There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post System Check problem
Go to first new post We Got System Checked :-(
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Extremely unresponsive, massive hang-ups ...
Go to first new post Incredibar Removal - Support Pls!
Go to first new post need help regarding malware/spyware
Go to first new post Somethings Amiss....
Go to first new post "svchost application error 0x6fe217 ...
Go to first new post Family Cyber Removal
Go to first new post Cannot access any google sites - youtube ...
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Overall Sluggish Performance, Video Hicc ...
Go to first new post Extremely slow computer
Go to first new post RegClean Pro
Tag Cloud
access acer asus bios bsod computer crash dns drive driver drivers error ethernet excel freeze games gaming graphics hard drive hardware hdmi internet java laptop malware memory monitor motherboard network printer problem ram random registry router slow software sound trojan usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Trojan-spy.Win32.Banker.aiw (New)

Reply  
Thread Tools
Gargantua's Avatar
Junior Member with 14 posts.
  
Join Date: Nov 2008
12-Nov-2008, 02:57 AM #1
Trojan-spy.Win32.Banker.aiw
I keep getting this message popping up:

Windows Firewall has detected unauthorised activity , but unfortunately it cannot help you remove viruses, keyloggers and spyware threats that steal your personal information from you computer. Click here to pick recommended software.

EDIT: I just noticed that my Windows Firewall was actually not turned ON! I've turned it on now, I'm still getting the message though. This message happens whether or not I'm connected to the internet. I've just timed the message and it appears every 20 minutes.

Here is a print scr of the actual message:

http://img139.imageshack.us/my.php?i...jaalertnu6.jpg


If I click "protect" button, it opens up an IE window directing me to a software download for spyware killer on this page:

http://www.defender-review.com/index.php?a=111

Its called Personal Defender 2009, i don't know if the actual alert is a scam to get people to install the software?

I've tried Spybot but the message keeps returning. I'm currently running a Norton scan but nothing detected so far (my Norton is a trial version, I didn't upgrade to full version since buying PC last year so the definitions are out of date).

Any help appreciated.

SYS Spec:

Laptop Aspire 5052
Windows Vista
2.2 ghz, 4gb ram

Vista
Last edited by Gargantua; 13-Nov-2008 at 01:37 AM..
Register for free to hide this ad!
Gargantua's Avatar
Junior Member with 14 posts.
  
Join Date: Nov 2008
12-Nov-2008, 06:42 AM #2
Here is the HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:45, on 12/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Alarm Me\AlarmMe.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\BySoft FreeRAM\FreeRAM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\sbash22\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\PROGRAM FILES\A-SQUARED FREE\A2FREE.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\MXit\MXitPC\MXit.exe
C:\PROGRA~1\MXit\MXitPC\mxit.exe
C:\PROGRA~1\MXit\MXitPC\launcher.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/yco...//uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/yco...//uk.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 128.232.103.203:3127
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AlarmMe] "C:\Program Files\Alarm Me\AlarmMe.exe" "-h"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BySoft FreeRAM] C:\Program Files\BySoft FreeRAM\FreeRAM.exe
O4 - HKCU\..\Run: [dwm] "C:\Users\sbash22\AppData\Roaming\Google\dwm.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0532C55-9561-4838-982D-2D3C030BCD91}: NameServer = 10.23.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10725 bytes
Gargantua's Avatar
Junior Member with 14 posts.
  
Join Date: Nov 2008
12-Nov-2008, 06:44 AM #3
A2 Log
Here is the A2 Log:

a-squared Free - Version 3.5
Last update: 12/11/2008 07:13:09

Scan settings:

Objects: Memory, Traces, Cookies, C:\, D:\
Scan archives: On
Heuristics: On
ADS Scan: On

