Tech Support Forum - View Single Post - Need help with spyware

kegank · 10-22-2005, 06:08 PM

The pop-up ad I keep getting is something called MovieWorld or MovieWurld

Here's the latest HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 8:03:40 PM, on 10/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MediaPipe\MPTray.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\Program Files\MediaPipe\DownloadManager.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O1 - Hosts: PKØ6J3ÉôF?Ï1tMHOSTS¬<msÛ¸Ñß;ÓÿÀ©¿]KÚ–KžûòŒü;×8ñùê§ñxn@¢’å_ß]$E„<×¦7¹w±X,ö€ Ž‚‡SÁÝ?îÁí×ÅÃ"X2NøD‚¥¤4HÅ¶à‚¤ð_"ÿ%èþýùOGÁªªÊ_Ž·Ûm”oJ™oY±¢¼œœÌŽƒ‰?zðý£U¿ÕŠ±[E%°JUPˆ*ø*p]9 úK*vy,xoð?E$¤À¬h°µ`8˜ª¿dY9$}Ô*ký”×ªú)ˆ©F[2©ª€³‚þœÎÞG'ð¿S=‚‹„ð•¨üÓü£‡£?¿•), …YOBøçäÝþüç3_•d ÝœÈ5Mƒ-«VÁ=‘D1ŸÁƒ?Pž"ÏiQ©@*DÍS»fRÉIãX¡Åõ©ù´
O1 - Hosts: ®_J.$ÈúU0AK ¾‹‚F´*†9µK¶£¢U•;”äþé*Y/Vß²[‘4P”ÈdEb0—
O1 - Hosts: žW í¸®€—ð‹(…Ê„.V í9gk
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [MediaPipe] "C:\Program Files\MediaPipe\MediaPipe.exe" /H
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [MediaPipeTrayIcon] "C:\Program Files\MediaPipe\MPTray.exe" /H
O4 - HKLM\..\Run: [AltPayments] "C:\Program Files\AltPayments\AltPayments.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: RemindU - file://C:\Program Files\UpromiseRemindU\System\Temp\upromise_script0.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: RemindU - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\UpromiseRemindU\System\Temp\upromise_script0.htm (HKCU)
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/game...ts/y/jt0_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/game...ts/y/pt1_x.cab
O16 - DPF: {234B7457-1A7E-4268-BA71-9936F0C78BEC} (ContentCleanup3X Control) - http://www.contentwatch.com/cleanup/...anup3Proj1.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.fujifilm.net/add/XUpload.ocx
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

Panda log:

Incident Status Location

Adware:adware/ipinsight Reported C:\WINDOWS\INF\alchem.inf
Adware:adware/gator Reported C:\GatorPatch.log
Adware:adware/twain-tech Reported C:\WINDOWS\satmat.ini
Adware:adware/shoppingcommunityReported Windows Registry
Spyware:Cookie/2o7.net Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@2o7[2].txt
Spyware:Cookie/YieldManager Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ads.pointroll[1].txt
Spyware:Cookie/Falkag Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@as-us.falkag[1].txt
Spyware:Cookie/Ask Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ask[1].txt
Spyware:Cookie/Atlas DMT Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@atdmt[2].txt
Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ath.belnk[1].txt
Spyware:Cookie/Azjmp Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@azjmp[1].txt
Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@belnk[2].txt
Spyware:Cookie/BurstNet Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@burstnet[1].txt
Spyware:Cookie/Enhance Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.enhance[1].txt
Spyware:Cookie/GoClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.goclick[2].txt
Spyware:Cookie/Ccbill Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ccbill[1].txt
Spyware:Cookie/CentrPort Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@centrport[1].txt
Spyware:Cookie/360i Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ct.360i[1].txt
Spyware:Cookie/Coremetrics Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@data.coremetrics[1].txt
Spyware:Cookie/did-it Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@did-it[1].txt
Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@dist.belnk[1].txt
Spyware:Cookie/Doubleclick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@doubleclick[1].txt
Spyware:Cookie/empnads Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@empnads[2].txt
Spyware:Cookie/FastClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@fastclick[1].txt
Spyware:Cookie/go Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@go[2].txt
Spyware:Cookie/Hitbox Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@hitbox[2].txt
Spyware:Cookie/Mediaplex Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@mediaplex[1].txt
Spyware:Cookie/Overture Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@questionmarket[1].txt
Spyware:Cookie/Rn11 Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@rn11[2].txt
Spyware:Cookie/Searchportal Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@searchportal.information[1].txt
Spyware:Cookie/Server.iad.LivepersonReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@server.iad.liveperson[2].txt
Spyware:Cookie/Serving-sys Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@serving-sys[1].txt
Spyware:Cookie/Target Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@target[2].txt
Spyware:Cookie/Traffic MarketplaceReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@tribalfusion[1].txt
Spyware:Cookie/BurstBeacon Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.burstbeacon[1].txt
Spyware:Cookie/web-stat Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.web-stat[2].txt
Spyware:Cookie/go Reported C:\Documents and Settings\Jennifer Kegan\Cookies\jennifer kegan@go[1].txt
Spyware:Cookie/2o7.net Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@2o7[2].txt
Spyware:Cookie/YieldManager Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ads.pointroll[1].txt
Spyware:Cookie/Falkag Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@as-us.falkag[1].txt
Spyware:Cookie/Ask Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ask[1].txt
Spyware:Cookie/Atlas DMT Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@atdmt[2].txt
Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ath.belnk[1].txt
Spyware:Cookie/Azjmp Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@azjmp[1].txt
Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@belnk[2].txt
Spyware:Cookie/BurstNet Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@burstnet[1].txt
Spyware:Cookie/Enhance Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.enhance[1].txt
Spyware:Cookie/GoClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.goclick[2].txt
Spyware:Cookie/Ccbill Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ccbill[1].txt
Spyware:Cookie/CentrPort Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@centrport[1].txt
Spyware:Cookie/360i Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ct.360i[1].txt
Spyware:Cookie/Coremetrics Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@data.coremetrics[1].txt
Spyware:Cookie/did-it Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@did-it[1].txt
Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@dist.belnk[1].txt
Spyware:Cookie/Doubleclick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@doubleclick[1].txt
Spyware:Cookie/empnads Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@empnads[2].txt
Spyware:Cookie/FastClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@fastclick[1].txt
Spyware:Cookie/go Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@go[2].txt
Spyware:Cookie/Hitbox Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@hitbox[2].txt
Spyware:Cookie/Mediaplex Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@mediaplex[1].txt
Spyware:Cookie/Overture Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@questionmarket[1].txt
Spyware:Cookie/Rn11 Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@rn11[2].txt
Spyware:Cookie/Searchportal Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@searchportal.information[1].txt
Spyware:Cookie/Server.iad.LivepersonReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@server.iad.liveperson[2].txt
Spyware:Cookie/Serving-sys Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@serving-sys[1].txt
Spyware:Cookie/Target Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@target[2].txt
Spyware:Cookie/Traffic MarketplaceReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@tribalfusion[1].txt
Spyware:Cookie/BurstBeacon Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.burstbeacon[1].txt
Spyware:Cookie/web-stat Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.web-stat[2].txt
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\a.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\b.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ba.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bb.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bc.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bd.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\be.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bf.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bg.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bh.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bi.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bj.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bk.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bl.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bm.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bn.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bo.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bp.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bq.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\br.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bs.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bt.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bu.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bv.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bw.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bx.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\by.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bz.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\c.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ca.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cb.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cc.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cd.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\ce.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cf.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cg.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ch.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ci.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cj.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ck.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cl.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cm.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cn.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\co.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cp.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\cq.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\cr.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cs.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\ct.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cu.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cv.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cx.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\cz.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\d.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\da.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\db.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dc.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dd.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\de.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\df.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\di.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dl.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dn.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dp.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dr.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ds.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dt.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\du.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dv.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dw.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dy.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dz.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ed.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\f.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\h.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\i.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\j.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\l.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\m.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\Main.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\n.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\p.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\q.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\r.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\s.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\t.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\u.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\w.class
Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\x.class
Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\y.class
Adware:Adware/ShoppingCommunityReported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq109.tmp
Adware:Adware/ShoppingCommunityReported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq10A.tmp
Spyware:Cookie/DomainSponsor Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1D.tmp
Spyware:Cookie/RealMedia Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq28.tmp
Spyware:Cookie/Zedo Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq32.tmp
Spyware:Spyware/BetterInet Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq42.tmp
Spyware:Cookie/RealMedia Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4A.tmp
Adware:Adware/MSView Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppqFF.tmp
Adware:Adware/IPInsight Reported C:\WINDOWS\INF\alchem.inf
Adware:Adware/Transponder Reported C:\WINDOWS\INF\polall1r.inf
Spyware:Spyware/BetterInet Reported C:\WINDOWS\INF\satmat.inf
Adware:Adware/IPInsight Reported C:\WINDOWS\satmat.ini
Adware:Adware/WurldMedia Reported C:\WINDOWS\SYSTEM32\winbpupd.exe

