10:47:54 PM Detected:
http://www.viruslist.com/en/advisories/30937 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher2340\StagingArea\1313
8/19/2008 10:49:43 PM Detected:
http://www.viruslist.com/en/advisories/30937 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher4380\StagingArea\4589
8/19/2008 10:49:43 PM Detected:
http://www.viruslist.com/en/advisories/30937 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher4380\StagingArea\4589.dll
8/19/2008 10:50:09 PM Detected: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\04KDRLNF\cntr[1]/UPX
8/19/2008 10:50:09 PM Untreated: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\04KDRLNF\cntr[1]/UPX Postponed
8/19/2008 10:51:21 PM Detected: Heur.Trojan.Generic c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/19/2008 10:51:21 PM Untreated: Heur.Trojan.Generic c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1] Postponed
8/19/2008 10:52:08 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb767887[1]/UPX
8/19/2008 10:52:08 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb767887[1]/UPX Postponed
8/19/2008 10:53:17 PM Detected: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\XDK4K9O6\cntr[1]/UPX
8/19/2008 10:53:17 PM Untreated: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\XDK4K9O6\cntr[1]/UPX Postponed
8/19/2008 10:55:08 PM Detected: Exploit.Java.Gimsh.a c:\Documents and Settings\Deca\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d00d9f7-4df0096a.zip/vmain.class
8/19/2008 10:55:08 PM Untreated: Exploit.Java.Gimsh.a c:\Documents and Settings\Deca\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d00d9f7-4df0096a.zip/vmain.class Postponed
8/19/2008 10:55:36 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\2XCDIHAD\kb767887[1]
8/19/2008 10:55:36 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\2XCDIHAD\kb767887[1] Postponed
8/19/2008 10:55:53 PM Detected: Trojan.Win32.Monder.frx c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/19/2008 10:55:53 PM Untreated: Trojan.Win32.Monder.frx c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1] Postponed
8/19/2008 10:56:19 PM Detected: Heur.Trojan.Generic c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\GVRE3PL2\cntr[1]
8/19/2008 10:56:19 PM Untreated: Heur.Trojan.Generic c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\GVRE3PL2\cntr[1] Postponed
8/19/2008 11:04:09 PM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\Flash9e.ocx
8/19/2008 11:04:17 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\java.exe
8/19/2008 11:04:17 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\javaws.exe
8/19/2008 11:05:20 PM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\swflash.ocx
8/19/2008 11:05:50 PM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
8/19/2008 11:07:20 PM Detected:
http://www.viruslist.com/en/advisories/28083 c:\program files\adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll
8/19/2008 11:08:26 PM Detected:
http://www.viruslist.com/en/advisories/25023 c:\program files\adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\BMP.8BI
8/19/2008 11:14:50 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\java.exe
8/19/2008 11:14:50 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\javaws.exe
8/19/2008 11:18:05 PM Detected: Trojan.Win32.Monderb.fho c:\VundoFix Backups\iifExXpq.dll.bad
8/19/2008 11:18:05 PM Untreated: Trojan.Win32.Monderb.fho c:\VundoFix Backups\iifExXpq.dll.bad Postponed
8/19/2008 11:22:51 PM Detected: Trojan.Win32.Monder.fth c:\windows\system32\byXPGAtQ.dll
8/19/2008 11:22:52 PM Untreated: Trojan.Win32.Monder.fth c:\windows\system32\byXPGAtQ.dll Postponed
8/19/2008 11:23:00 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\kpqhpfyb.dll/UPX
8/19/2008 11:23:01 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\kpqhpfyb.dll/UPX Postponed
8/19/2008 11:23:06 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\windows\system32\mxxtspik.dll
8/19/2008 11:23:07 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\windows\system32\mxxtspik.dll Postponed
8/19/2008 11:23:14 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\ruraflvv.dll/UPX
8/19/2008 11:23:14 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\ruraflvv.dll/UPX Postponed
8/19/2008 11:23:14 PM Detected: Heur.Trojan.Generic c:\windows\system32\sagvwdwb.dll
8/19/2008 11:23:14 PM Untreated: Heur.Trojan.Generic c:\windows\system32\sagvwdwb.dll Postponed
8/19/2008 11:23:17 PM Detected: Heur.Trojan.Generic c:\windows\system32\tijbkupi.dll
8/19/2008 11:23:17 PM Untreated: Heur.Trojan.Generic c:\windows\system32\tijbkupi.dll Postponed
8/19/2008 11:23:22 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\xpujukrl.dll/UPX
8/19/2008 11:23:23 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\xpujukrl.dll/UPX Postponed
8/19/2008 11:23:35 PM Detected:
http://www.viruslist.com/en/advisories/28083 c:\windows\system32\Macromed\Flash\Flash9e.ocx
8/19/2008 11:47:49 PM Detected: not-a-virus:AdWare.Win32.MyWay.ac E:\misc\freeripmp3.exe/data0012
8/19/2008 11:47:50 PM Untreated: not-a-virus:AdWare.Win32.MyWay.ac E:\misc\freeripmp3.exe/data0012 Postponed
8/19/2008 11:47:57 PM Detected: not-a-virus:AdWare.Win32.MyWay.j E:\misc\RosoftCDExtractorFree.exe/data0012
8/19/2008 11:47:59 PM Untreated: not-a-virus:AdWare.Win32.MyWay.j E:\misc\RosoftCDExtractorFree.exe/data0012 Postponed
8/19/2008 11:47:59 PM Detected: not-a-virus:AdWare.Win32.180Solutions E:\misc\RosoftCDExtractorFree.exe/data0015
8/19/2008 11:47:59 PM Detected: not-a-virus:AdWare.Win32.BookedSpace.a E:\misc\setupcdripper.exe/WISE0016.BIN/data0002
8/19/2008 11:48:00 PM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a E:\misc\setupcdripper.exe/WISE0016.BIN/data0002 Postponed
8/19/2008 11:48:00 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v E:\misc\setupcdripper.exe/WISE0017.BIN/data0002
8/19/2008 11:48:00 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a E:\misc\setupcdripper.exe/WISE0017.BIN/data0003
8/19/2008 11:48:00 PM Detected: not-a-virus:AdWare.Win32.SaveNow.e E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Save.exe
8/19/2008 11:48:00 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/19/2008 11:48:00 PM Detected: not-a-virus:AdWare.Win32.SaveNow E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/19/2008 11:48:00 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/19/2008 11:48:00 PM Detected: not-a-virus:AdWare.Win32.EZula.p E:\misc\setupcdripper.exe/WISE0036.BIN
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.Harmohol.a E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012
8/19/2008 11:51:21 PM Untreated: not-a-virus:AdWare.Win32.Harmohol.a E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012 Postponed
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/wbhshare.dll
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.WebHancer E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/Webhdll.dll
