Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:55 AM, on 5/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {348FE907-249E-4C65-A838-F34A193FE1D1} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll (file missing)
O2 - BHO: (no name) - {C3A9074B-1E3C-45D6-9195-604CE2F1D5B8} - C:\WINDOWS\system32\awtttrqq.dll
O2 - BHO: (no name) - {ECFD882F-5978-4BB0-A0E4-5F37B3589738} - C:\WINDOWS\system32\tuvSiiJC.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [imekrmig] C:\IME\IMKR\imekrmig.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.line6.net
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1154835520453
O16 - DPF: {C190FF32-96D0-445F-9F60-5CF288FD3D0F} (ActiveFormX Control) - https://register.res.../CAT/CNICAT.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtttrqq - C:\WINDOWS\SYSTEM32\awtttrqq.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: Privacy Protection - (no file)
--
End of file - 12509 bytes
Malwarebytes' Anti-Malware 1.12
Database version: 736
Scan type: Full Scan (C:\|)
Objects scanned: 112001
Time elapsed: 58 minute(s), 8 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 18
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 56
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\tuvSiiJC.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\awtttrqq.dll (Trojan.Vundo) -> No action taken.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94a391ca-1116-4749-9b28-c7b4f782a631} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{94a391ca-1116-4749-9b28-c7b4f782a631} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecfd882f-5978-4bb0-a0e4-5f37b3589738} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ecfd882f-5978-4bb0-a0e4-5f37b3589738} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\diagnosticscan (Rogue.AdwareAway) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\diagnosticscan (Rogue.AdwareAway) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\diagnosticscan (Rogue.AdwareAway) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c3a9074b-1e3c-45d6-9195-604ce2f1d5b8} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3a9074b-1e3c-45d6-9195-604ce2f1d5b8} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtttrqq (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adware away v3.1.4.7_is1 (Rogue.AdwareAway) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\Source (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{c3a9074b-1e3c-45d6-9195-604ce2f1d5b8} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\mpfanvqg (Trojan.FakeAlert) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> No action taken.
C:\Program Files\Adware Away (Rogue.AdwareAway) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Adware Away (Rogue.AdwareAway) -> No action taken.
Files Infected:
C:\WINDOWS\system32\jwqasepl.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\lpesaqwj.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tebsckle.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\elkcsbet.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tuvSiiJC.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\CJiiSvut.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\CJiiSvut.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\vtUlMeed.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\deeMlUtv.ini (Trojan.Vundo) -> No action taken.
C:\Program Files\Adware Away\activex.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\AdAway.dll (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\AdAway.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\AdwareAway.chm (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\autorun.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\DiagnosticScan.SYS (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\EnumAutoRun.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\EnumDlls.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\EProcess.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\explorerbar.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\fa.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\FixDesktopBackground.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\folderdll.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\global.dll (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\iebhotoolbar.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\iepage.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\ietoolbarbutton.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\ieurlprefix.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\ieurlsearchhook.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\lsp.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\nameserver.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\notifydll.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\overall.log (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\process.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\protocolfilter.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\ScanAtStartup.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\screenshot.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\securitysite.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\service.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\shellextension.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\shellextensionhook.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\SPAP.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\svchostdll.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\sysrestriction.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\unins000.dat (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\unins000.exe (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\uninstall.tmp (Rogue.AdwareAway) -> No action taken.
C:\Program Files\Adware Away\Update2.exe (Rogue.AdwareAway) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Adware Away\Adware Away.lnk (Rogue.AdwareAway) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Adware Away\Uninstall.lnk (Rogue.AdwareAway) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Adware Away\Update.lnk (Rogue.AdwareAway) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Programs\Adware Away\User Manual.lnk (Rogue.AdwareAway) -> No action taken.
C:\WINDOWS\system32\NowStarter.ocx (Adware.CWS) -> No action taken.
C:\WINDOWS\system32\awtttrqq.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\vbksrofa.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\oadkxrts.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\adaway.lic (Rogue.AdwareAway) -> No action taken.
SUPERAntiSpyware Scan Log
Generated 05/09/2008 at 06:40 PM
Application Version : 3.6.1000
Core Rules Database Version : 3456
Trace Rules Database Version: 1448
Scan type : Complete Scan
Total Scan Time : 00:39:56
Memory items scanned : 635
Memory threats detected : 0
Registry items scanned : 6364
Registry threats detected : 0
File items scanned : 2982
File threats detected : 13
Adware.Tracking Cookie
C:\Documents and Settings\Shem Han\Cookies\[email protected][1].txt
C:\Documents and Settings\Shem Han\Cookies\[email protected][1].txt
C:\Documents and Settings\Shem Han\Cookies\shem_han@atwola[1].txt
C:\Documents and Settings\Shem Han\Cookies\shem_han@questionmarket[1].txt
C:\Documents and Settings\Shem Han\Cookies\shem_han@revsci[1].txt
C:\Documents and Settings\Shem Han\Cookies\[email protected][1].txt
Desktop Hijacker.AboutYourPrivacy
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\images
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\privacy_danger
help would be greatly appreciated thanks~