10-22-2005, 06:08 PM	#7 (permalink)
kegank Registered User Join Date: Jan 2005 Location: CT Posts: 12 OS: XP	New HJT log and Panda log The pop-up ad I keep getting is something called MovieWorld or MovieWurld Here's the latest HJT log: Logfile of HijackThis v1.99.1 Scan saved at 8:03:40 PM, on 10/22/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\DIGStream\digstream.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MediaPipe\MPTray.exe C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE C:\Program Files\MediaPipe\DownloadManager.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O1 - Hosts: PKØ6J3ÉôF?Ï1tMHOSTS¬<msÛ¸Ñß;ÓÿÀ©¿]KÚ–KžûòŒü;×8ñùê§ñxn@¢’å_ß]$E„<×¦7¹w±X,ö€ Ž‚‡SÁÝ?îÁí×ÅÃ"X2NøD‚¥¤4HÅ¶à‚¤ð_"ÿ%èþýùOGÁªªÊ_Ž·Ûm”oJ™oY±¢¼œœÌŽƒ‰?zðý£U¿ÕŠ±[E%°JUPˆøp]9 úKvy,xoð?E$¤À¬h°µ`8˜ª¿dY9$}Ôký”×ªú)ˆ©F[2©ª€³‚þœÎÞG'ð¿S=‚‹„ð•¨üÓü£‡£?¿•), …YOBøçäÝþüç3_•d ÝœÈ5Mƒ-«VÁ=‘D1ŸÁƒ?Pž"ÏiQ©@DÍS»fRÉIãX¡Åõ©ù´ O1 - Hosts: ®_J.$ÈúU0AK ¾‹‚F´†9µK¶£¢U•;”äþéY/Vß²[‘4P”ÈdEb0— O1 - Hosts: žW í¸®€—ð‹(…Ê„.V í9gk O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [MediaPipe] "C:\Program Files\MediaPipe\MediaPipe.exe" /H O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H O4 - HKLM\..\Run: [MediaPipeTrayIcon] "C:\Program Files\MediaPipe\MPTray.exe" /H O4 - HKLM\..\Run: [AltPayments] "C:\Program Files\AltPayments\AltPayments.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: RemindU - file://C:\Program Files\UpromiseRemindU\System\Temp\upromise_script0.htm O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: RemindU - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\UpromiseRemindU\System\Temp\upromise_script0.htm (HKCU) O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/game...ts/y/jt0_x.cab O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/game...ts/y/pt1_x.cab O16 - DPF: {234B7457-1A7E-4268-BA71-9936F0C78BEC} (ContentCleanup3X Control) - http://www.contentwatch.com/cleanup/...anup3Proj1.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.fujifilm.net/add/XUpload.ocx O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe Panda log: Incident Status Location Adware:adware/ipinsight Reported C:\WINDOWS\INF\alchem.inf Adware:adware/gator Reported C:\GatorPatch.log Adware:adware/twain-tech Reported C:\WINDOWS\satmat.ini Adware:adware/shoppingcommunityReported Windows Registry Spyware:Cookie/2o7.net Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@2o7[2].txt Spyware:Cookie/YieldManager Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ad.yieldmanager[2].txt Spyware:Cookie/PointRoll Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ads.pointroll[1].txt Spyware:Cookie/Falkag Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@as-us.falkag[1].txt Spyware:Cookie/Ask Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ask[1].txt Spyware:Cookie/Atlas DMT Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@atdmt[2].txt Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ath.belnk[1].txt Spyware:Cookie/Azjmp Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@azjmp[1].txt Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@belnk[2].txt Spyware:Cookie/BurstNet Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@burstnet[1].txt Spyware:Cookie/Enhance Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.enhance[1].txt Spyware:Cookie/GoClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.goclick[2].txt Spyware:Cookie/Ccbill Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ccbill[1].txt Spyware:Cookie/CentrPort Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@centrport[1].txt Spyware:Cookie/360i Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ct.360i[1].txt Spyware:Cookie/Coremetrics Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@data.coremetrics[1].txt Spyware:Cookie/did-it Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@did-it[1].txt Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@dist.belnk[1].txt Spyware:Cookie/Doubleclick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@doubleclick[1].txt Spyware:Cookie/empnads Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@empnads[2].txt Spyware:Cookie/FastClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@fastclick[1].txt Spyware:Cookie/go Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@go[2].txt Spyware:Cookie/Hitbox Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@hitbox[2].txt Spyware:Cookie/Mediaplex Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@mediaplex[1].txt