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/WhAgent.exe
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whiehlpr.dll
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whieshm.dll
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whInstaller.exe
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bg E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/SaveNow.exe
8/19/2008 11:51:21 PM Detected: not-a-virus:AdWare.Win32.SaveNow.au E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/Uninst.exe
8/19/2008 11:51:24 PM Detected:
http://www.viruslist.com/en/advisories/27361 E:\sa-punog-c-diska\sa-starog-zip-disks\5\Real1\RealPlayer\realplay.exe
8/19/2008 11:51:42 PM Detected: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\04KDRLNF\cntr[1]/UPX
8/19/2008 11:51:44 PM Deleted: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\04KDRLNF\cntr[1]
8/19/2008 11:51:44 PM Detected: Heur.Trojan.Generic c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/19/2008 11:51:44 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb767887[1]/UPX
8/19/2008 11:51:44 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb767887[1]/UPX Skipped by user
8/19/2008 11:51:44 PM Detected: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\XDK4K9O6\cntr[1]/UPX
8/19/2008 11:51:44 PM Deleted: Trojan.Win32.Monder.fpp c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\XDK4K9O6\cntr[1]
8/19/2008 11:51:44 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\2XCDIHAD\kb767887[1]
8/19/2008 11:51:44 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\2XCDIHAD\kb767887[1] Skipped by user
8/19/2008 11:51:44 PM Detected: Trojan.Win32.Monder.frx c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/19/2008 11:51:44 PM Deleted: Trojan.Win32.Monder.frx c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/19/2008 11:51:45 PM Detected: Heur.Trojan.Generic c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\GVRE3PL2\cntr[1]
8/19/2008 11:51:45 PM Detected: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0011486.dll/UPX
8/19/2008 11:51:45 PM Deleted: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\a0011486.dll
8/19/2008 11:51:45 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012306.dll/UPX
8/19/2008 11:51:45 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012306.dll/UPX Skipped by user
8/19/2008 11:51:45 PM Detected: Heur.Trojan.Generic c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012307.dll
8/19/2008 11:51:45 PM Detected: Trojan-Downloader.Win32.FraudLoad.vbae c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012319.dll
8/19/2008 11:51:45 PM Deleted: Trojan-Downloader.Win32.FraudLoad.vbae c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012319.dll
8/19/2008 11:51:45 PM Detected: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012357.dll/UPX
8/19/2008 11:51:45 PM Deleted: Trojan.Win32.Monder.fpp c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\a0012357.dll
8/19/2008 11:51:45 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012358.dll
8/19/2008 11:51:45 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012358.dll Skipped by user
8/19/2008 11:51:45 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012359.dll
8/19/2008 11:51:45 PM Deleted: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012359.dll
8/19/2008 11:51:45 PM Detected: Trojan.Win32.Monder.frx c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012360.dll
8/19/2008 11:51:45 PM Deleted: Trojan.Win32.Monder.frx c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP118\A0012360.dll
8/19/2008 11:51:45 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP121\A0012523.dll
8/19/2008 11:51:45 PM Deleted: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP121\A0012523.dll
8/19/2008 11:51:45 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034645.dll/UPX
8/19/2008 11:51:45 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034645.dll/UPX Skipped by user
8/19/2008 11:51:45 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034646.dll/UPX
8/19/2008 11:51:45 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034646.dll/UPX Skipped by user
8/19/2008 11:51:45 PM Detected: Trojan.Win32.Monderb.fho c:\VundoFix Backups\iifExXpq.dll.bad
8/19/2008 11:51:45 PM Deleted: Trojan.Win32.Monderb.fho c:\VundoFix Backups\iifExXpq.dll.bad
8/19/2008 11:51:45 PM Detected: Trojan.Win32.Monder.fth c:\windows\system32\byXPGAtQ.dll
8/19/2008 11:51:45 PM Deleted: Trojan.Win32.Monder.fth c:\windows\system32\byXPGAtQ.dll
8/19/2008 11:51:45 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\kpqhpfyb.dll/UPX
8/19/2008 11:51:45 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\kpqhpfyb.dll/UPX Skipped by user
8/19/2008 11:51:45 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\windows\system32\mxxtspik.dll
8/19/2008 11:51:45 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqs c:\windows\system32\mxxtspik.dll Skipped by user
8/19/2008 11:51:45 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\ruraflvv.dll/UPX
8/19/2008 11:51:45 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\ruraflvv.dll/UPX Skipped by user
8/19/2008 11:51:45 PM Detected: Heur.Trojan.Generic c:\windows\system32\sagvwdwb.dll
8/19/2008 11:51:46 PM Detected: Heur.Trojan.Generic c:\windows\system32\tijbkupi.dll
8/19/2008 11:51:46 PM Detected: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\xpujukrl.dll/UPX
8/19/2008 11:51:46 PM Untreated: not-a-virus:AdWare.Win32.SuperJuan.cqn c:\windows\system32\xpujukrl.dll/UPX Skipped by user
8/19/2008 11:51:46 PM Detected: not-a-virus:AdWare.Win32.MyWay.ac E:\misc\freeripmp3.exe/data0012
8/19/2008 11:51:46 PM Untreated: not-a-virus:AdWare.Win32.MyWay.ac E:\misc\freeripmp3.exe/data0012 Skipped by user
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.MyWay.j E:\misc\RosoftCDExtractorFree.exe/data0012
8/19/2008 11:51:48 PM Untreated: not-a-virus:AdWare.Win32.MyWay.j E:\misc\RosoftCDExtractorFree.exe/data0012 Skipped by user
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.180Solutions E:\misc\RosoftCDExtractorFree.exe/data0015
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.BookedSpace.a E:\misc\setupcdripper.exe/WISE0016.BIN/data0002
8/19/2008 11:51:48 PM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a E:\misc\setupcdripper.exe/WISE0016.BIN/data0002 Skipped by user
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v E:\misc\setupcdripper.exe/WISE0017.BIN/data0002
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a E:\misc\setupcdripper.exe/WISE0017.BIN/data0003
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.SaveNow.e E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Save.exe
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.SaveNow E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/19/2008 11:51:48 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.EZula.p E:\misc\setupcdripper.exe/WISE0036.BIN
