thank you for comment, here is the logs again.
ad-aware.txt-Ad-Aware SE Build 1.06r1
Logfile Created on:??? ????? 27 ???? 2005 17:22:01
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R57 26.07.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Malware.Psguard(TAC index:7):90 total references
MRU List(TAC index:0):8 total references
Possible Browser Hijack attempt(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
27-07-2005 17:22:01 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\zinuq\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\zinuq\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1563985344-1708537768-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1563985344-1708537768-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1563985344-1708537768-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1563985344-1708537768-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1563985344-1708537768-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 372
ThreadCreationTime : 27-07-2005 15:20:37
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 420
ThreadCreationTime : 27-07-2005 15:20:40
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 444
ThreadCreationTime : 27-07-2005 15:20:41
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 488
ThreadCreationTime : 27-07-2005 15:20:43
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 500
ThreadCreationTime : 27-07-2005 15:20:43
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 660
ThreadCreationTime : 27-07-2005 15:20:45
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 720
ThreadCreationTime : 27-07-2005 15:20:45
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 812
ThreadCreationTime : 27-07-2005 15:20:46
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 840
ThreadCreationTime : 27-07-2005 15:20:46
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1288
ThreadCreationTime : 27-07-2005 15:20:57
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:11 [totalcmd.exe]
FilePath : C:\totalcmd\
ProcessID : 1460
ThreadCreationTime : 27-07-2005 15:21:07
BasePriority : Normal
FileVersion : 6.03
ProductVersion : 6.03
ProductName : Total Commander
CompanyName : C. Ghisler & Co.
FileDescription : Total Commander 32 bit international version, file manager replacement for Windows
InternalName : TOTALCMD
LegalCopyright : Copyright © 1993-2004 Christian Ghisler
#:12 [winword.exe]
FilePath : C:\Program Files\Microsoft Office\Office10\
ProcessID : 1536
ThreadCreationTime : 27-07-2005 15:21:19
BasePriority : Normal
#:13 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1584
ThreadCreationTime : 27-07-2005 15:21:25
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:14 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1660
ThreadCreationTime : 27-07-2005 15:21:40
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 8
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{04f3168f-5afc-4531-b3b4-16ca93720415}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{057e242f-2947-4e0a-8e61-a11345d97ea6}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{187a8428-bd94-470d-a178-a2347f940519}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2865930b-4588-4ff3-8227-6d4f66c92c7a}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2fe2edc0-9e62-4f34-8a73-bc66dae48ef3}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{357a87ed-3e5d-437d-b334-deb7eb4982a3}
Malware.Psguard Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{357a87ed-3e5d-437d-b334-deb7eb4982a3}
Value : No
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3a3a8c24-8ff0-4140-9731-54d9483ea70b}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3a906593-b4bd-48ed-84b0-3249bed65ef9}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{49b72a72-01f5-4ae8-bbd7-daa67f1e303b}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6ae3aca6-1be3-4443-98dd-effcfa793d35}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{787dec39-69d0-40b3-b173-e0411c59b300}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{79ddf2ef-d881-464b-b2af-5af8816a3964}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{813c8e86-4c90-4617-b59e-e130cc068140}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{89133bce-57d0-4d2b-afaf-a97b74ad704e}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8f40cc34-fe77-4618-aa3d-bd2efacaa8dc}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9f89e240-06a6-4e1c-ba84-f267de7db391}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b60a0e56-548d-40ae-9383-d752531f653f}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b67b0756-2528-4996-b4bd-c993614cc0b6}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{bcc51ea9-6340-4ebe-8736-13a752ecb0be}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e9719d38-ec55-4c8b-9df0-080ade95a9fa}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f4b3e25a-33b4-4647-9a78-b627dde211a6}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{08101c3e-6c90-439e-9734-6e4dd1b53b69}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{09b90087-4ffa-4a44-be69-da117a710f07}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{1449f89c-ad28-427a-97ff-1d5bd812ea43}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{1c08d3d0-1e04-4dde-ab0a-75355ea2585e}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{206538f7-f98c-4a46-a7d4-4a37fcdc932b}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{20f8b70d-9f16-4dcb-8788-90a0498e46b9}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{28fedb90-53c7-4928-994a-cee782606507}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{2c462d06-3ba0-48bb-9282-bb6519fe86e9}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3a350193-c7f7-4e10-b347-02ff4c3cc4e9}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{4723879b-8f52-4be7-9994-626afa539366}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7b6a3434-8625-4abf-b79d-09d98c2498c4}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8b6c0168-baac-4c7c-911e-0132590f5661}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8ec33b7d-9953-4edb-ace2-d4c105968601}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a00e2305-7001-4200-ba00-5779f9a3e7d3}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a20f5672-7486-4d27-bd2b-e555e4692c5f}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a917b2f3-a9bf-477c-a0e3-0382d0376159}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b26b5883-f15f-4283-b3d5-a1728077de47}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b803d266-a08d-4a4c-9604-6d35689abe09}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c6e2a22c-b3a8-43a4-b5ec-a5bb671ab3f7}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{cb9385ab-8541-4b2f-a363-48f64c612993}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{cf1674cc-ec9a-4aee-996e-65a8f7c0b0e4}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{d5d6e9b5-30d5-4457-ac8b-399205f50411}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{d6a7d177-0b2f-4283-b2e8-b6310a45e606}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e0d6c30a-b9a3-4181-8099-3b0d5a2b98af}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f100a342-3ac5-47ff-b5b3-fcdb6fc9f016}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f4364eec-31f5-4b8b-a7e0-3b6394c9d23f}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{982392f9-9c65-48b4-b667-3459c46630d1}