Scan start: 12/11/2008 07:13:59

C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@2o7[2].txt detected: Trace.TrackingCookie.2o7!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@about[1].txt detected: Trace.TrackingCookie.about!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@adtech[1].txt detected: Trace.TrackingCookie.adtech!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@advertis ing[2].txt detected: Trace.TrackingCookie.advertising!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@atdmt[2].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@bs.servi ng-sys[1].txt detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@com[1].txt detected: Trace.TrackingCookie.com!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@question market[1].txt detected: Trace.TrackingCookie.questionmarket!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@realmedi a[1].txt detected: Trace.TrackingCookie.realmedia!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@rubiconp roject[1].txt detected: Trace.TrackingCookie.rub!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@serving-sys[1].txt detected: Trace.TrackingCookie.serving-sys!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@specific click[1].txt detected: Trace.TrackingCookie.specificclick!A2
C:\Users\sbash22\AppData\Roaming\Microsoft\Windows\Cookies\sbash22@tribalfu sion[2].txt detected: Trace.TrackingCookie.tribalfusion!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:113 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:114 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:115 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:116 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:118 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:119 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:120 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:131 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:132 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:133 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:138 detected: Trace.TrackingCookie.doubleclick.net!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:195 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:196 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:197 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:198 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:199 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:200 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:201 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:202 detected: Trace.TrackingCookie.about.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:254 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:261 detected: Trace.TrackingCookie.www.googleadservices.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:263 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:264 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:265 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:266 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:290 detected: Trace.TrackingCookie.adopt.euroclick.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:315 detected: Trace.TrackingCookie.media!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:315 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:316 detected: Trace.TrackingCookie.media!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:316 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:317 detected: Trace.TrackingCookie.media!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:317 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:319 detected: Trace.TrackingCookie.media!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:319 detected: Trace.TrackingCookie.media.adrevolver.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:334 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:335 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:336 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:337 detected: Trace.TrackingCookie.adbrite.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:375 detected: Trace.TrackingCookie.www.burstnet.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:404 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:405 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:406 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:407 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:408 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:409 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:410 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:411 detected: Trace.TrackingCookie.zedo.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:412 detected: Trace.TrackingCookie.rotator.adjuggler.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:414 detected: Trace.TrackingCookie.rotator.adjuggler.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:415 detected: Trace.TrackingCookie.rotator.adjuggler.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:416 detected: Trace.TrackingCookie.rotator.adjuggler.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:431 detected: Trace.TrackingCookie.clicktorrent.info!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:432 detected: Trace.TrackingCookie.clicktorrent.info!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:433 detected: Trace.TrackingCookie.clicktorrent.info!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:434 detected: Trace.TrackingCookie.clicktorrent.info!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:435 detected: Trace.TrackingCookie.clicktorrent.info!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:481 detected: Trace.TrackingCookie.thefreedictionary.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:511 detected: Trace.TrackingCookie.count!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:511 detected: Trace.TrackingCookie.counter.hitslink!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:511 detected: Trace.TrackingCookie.counter.hitslink.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:521 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:522 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:523 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:524 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:525 detected: Trace.TrackingCookie.casalemedia.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:534 detected: Trace.TrackingCookie.lycos.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:535 detected: Trace.TrackingCookie.lycos.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:536 detected: Trace.TrackingCookie.lycos.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:537 detected: Trace.TrackingCookie.lycos.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:566 detected: Trace.TrackingCookie.statse.webtrendslive!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:566 detected: Trace.TrackingCookie.statse.webtrendslive.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:587 detected: Trace.TrackingCookie.ad1.clickhype.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:599 detected: Trace.TrackingCookie.tag.contextweb.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:600 detected: Trace.TrackingCookie.tag.contextweb.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:602 detected: Trace.TrackingCookie.tag.contextweb.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:638 detected: Trace.TrackingCookie.click.cashengines.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:723 detected: Trace.TrackingCookie.www.burstbeacon.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:750 detected: Trace.TrackingCookie.eas.apm.emediate.eu!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:754 detected: Trace.TrackingCookie.m.webtrends.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:761 detected: Trace.TrackingCookie.www2.addfreestats.com!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:783 detected: Trace.TrackingCookie.adsfac.eu!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:784 detected: Trace.TrackingCookie.adsfac.eu!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:785 detected: Trace.TrackingCookie.adsfac.eu!A2
C:\Users\sbash22\AppData\Roaming\Mozilla\Firefox\Profiles\309wy1ap.default\ cookies.txt:786 detected: Trace.TrackingCookie.adsfac.eu!A2
C:\Program Files\DAEMON Tools Lite\SRSAI.exe detected: Adware.Win32.Shopper.r!A2
D:\[ 3 ] G A M E S\THIEF 3 - DEADLY SHADOWS Mr.Bean\Addon\Addon.exe detected: Trojan.WinREG.UnaskedFury.a!A2

Scanned

Files: 307420
Traces: 456702
Cookies: 1173
Processes: 63

Found

Files: 2
Traces: 0
Cookies: 97
Processes: 0
Registry keys: 0

Scan end: 12/11/2008 10:14:58
Scan time: 3:00:59

D:\[ 3 ] G A M E S\THIEF 3 - DEADLY SHADOWS Mr.Bean\Addon\Addon.exe Deleted Trojan.WinREG.UnaskedFury.a!A2
C:\Program Files\DAEMON Tools Lite\SRSAI.exe Deleted Adware.Win32.Shopper.r!A2

Deleted

Files: 2
Traces: 0
Cookies: 0



I deleted the last 2 already as they were medium and high risk threats but the problem's still happening.
Gargantua's Avatar
Junior Member with 14 posts.
  
Join Date: Nov 2008
12-Nov-2008, 02:30 PM #4
help much appreciated
Gargantua's Avatar
Junior Member with 14 posts.
  
Join Date: Nov 2008
13-Nov-2008, 06:42 AM #5
Appreciate any help, i still have this problem after running Spybot, Adaware, Norton.
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 02:13 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.