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.Harmohol.a E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012
8/19/2008 11:51:49 PM Untreated: not-a-virus:AdWare.Win32.Harmohol.a E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012 Skipped by user
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/wbhshare.dll
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.WebHancer E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/Webhdll.dll
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/WhAgent.exe
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whiehlpr.dll
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whieshm.dll
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whInstaller.exe
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bg E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/SaveNow.exe
8/19/2008 11:51:49 PM Detected: not-a-virus:AdWare.Win32.SaveNow.au E:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/Uninst.exe
8/19/2008 11:51:49 PM Detected: Exploit.Java.Gimsh.a c:\Documents and Settings\Deca\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d00d9f7-4df0096a.zip/vmain.class
8/19/2008 11:51:49 PM Deleted: Exploit.Java.Gimsh.a c:\Documents and Settings\Deca\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6d00d9f7-4df0096a.zip/vmain.class
8/19/2008 11:51:49 PM Detected: Trojan.Win32.Monderb.fim c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe/#
8/19/2008 11:51:49 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe/#
8/19/2008 11:51:49 PM Detected: Trojan.Win32.Monderb.fho c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe/#
8/19/2008 11:51:49 PM Detected: Heur.Invader c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/crack.exe
8/19/2008 11:51:49 PM Detected: Trojan-Downloader.Win32.Small.yrh c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/serial.exe
8/19/2008 11:51:49 PM Detected: Trojan-Downloader.Win32.Small.yxa c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/number.exe/PE_Patch.Upolyx/PE_Patch.UPX/UPX
8/19/2008 11:51:49 PM Detected: Trojan-Downloader.Win32.FraudLoad.vbaf c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\A0012341.exe/keygen.exe
8/19/2008 11:51:49 PM Deleted: Trojan-Downloader.Win32.FraudLoad.vbaf c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP117\a0012341.exe
8/19/2008 11:51:50 PM Task completed
Full Scan: completed 9/13/2008 1:23:40 AM (events: 163, objects: 1104371, time: 02:43:13)
8/23/2008 12:26:12 AM Task started
8/23/2008 12:27:42 AM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
8/23/2008 12:29:20 AM Detected: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012307.dll
8/23/2008 12:29:20 AM Untreated: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012307.dll Postponed
8/23/2008 12:30:43 AM Detected: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034660.dll
8/23/2008 12:30:43 AM Untreated: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034660.dll Postponed
8/23/2008 12:30:43 AM Detected: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034659.dll
8/23/2008 12:30:43 AM Untreated: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034659.dll Postponed
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002
8/23/2008 12:35:20 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002 Postponed
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0002
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0003
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Save.exe
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.SaveNow E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/23/2008 12:35:20 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012
8/23/2008 12:35:20 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012 Postponed
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012
8/23/2008 12:35:21 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012 Postponed
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.EZula.p E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0036.BIN
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/wbhshare.dll
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.WebHancer E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/Webhdll.dll
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/WhAgent.exe
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whiehlpr.dll
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whieshm.dll
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whInstaller.exe
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/SaveNow.exe
8/23/2008 12:35:21 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/Uninst.exe
8/23/2008 12:35:25 AM Detected: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012
8/23/2008 12:35:25 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012 Postponed
8/23/2008 12:35:25 AM Detected: not-a-virus:AdWare.Win32.180Solutions E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0015
8/23/2008 12:47:29 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher2340\StagingArea\1313
8/23/2008 12:47:29 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher2340\StagingArea\1313.dll
8/23/2008 12:49:53 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher4380\StagingArea\4589
8/23/2008 12:49:53 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher4380\StagingArea\4589.dll
8/23/2008 12:51:58 AM Detected: Trojan.Win32.Monder.gge c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/23/2008 12:51:58 AM Untreated: Trojan.Win32.Monder.gge c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1] Postponed
8/23/2008 1:11:40 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\Flash9e.ocx
8/23/2008 1:11:49 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\java.exe
8/23/2008 1:11:49 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\javaws.exe
8/23/2008 1:13:00 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\swflash.ocx
8/23/2008 1:13:35 AM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
8/23/2008 1:15:24 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\program files\adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll
8/23/2008 1:16:54 AM Detected:
http://www.viruslist.com/en/advisories/25023 c:\program files\adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\BMP.8BI
8/23/2008 1:26:21 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\java.exe
8/23/2008 1:26:21 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\javaws.exe
8/23/2008 1:36:07 AM Detected: Trojan.Win32.Monder.gge c:\WINDOWS\system32\sagvwdwb.dll
8/23/2008 1:36:07 AM Untreated: Trojan.Win32.Monder.gge c:\WINDOWS\system32\sagvwdwb.dll Postponed
8/23/2008 1:36:10 AM Detected: Trojan.Win32.Monder.gge c:\WINDOWS\system32\tijbkupi.dll
8/23/2008 1:36:10 AM Untreated: Trojan.Win32.Monder.gge c:\WINDOWS\system32\tijbkupi.dll Postponed