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{f61d1ce1-5199-4b57-b59e-c6819ea92f3b}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 50
Objects found so far: 58
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 58
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 58
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 58
Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 58
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 58
Possible Browser Hijack attempt Object Recognized!
Type : File
Data : FREE Access to 800 Paid sites.url
TAC Rating : 7
Category : Misc
Comment : Problematic URL discovered:
http://getthis4free.com/ Object : C:\Documents and Settings\zinuq\Favorites\
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.foundcollection
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.foundcollection.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.foundobject
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.foundobject.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.killedprocessescollection
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.killedprocessescollection.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.killedprocessinfo
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.killedprocessinfo.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.license
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.license.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.options
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.options.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.quarantine
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.quarantine.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.realtime
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.realtime.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.rtobject
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.rtobject.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.safemode
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.safemode.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.scaner
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.scaner.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.scanstatistic
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.scanstatistic.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.theapp
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.theapp.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.update
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.update.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.updateinfo
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.updateinfo.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.versioninfo
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : avecore.versioninfo.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wndlayer.window
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wndlayer.window.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wndlayer.windowcollection
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wndlayer.windowcollection.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wndlayer.windowlayer
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wndlayer.windowlayer.1
Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\shudderltd
Malware.Psguard Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\main
Value : Display Inline Images
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 40
Objects found so far: 99
17:28:34 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:06:33.305
Objects scanned:109781
Objects identified:91
Objects ignored:0
New critical objects:91
hack.txt-Logfile of HijackThis v1.99.1
Scan saved at 17:02:18, on 27/07/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\explorer.exe
E:\eyalvirus\fix\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 ME\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\he-il\msntb.dll (file missing)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [osxppha] c:\windows\qrkignd.exe
O4 - HKCU\..\Run: [rslnjmf] c:\windows\gpkehcu.exe
O4 - HKCU\..\Run: [pniqfsj] c:\windows\gpkehcu.exe
O4 - HKCU\..\Run: [hjitqhp] c:\windows\gpkehcu.exe
O4 - HKCU\..\Run: [yluqoor] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [xbbqmcp] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [vavxurj] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [snxrkjh] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [nvlabet] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [nfnhldr] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [kjakvhp] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [lldkyvf] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [fmnvvof] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [ddwobmg] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [ygvfxku] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [cuakfwd] c:\windows\hsyiypd.exe
O4 - HKCU\..\Run: [xalmicq] c:\windows\hogxqip.exe
O4 - HKCU\..\Run: [ryrfxlj] c:\windows\hogxqip.exe
O4 - HKCU\..\Run: [mgmpfvv] c:\windows\hogxqip.exe
O4 - HKCU\..\Run: [txaiocl] c:\windows\hogxqip.exe
O4 - HKCU\..\Run: [hoywrli] c:\windows\hogxqip.exe
O4 - HKCU\..\Run: [bulpdqf] c:\windows\tbfbynb.exe
O4 - HKCU\..\Run: [wycsojr] c:\windows\tbfbynb.exe
O4 - HKCU\..\Run: [dbgibek] c:\windows\tbfbynb.exe
O4 - HKCU\..\Run: [yhguvum] c:\windows\tbfbynb.exe
