Jump to content


Photo

Problem with Trojan Collected 11b


  • This topic is locked This topic is locked
3 replies to this topic

#1 Straken

Straken

    Member

  • New Member
  • Pip
  • 1 posts

Posted 31 May 2007 - 12:07 PM

Hi, I've been having problems with Trojan Collected 11b virus now for a few weeks. Ive been using the AVG Free version which picks it up every time I switch on. Its always within c:\ documents and settings\rex\local settings\temp\*.dll (against various dll's. I always click heal and its comes back next time I switch on.
I'm also getting lots of pop ups even though I have a pop up blocker installed, these sites are usually advertising Spyware detection progs or debt resolution sites. I use both IE Explorer and Firefox

I downloaded the AVG Spyware detector as suggested and run that. Log listed below. Also below HIjack This log.

Thanks for any help you can give.

Logfile of HijackThis v1.99.1
Scan saved at 18:03:28, on 31/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Yahoo!\YOP\secstat.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgwb.dat
C:\PROGRA~1\Grisoft\AVGFRE~1\avgvv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbconfig.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.weatherstu...IdAhqCD3AmwRmOs
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [setup] rundll32.exe "C:\WINDOWS\system32\oafrmsxg.dll",realset
O4 - HKLM\..\Run: [j9291137] rundll32 C:\WINDOWS\system32\j9291137.dll sook
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /M "Stylus Photo R200" /EF "HKCU"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.c..._1/yregucfg.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{17FC8EB1-4E9C-4249-88B3-6CCFE66A0F0D}: NameServer = 192.168.2.1,4.2.2.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{17FC8EB1-4E9C-4249-88B3-6CCFE66A0F0D}: NameServer = 192.168.2.1,4.2.2.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{17FC8EB1-4E9C-4249-88B3-6CCFE66A0F0D}: NameServer = 192.168.2.1,4.2.2.2
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: wbsys.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe



AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 17:49:01 31/05/2007

+ Scan result:



C:\Program Files\Microsoft AntiSpyware\Quarantine\5174AEF7-E739-4DA4-B789-348665\01D3A8F6-1F58-463E-AF4B-21EF58 -> Adware.BargainBuddy : No action taken.
C:\System Volume Information\_restore{3B607D8A-FACD-4BFA-9388-90D960DF94DB}\RP753\A0163329.dll -> Adware.BurnFree : No action taken.
C:\WINDOWS\AdultAccess.exe -> Dialer.Small : No action taken.
I:\RECYCLER\S-1-5-21-1220945662-706699826-725345543-1003\Dh1.zip/Keygen.exe -> Dropper.Delf.fd : No action taken.
C:\Documents and Settings\Rex\Local Settings\Temp\bmtvkcmm.dll -> Logger.VBStat.h : No action taken.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : No action taken.
:mozilla.170:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.300:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.409:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.40:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.41:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.45:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.46:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.47:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.48:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.49:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.62:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.95:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@amazonms.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@electronicarts.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@livenation.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.112:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.113:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.338:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.339:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.340:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.341:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@adrevolver[1].txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.323:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.324:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.203:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.204:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.205:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.206:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.207:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.325:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Adviva : No action taken.
:mozilla.63:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.227:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.73:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.74:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.75:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.76:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.54:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Clickbank : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : No action taken.
:mozilla.248:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.12:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.80:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Etracker : No action taken.
:mozilla.81:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.82:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.226:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.64:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.65:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.71:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.313:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.317:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@ehg-hollywoodmedia.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.406:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.426:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
:mozilla.94:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.97:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.
:mozilla.275:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Live : No action taken.
:mozilla.276:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Live : No action taken.
:mozilla.277:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Live : No action taken.
:mozilla.379:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.380:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.381:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.35:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.8:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Netflame : No action taken.
:mozilla.114:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.115:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.116:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.402:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@overture[1].txt -> TrackingCookie.Overture : No action taken.
:mozilla.56:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Paypal : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@www.paypal[1].txt -> TrackingCookie.Paypal : No action taken.
:mozilla.271:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.272:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.273:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.19:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.20:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.21:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.22:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.23:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.24:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.25:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.26:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.27:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.28:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.29:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.30:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.31:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.32:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.249:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.250:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.252:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.253:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.126:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.127:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.128:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.129:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.130:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.131:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@counter13.sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@sextracker[2].txt -> TrackingCookie.Sextracker : No action taken.
:mozilla.297:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.298:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.299:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.106:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@trafficmp[1].txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.77:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.180:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Web-stat : No action taken.
:mozilla.166:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.
:mozilla.219:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.230:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.107:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.108:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.109:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.110:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.111:C:\Documents and Settings\Rex\Application Data\Mozilla\Firefox\Profiles\modgv4iq.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Rex\Cookies\rex@zedo[1].txt -> TrackingCookie.Zedo : No action taken.
I:\Drivers-Programmes Various\Reg Healer\Crack\loader.exe -> Trojan.Small : No action taken.
I:\Drivers-Programmes Various\Reg Healer\Registry Healer 4.3.0 + Crack.zip/Crack/loader.exe -> Trojan.Small : No action taken.
I:\Reg Healer 4.3.0 Multilanguage\Registry Healer 4.3.0.235 Multilanguage full By Xmorph.rar/Registry Healer 4.3.0.235 Multilanguage full By Xmorph\Crack 4.3.0.235\loader.exe -> Trojan.Small : No action taken.
I:\Reg Healer 4.3.0 Multilanguage\Registry Healer 4.3.0.235 Multilanguage full By Xmorph\Crack 4.3.0.235\loader.exe -> Trojan.Small : No action taken.


::Report end

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 03 June 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 Chancellor

Chancellor

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 3,020 posts

Posted 13 June 2007 - 02:04 AM

Hi,

Sorry you’ve had to wait for a few days but all of the helpers here are volunteers and we’ve been really busy recently.

If you still need help, please post a fresh HijackThis log into this thread so I can make sure nothing has changed and I will be happy to review it for you.

:)
Chancellor

Please consider a donation to help Support SWI
Malware Complaints - Report them here and fight back!
Member of ASAP Since 2006 (Alliance of Security Analysis Professionals)
Please read the FAQ and the article "So how did I get infected in the first place?".

#4 Chancellor

Chancellor

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 3,020 posts

Posted 26 June 2007 - 03:55 PM

Due to the lack of feedback, this topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Chancellor

Please consider a donation to help Support SWI
Malware Complaints - Report them here and fight back!
Member of ASAP Since 2006 (Alliance of Security Analysis Professionals)
Please read the FAQ and the article "So how did I get infected in the first place?".




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button