8/23/2008 1:36:28 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx
8/23/2008 1:36:29 AM Detected:
http://www.viruslist.com/en/advisories/26027 c:\WINDOWS\system32\Macromed\Flash\flash.ocx
8/23/2008 2:17:32 AM Detected:
http://www.viruslist.com/en/advisories/27361 E:\sa-punog-c-diska\sa-starog-zip-disks\5\Real1\RealPlayer\realplay.exe
8/23/2008 2:18:09 AM Detected: Trojan.Win32.Monder.gge c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/23/2008 2:18:09 AM Deleted: Trojan.Win32.Monder.gge c:\Documents and Settings\Branko\Local Settings\Temporary Internet Files\Content.IE5\6TCFAPSX\kb456456[1]
8/23/2008 2:18:09 AM Detected: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012307.dll
8/23/2008 2:18:09 AM Deleted: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP116\A0012307.dll
8/23/2008 2:18:09 AM Detected: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034659.dll
8/23/2008 2:18:09 AM Deleted: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034659.dll
8/23/2008 2:18:09 AM Detected: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034660.dll
8/23/2008 2:18:09 AM Deleted: Trojan.Win32.Monder.gge c:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034660.dll
8/23/2008 2:18:10 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012
8/23/2008 2:18:10 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012 Skipped by user
8/23/2008 2:18:12 AM Detected: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012
8/23/2008 2:18:12 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012 Skipped by user
8/23/2008 2:18:12 AM Detected: not-a-virus:AdWare.Win32.180Solutions E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0015
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002
8/23/2008 2:18:13 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002 Skipped by user
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0002
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0003
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Save.exe
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.SaveNow E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/23/2008 2:18:13 AM Detected: not-a-virus:AdWare.Win32.EZula.p E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0036.BIN
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012
8/23/2008 2:18:14 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012 Skipped by user
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/wbhshare.dll
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.WebHancer E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/Webhdll.dll
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/WhAgent.exe
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whiehlpr.dll
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whieshm.dll
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whInstaller.exe
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/SaveNow.exe
8/23/2008 2:18:14 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/Uninst.exe
8/23/2008 2:18:14 AM Task completed
Full Scan: completed 9/13/2008 1:23:40 AM (events: 163, objects: 1104371, time: 02:43:13)
8/30/2008 12:23:20 AM Task started
8/30/2008 12:25:35 AM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
8/30/2008 12:33:45 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002
8/30/2008 12:33:45 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002 Postponed
8/30/2008 12:33:45 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0002
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0003
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Save.exe
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012
8/30/2008 12:33:46 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012 Postponed
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.SaveNow E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012
8/30/2008 12:33:46 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012 Postponed
8/30/2008 12:33:46 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012
8/30/2008 12:33:46 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012 Postponed
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.180Solutions E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0015
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/wbhshare.dll
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.WebHancer E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/Webhdll.dll
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/WhAgent.exe
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whiehlpr.dll
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whieshm.dll
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whInstaller.exe
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/SaveNow.exe
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/Uninst.exe
8/30/2008 12:33:47 AM Detected: not-a-virus:AdWare.Win32.EZula.p E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0036.BIN
8/30/2008 12:46:13 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher2340\StagingArea\1313.dll
8/30/2008 12:46:14 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher2340\StagingArea\1313
8/30/2008 12:48:05 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher4380\StagingArea\4589
8/30/2008 12:48:05 AM Detected:
http://www.viruslist.com/en/advisories/31549 c:\Documents and Settings\Branko\Local Settings\Temp\Patcher\Patcher4380\StagingArea\4589.dll
8/30/2008 1:04:44 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\Flash9e.ocx
8/30/2008 1:04:52 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\java.exe
8/30/2008 1:04:52 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\javaws.exe
8/30/2008 1:06:01 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\swflash.ocx
8/30/2008 1:06:31 AM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
8/30/2008 1:08:11 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\program files\adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll
8/30/2008 1:09:22 AM Detected:
http://www.viruslist.com/en/advisories/25023 c:\program files\adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\BMP.8BI
8/30/2008 1:16:08 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\java.exe
8/30/2008 1:16:08 AM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\javaws.exe
8/30/2008 1:25:38 AM Detected:
http://www.viruslist.com/en/advisories/26027 c:\WINDOWS\system32\Macromed\Flash\flash.ocx
8/30/2008 1:25:38 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx
8/30/2008 1:56:33 AM Detected:
http://www.viruslist.com/en/advisories/27361 E:\sa-punog-c-diska\sa-starog-zip-disks\5\Real1\RealPlayer\realplay.exe
8/30/2008 2:08:55 AM Detected:
http://www.viruslist.com/en/advisories/27620 G:\Program Files\realplay.exe
8/30/2008 2:09:12 AM Detected:
http://www.viruslist.com/en/advisories/23483 G:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