O4 - HKCU\..\Run: [wbykaij] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [kaemtfv] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [mnlwkdn] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [vrpjiav] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [uocttut] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [jufltxm] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [tfssaao] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [kqkfgod] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [esaload] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [xxjdpnp] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [ryhgped] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [stsimeo] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [dithacn] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [wbqugkv] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [pvfluyj] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [jsxwywq] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [vrmllbr] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [ochxmse] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [nbljeul] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [woimwdx] c:\windows\cspbbwd.exe
O4 - HKCU\..\Run: [yhaqvyx] c:\windows\ayvmnwv.exe
O4 - HKCU\..\Run: [gdjwqpl] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [kqiegsx] c:\windows\qoqwmvr.exe
O4 - HKCU\..\Run: [rlrkbjl] c:\windows\ihgfnjg.exe
O4 - HKCU\..\Run: [cuyxldk] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [ndglvvk] c:\windows\plwamgy.exe
O4 - HKCU\..\Run: [uyprqmx] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [ghxfbgw] c:\windows\wtislsk.exe
O4 - HKCU\..\Run: [qlqlivg] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [qkwwjtp] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [wjxfwsl] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [yhpoqyi] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [bfiwueb] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [oyhgorm] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [ojeatnh] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [gbybsww] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [kmlnyfo] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [hiuwwua] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [yefmiaa] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [kwndlba] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [kefjxrw] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [eagpmjw] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [isteqtj] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [nwoydhc] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [mueygpy] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [gboyhre] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [bhhsopu] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [jnhdpxd] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [xpnsvgf] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [jbvbgcq] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [iqqwjcd] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [vbijecn] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [uwpxovc] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [jxgubhu] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [aekhwjg] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [aycjrir] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [lkajxav] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [qpjidkj] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [hekinek] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [ilbvbdi] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [npglwxe] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [oijynvr] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [saaxlep] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [meyyomf] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [jftaiya] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [rovkyms] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [tftiujg] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [rocesjm] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [awsvvje] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [celjccq] c:\windows\yvcpmhd.exe
O4 - HKCU\..\Run: [ndybuxe] c:\windows\srkunkk.exe
O4 - HKCU\..\Run: [gxoekwb] c:\windows\hemimto.exe
O4 - HKCU\..\Run: [fdiqelq] c:\windows\genbwjr.exe
O4 - HKCU\..\Run: [sfjkwrk] c:\windows\genbwjr.exe
O4 - HKCU\..\Run: [blpelok] c:\windows\genbwjr.exe
O4 - HKCU\..\Run: [aswufap] c:\windows\genbwjr.exe
O4 - HKCU\..\Run: [ncdpmjp] c:\windows\genbwjr.exe
O4 - HKCU\..\Run: [jomekhl] c:\windows\genbwjr.exe
O4 - HKCU\..\Run: [eesrxsy] c:\windows\genbwjr.exe
O4 - HKCU\..\Run: [ckniywo] c:\windows\tyrhlso.exe
O4 - HKCU\..\Run: [hpeoqdu] c:\windows\tyrhlso.exe
O4 - HKCU\..\Run: [dlsfjxx] c:\windows\tyrhlso.exe
O4 - HKCU\..\Run: [agalqca] c:\windows\tyrhlso.exe
O8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {275E2FE0-7486-11D0-89D6-00A0C90C9B67} (MCSiMenuCtl Class) -
http://activex.micro...si/mcsimenu.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupd...ab?947140089546O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft.../as5/asinst.cabO16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
http://www.ravantivi...n/ravonline.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
panda scan.txt-Incident Status Location
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\TYRHLSO.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\GENBWJR.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\WTISLSK.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\HEMIMTO.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\PLWAMGY.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\YVCPMHD.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\IHGFNJG.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\QOQWMVR.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\SRKUNKK.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\AYVMNWV.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\CSPBBWD.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\TBFBYNB.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\HOGXQIP.EXE
Adware:Adware/Startpage.WH No disinfected C:\WINDOWS\HSYIYPD.EXE
Adware:Adware/Startpage.WH No disinfected C:\windows\gpkehcu.exe
Adware:adware program No disinfected C:\WINDOWS\SYSTEM32\desktop.exe
Adware:adware/findspy No disinfected C:\DOCUMENTS AND SETTINGS\ZINUQ\FAVORITES\ FREE Access to 800 Paid sites.url
Adware:adware/cws No disinfected C:\DOCUMENTS AND SETTINGS\ZINUQ\FAVORITES\! Smart Security.url