8/30/2008 2:09:27 AM Detected:
http://www.viruslist.com/en/advisories/25023 G:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\BMP.8BI
8/30/2008 2:12:44 AM Detected:
http://www.viruslist.com/en/advisories/26725 G:\Program Files\iTunes\iTunes.exe
8/30/2008 2:15:30 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:15:34 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Postponed
8/30/2008 2:15:34 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\1\zipici-i-exe-ici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:15:35 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\1\zipici-i-exe-ici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Postponed
8/30/2008 2:15:38 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\2\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:15:39 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\2\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Postponed
8/30/2008 2:15:47 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012
8/30/2008 2:15:48 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012 Postponed
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/wbhshare.dll
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.WebHancer G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/Webhdll.dll
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/WhAgent.exe
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whiehlpr.dll
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whieshm.dll
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whInstaller.exe
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/SaveNow.exe
8/30/2008 2:15:48 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/Uninst.exe
8/30/2008 2:15:54 AM Detected:
http://www.viruslist.com/en/advisories/27361 G:\sa-punog-c-diska\sa-starog-zip-disks\5\Real1\RealPlayer\realplay.exe
8/30/2008 2:18:47 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1a-downloads-desktop\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:18:47 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1a-downloads-desktop\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Postponed
8/30/2008 2:19:33 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1aa-za-prenos-sa-starog\1d-zadnje-od-01-16\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:19:34 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1aa-za-prenos-sa-starog\1d-zadnje-od-01-16\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Postponed
8/30/2008 2:22:10 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac G:\za-prenos-na-xps630i\misc\freeripmp3.exe/data0012
8/30/2008 2:22:11 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac G:\za-prenos-na-xps630i\misc\freeripmp3.exe/data0012 Postponed
8/30/2008 2:22:11 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0016.BIN/data0002
8/30/2008 2:22:12 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0016.BIN/data0002 Postponed
8/30/2008 2:22:12 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0017.BIN/data0002
8/30/2008 2:22:12 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0017.BIN/data0003
8/30/2008 2:22:12 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Save.exe
8/30/2008 2:22:12 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/30/2008 2:22:12 AM Detected: not-a-virus:AdWare.Win32.SaveNow G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/30/2008 2:22:12 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/30/2008 2:22:13 AM Detected: not-a-virus:AdWare.Win32.MyWay.j G:\za-prenos-na-xps630i\misc\RosoftCDExtractorFree.exe/data0012
8/30/2008 2:22:13 AM Detected: not-a-virus:AdWare.Win32.EZula.p G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0036.BIN
8/30/2008 2:22:16 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j G:\za-prenos-na-xps630i\misc\RosoftCDExtractorFree.exe/data0012 Postponed
8/30/2008 2:22:16 AM Detected: not-a-virus:AdWare.Win32.180Solutions G:\za-prenos-na-xps630i\misc\RosoftCDExtractorFree.exe/data0015
8/30/2008 2:24:35 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012
8/30/2008 2:24:35 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034664.exe/data0012 Skipped by user
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012
8/30/2008 2:24:37 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0012 Skipped by user
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.180Solutions E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034665.exe/data0015
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002
8/30/2008 2:24:37 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0016.BIN/data0002 Skipped by user
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0002
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0017.BIN/data0003
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Save.exe
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.SaveNow E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/30/2008 2:24:37 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.EZula.p E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034666.exe/WISE0036.BIN
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012
8/30/2008 2:24:38 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0012 Skipped by user
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/wbhshare.dll
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.WebHancer E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/Webhdll.dll
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/WhAgent.exe
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whiehlpr.dll
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whieshm.dll
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0015/whInstaller.exe
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/SaveNow.exe
8/30/2008 2:24:38 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP141\A0034667.EXE/data0016/Uninst.exe
8/30/2008 2:24:39 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:24:39 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Skipped by user
8/30/2008 2:24:39 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\1\zipici-i-exe-ici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:24:39 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\1\zipici-i-exe-ici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Skipped by user
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\2\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:24:40 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\sa-punog-c-diska\sa-starog-zip-disks\2\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Skipped by user
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012
8/30/2008 2:24:40 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0012 Skipped by user
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/wbhshare.dll
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.WebHancer G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/Webhdll.dll
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/WhAgent.exe
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whiehlpr.dll
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whieshm.dll
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0015/whInstaller.exe
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/SaveNow.exe
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au G:\sa-punog-c-diska\sa-starog-zip-disks\4\zipici-i-exe-ici\XPLUS.EXE/data0016/Uninst.exe
8/30/2008 2:24:40 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1a-downloads-desktop\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:24:40 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1a-downloads-desktop\1a_stari_sa_desktopa\zipici\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Skipped by user
8/30/2008 2:24:41 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1aa-za-prenos-sa-starog\1d-zadnje-od-01-16\progs_to_do_archives\ZIPSET2.EXE/data/PECompact
8/30/2008 2:24:41 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\za-prenos-na-xps630i\1aa-za-prenos-sa-starog\1d-zadnje-od-01-16\progs_to_do_archives\ZIPSET2.EXE/data/PECompact Skipped by user
8/30/2008 2:24:42 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac G:\za-prenos-na-xps630i\misc\freeripmp3.exe/data0012
8/30/2008 2:24:42 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac G:\za-prenos-na-xps630i\misc\freeripmp3.exe/data0012 Skipped by user
8/30/2008 2:24:43 AM Detected: not-a-virus:AdWare.Win32.MyWay.j G:\za-prenos-na-xps630i\misc\RosoftCDExtractorFree.exe/data0012
8/30/2008 2:24:43 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j G:\za-prenos-na-xps630i\misc\RosoftCDExtractorFree.exe/data0012 Skipped by user
8/30/2008 2:24:43 AM Detected: not-a-virus:AdWare.Win32.180Solutions G:\za-prenos-na-xps630i\misc\RosoftCDExtractorFree.exe/data0015
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0016.BIN/data0002
8/30/2008 2:24:44 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0016.BIN/data0002 Skipped by user
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0017.BIN/data0002
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0017.BIN/data0003
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Save.exe
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.SaveNow G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
8/30/2008 2:24:44 AM Detected: not-a-virus:AdWare.Win32.EZula.p G:\za-prenos-na-xps630i\misc\setupcdripper.exe/WISE0036.BIN
8/30/2008 2:24:44 AM Task completed
Full Scan: completed 9/13/2008 1:23:40 AM (events: 163, objects: 1104371, time: 02:43:13)
9/5/2008 9:30:42 PM Task completed
9/5/2008 9:30:21 PM Task started
Full Scan: completed 9/13/2008 1:23:40 AM (events: 163, objects: 1104371, time: 02:43:13)
9/12/2008 10:37:05 PM Task started
9/12/2008 10:37:53 PM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
9/12/2008 10:38:19 PM Task stopped
9/12/2008 10:40:27 PM Task started
9/12/2008 10:40:27 PM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
9/12/2008 10:54:18 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037165.EXE/data/PECompact
9/12/2008 10:54:18 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037167.EXE/data/PECompact
9/12/2008 10:54:19 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037167.EXE/data/PECompact Postponed
9/12/2008 10:54:19 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037165.EXE/data/PECompact Postponed
9/12/2008 10:54:19 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037166.EXE/data/PECompact
9/12/2008 10:54:19 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037166.EXE/data/PECompact Postponed
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037170.EXE/data/PECompact
9/12/2008 10:54:20 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037170.EXE/data/PECompact Postponed
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037169.EXE/data/PECompact
9/12/2008 10:54:20 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037169.EXE/data/PECompact Postponed
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0012
9/12/2008 10:54:20 PM Untreated: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0012 Postponed
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/wbhshare.dll
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.WebHancer G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/Webhdll.dll
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/WhAgent.exe
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/whiehlpr.dll
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/whieshm.dll
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/whInstaller.exe
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bg G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0016/SaveNow.exe
9/12/2008 10:54:20 PM Detected: not-a-virus:AdWare.Win32.SaveNow.au G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0016/Uninst.exe
9/12/2008 10:54:22 PM Detected: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037171.exe/data0012
9/12/2008 10:54:22 PM Untreated: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037171.exe/data0012 Postponed
9/12/2008 10:54:22 PM Detected: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0016.BIN/data0002
9/12/2008 10:54:22 PM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0016.BIN/data0002 Postponed
9/12/2008 10:54:22 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0017.BIN/data0002
9/12/2008 10:54:22 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0017.BIN/data0003
9/12/2008 10:54:23 PM Detected: not-a-virus:AdWare.Win32.SaveNow.e G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/Save.exe
9/12/2008 10:54:23 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
9/12/2008 10:54:23 PM Detected: not-a-virus:AdWare.Win32.SaveNow G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
9/12/2008 10:54:23 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
9/12/2008 10:54:23 PM Detected: not-a-virus:AdWare.Win32.EZula.p G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0036.BIN
9/12/2008 10:54:23 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037302.EXE/data/PECompact
9/12/2008 10:54:23 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037302.EXE/data/PECompact Postponed
9/12/2008 10:54:24 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037303.EXE/data/PECompact
9/12/2008 10:54:24 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037304.EXE/data/PECompact
9/12/2008 10:54:24 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037303.EXE/data/PECompact Postponed
9/12/2008 10:54:24 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037304.EXE/data/PECompact Postponed
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037173.exe/data0012
9/12/2008 10:54:25 PM Untreated: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037173.exe/data0012 Postponed
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.180Solutions G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037173.exe/data0015
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0012
9/12/2008 10:54:25 PM Untreated: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0012 Postponed
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/wbhshare.dll
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.WebHancer G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/Webhdll.dll
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/WhAgent.exe
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/whiehlpr.dll
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/whieshm.dll
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/whInstaller.exe
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bg G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0016/SaveNow.exe
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037307.EXE/data/PECompact
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.SaveNow.au G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0016/Uninst.exe
9/12/2008 10:54:25 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037307.EXE/data/PECompact Postponed
9/12/2008 10:54:25 PM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037306.EXE/data/PECompact
9/12/2008 10:54:25 PM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037306.EXE/data/PECompact Postponed
9/12/2008 10:54:26 PM Detected: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037308.exe/data0012
9/12/2008 10:54:26 PM Untreated: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037308.exe/data0012 Postponed
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037309.exe/data0012
9/12/2008 10:54:28 PM Untreated: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037309.exe/data0012 Postponed
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.180Solutions G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037309.exe/data0015
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0016.BIN/data0002
9/12/2008 10:54:28 PM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0016.BIN/data0002 Postponed
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0017.BIN/data0002
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0017.BIN/data0003
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.SaveNow.e G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/Save.exe
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.SaveNow G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
9/12/2008 10:54:28 PM Detected: not-a-virus:AdWare.Win32.EZula.p G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0036.BIN
9/12/2008 11:33:08 PM Detected: Trojan.Win32.Monder.gen c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb671231[1]/UPX
9/12/2008 11:33:08 PM Untreated: Trojan.Win32.Monder.gen c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb671231[1]/UPX Postponed
9/12/2008 11:36:58 PM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\Flash9e.ocx
9/12/2008 11:37:21 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\java.exe
9/12/2008 11:37:21 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\i386\javaws.exe
9/12/2008 11:39:29 PM Detected:
http://www.viruslist.com/en/advisories/28083 c:\i386\swflash.ocx
9/12/2008 11:40:39 PM Detected:
http://www.viruslist.com/en/advisories/23483 c:\program files\adobe\acrobat 6.0\acrobat\acrobat.exe
9/12/2008 11:44:13 PM Detected:
http://www.viruslist.com/en/advisories/28083 c:\program files\adobe\Adobe Bridge CS3\browser\plugins\NPSWF32.dll
9/12/2008 11:46:50 PM Detected:
http://www.viruslist.com/en/advisories/25023 c:\program files\adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\BMP.8BI
9/12/2008 11:59:22 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\java.exe
9/12/2008 11:59:22 PM Detected:
http://www.viruslist.com/en/advisories/31010 c:\program files\Java\jre1.5.0_06\bin\javaws.exe
9/13/2008 12:11:21 AM Detected:
http://www.viruslist.com/en/advisories/26027 c:\WINDOWS\system32\Macromed\Flash\flash.ocx
9/13/2008 12:11:21 AM Detected:
http://www.viruslist.com/en/advisories/28083 c:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx
9/13/2008 12:43:54 AM Detected:
http://www.viruslist.com/en/advisories/27361 E:\sa-punog-c-diska\sa-starog-zip-disks\5\Real1\RealPlayer\realplay.exe
9/13/2008 12:59:33 AM Detected:
http://www.viruslist.com/en/advisories/27620 G:\Program Files\realplay.exe
9/13/2008 12:59:42 AM Detected:
http://www.viruslist.com/en/advisories/23483 G:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
9/13/2008 1:00:41 AM Detected:
http://www.viruslist.com/en/advisories/25023 G:\Program Files\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\BMP.8BI
9/13/2008 1:03:59 AM Detected:
http://www.viruslist.com/en/advisories/26725 G:\Program Files\iTunes\iTunes.exe
9/13/2008 1:08:54 AM Detected:
http://www.viruslist.com/en/advisories/27361 G:\sa-punog-c-diska\sa-starog-zip-disks\5\Real1\RealPlayer\realplay.exe
9/13/2008 1:23:11 AM Detected: Trojan.Win32.Monder.gen c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb671231[1]/UPX
9/13/2008 1:23:14 AM Deleted: Trojan.Win32.Monder.gen c:\Documents and Settings\Stanka\Local Settings\Temporary Internet Files\Content.IE5\IJOLA5U7\kb671231[1]
9/13/2008 1:23:15 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037165.EXE/data/PECompact
9/13/2008 1:23:15 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037165.EXE/data/PECompact Skipped by user
9/13/2008 1:23:15 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037166.EXE/data/PECompact
9/13/2008 1:23:15 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037166.EXE/data/PECompact Skipped by user
9/13/2008 1:23:15 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037167.EXE/data/PECompact
9/13/2008 1:23:15 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037167.EXE/data/PECompact Skipped by user
9/13/2008 1:23:17 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0012
9/13/2008 1:23:18 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0012 Skipped by user
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/wbhshare.dll
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.WebHancer G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/Webhdll.dll
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/WhAgent.exe
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/whiehlpr.dll
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/whieshm.dll
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0015/whInstaller.exe
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0016/SaveNow.exe
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037168.EXE/data0016/Uninst.exe
9/13/2008 1:23:18 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037169.EXE/data/PECompact
9/13/2008 1:23:18 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037169.EXE/data/PECompact Skipped by user
9/13/2008 1:23:19 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037170.EXE/data/PECompact
9/13/2008 1:23:19 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037170.EXE/data/PECompact Skipped by user
9/13/2008 1:23:21 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037171.exe/data0012
9/13/2008 1:23:22 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037171.exe/data0012 Skipped by user
9/13/2008 1:23:23 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0016.BIN/data0002
9/13/2008 1:23:24 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0016.BIN/data0002 Skipped by user
9/13/2008 1:23:24 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0017.BIN/data0002
9/13/2008 1:23:24 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0017.BIN/data0003
9/13/2008 1:23:24 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/Save.exe
9/13/2008 1:23:24 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
9/13/2008 1:23:24 AM Detected: not-a-virus:AdWare.Win32.SaveNow G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
9/13/2008 1:23:24 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
9/13/2008 1:23:25 AM Detected: not-a-virus:AdWare.Win32.EZula.p G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037172.exe/WISE0036.BIN
9/13/2008 1:23:27 AM Detected: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037173.exe/data0012
9/13/2008 1:23:27 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037173.exe/data0012 Skipped by user
9/13/2008 1:23:27 AM Detected: not-a-virus:AdWare.Win32.180Solutions G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP152\A0037173.exe/data0015
9/13/2008 1:23:27 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037302.EXE/data/PECompact
9/13/2008 1:23:27 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037302.EXE/data/PECompact Skipped by user
9/13/2008 1:23:28 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037303.EXE/data/PECompact
9/13/2008 1:23:28 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037303.EXE/data/PECompact Skipped by user
9/13/2008 1:23:28 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037304.EXE/data/PECompact
9/13/2008 1:23:28 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037304.EXE/data/PECompact Skipped by user
9/13/2008 1:23:29 AM Detected: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0012
9/13/2008 1:23:31 AM Untreated: not-a-virus:AdWare.Win32.Harmohol.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0012 Skipped by user
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/wbhshare.dll
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.WebHancer G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/Webhdll.dll
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/WhAgent.exe
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/whiehlpr.dll
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/whieshm.dll
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.WebHancer.214 G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0015/whInstaller.exe
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bg G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0016/SaveNow.exe
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.SaveNow.au G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037305.EXE/data0016/Uninst.exe
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037306.EXE/data/PECompact
9/13/2008 1:23:31 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037306.EXE/data/PECompact Skipped by user
9/13/2008 1:23:31 AM Detected: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037307.EXE/data/PECompact
9/13/2008 1:23:31 AM Untreated: not-a-virus:AdWare.Win32.ShowBehind.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037307.EXE/data/PECompact Skipped by user
9/13/2008 1:23:33 AM Detected: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037308.exe/data0012
9/13/2008 1:23:35 AM Untreated: not-a-virus:AdWare.Win32.MyWay.ac G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037308.exe/data0012 Skipped by user
9/13/2008 1:23:36 AM Detected: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037309.exe/data0012
9/13/2008 1:23:37 AM Untreated: not-a-virus:AdWare.Win32.MyWay.j G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037309.exe/data0012 Skipped by user
9/13/2008 1:23:37 AM Detected: not-a-virus:AdWare.Win32.180Solutions G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037309.exe/data0015
9/13/2008 1:23:38 AM Detected: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0016.BIN/data0002
9/13/2008 1:23:39 AM Untreated: not-a-virus:AdWare.Win32.BookedSpace.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0016.BIN/data0002 Skipped by user
9/13/2008 1:23:39 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.v G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0017.BIN/data0002
9/13/2008 1:23:39 AM Detected: not-a-virus:AdWare.Win32.BargainBuddy.a G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0017.BIN/data0003
9/13/2008 1:23:39 AM Detected: not-a-virus:AdWare.Win32.SaveNow.e G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/Save.exe
9/13/2008 1:23:39 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/SaveUninst.exe
9/13/2008 1:23:39 AM Detected: not-a-virus:AdWare.Win32.SaveNow G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/Weather\Weather.exe
9/13/2008 1:23:39 AM Detected: not-a-virus:AdWare.Win32.SaveNow.bl G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0025.BIN/data0001.cab/Weather\Uninst.exe
9/13/2008 1:23:40 AM Detected: not-a-virus:AdWare.Win32.EZula.p G:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP155\A0037310.exe/WISE0036.BIN
9/13/2008 1:23:40 AM Task completed
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:25:00 AM, on 9/13/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Branko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
www.google.com/ig/dell?hl=en&client=del ... bd=1080501R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
www.google.com/ig/dell?hl=en&client=del ... bd=1080501R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1DA7512B-CFEA-4BCD-BE6F-56D386A5D428} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ALServ] "C:\Program Files\Altec Lansing\AMS\ALServ.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
O4 - Global Startup: PhotoCAL Startup.lnk = C:\Program Files\PANTONE COLORVISION\PhotoCAL\PhotoCAL.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=58813O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 2594377500O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: c:\progra~1\google\google~2\goec62~1.dll,dgdzsc.dll,ulluzs.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll,avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: rqRHyYqo - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 12211 bytes