Spyware:Cookie/Overture Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@perf.overture[1].txt Spyware:Cookie/QuestionMarket Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@questionmarket[1].txt Spyware:Cookie/Rn11 Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@rn11[2].txt Spyware:Cookie/Searchportal Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@searchportal.information[1].txt Spyware:Cookie/Server.iad.LivepersonReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@server.iad.liveperson[2].txt Spyware:Cookie/Serving-sys Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@serving-sys[1].txt Spyware:Cookie/Target Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@target[2].txt Spyware:Cookie/Traffic MarketplaceReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@trafficmp[1].txt Spyware:Cookie/Tribalfusion Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@tribalfusion[1].txt Spyware:Cookie/BurstBeacon Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.burstbeacon[1].txt Spyware:Cookie/web-stat Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.web-stat[2].txt Spyware:Cookie/go Reported C:\Documents and Settings\Jennifer Kegan\Cookies\jennifer kegan@go[1].txt Spyware:Cookie/2o7.net Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@2o7[2].txt Spyware:Cookie/YieldManager Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ad.yieldmanager[2].txt Spyware:Cookie/PointRoll Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ads.pointroll[1].txt Spyware:Cookie/Falkag Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@as-us.falkag[1].txt Spyware:Cookie/Ask Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ask[1].txt Spyware:Cookie/Atlas DMT Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@atdmt[2].txt Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ath.belnk[1].txt Spyware:Cookie/Azjmp Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@azjmp[1].txt Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@belnk[2].txt Spyware:Cookie/BurstNet Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@burstnet[1].txt Spyware:Cookie/Enhance Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.enhance[1].txt Spyware:Cookie/GoClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@c.goclick[2].txt Spyware:Cookie/Ccbill Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ccbill[1].txt Spyware:Cookie/CentrPort Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@centrport[1].txt Spyware:Cookie/360i Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@ct.360i[1].txt Spyware:Cookie/Coremetrics Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@data.coremetrics[1].txt Spyware:Cookie/did-it Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@did-it[1].txt Spyware:Cookie/Belnk Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@dist.belnk[1].txt Spyware:Cookie/Doubleclick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@doubleclick[1].txt Spyware:Cookie/empnads Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@empnads[2].txt Spyware:Cookie/FastClick Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@fastclick[1].txt Spyware:Cookie/go Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@go[2].txt Spyware:Cookie/Hitbox Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@hitbox[2].txt Spyware:Cookie/Mediaplex Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@mediaplex[1].txt Spyware:Cookie/Overture Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@perf.overture[1].txt Spyware:Cookie/QuestionMarket Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@questionmarket[1].txt Spyware:Cookie/Rn11 Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@rn11[2].txt Spyware:Cookie/Searchportal Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@searchportal.information[1].txt Spyware:Cookie/Server.iad.LivepersonReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@server.iad.liveperson[2].txt Spyware:Cookie/Serving-sys Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@serving-sys[1].txt Spyware:Cookie/Target Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@target[2].txt Spyware:Cookie/Traffic MarketplaceReported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@trafficmp[1].txt Spyware:Cookie/Tribalfusion Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@tribalfusion[1].txt Spyware:Cookie/BurstBeacon Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.burstbeacon[1].txt Spyware:Cookie/web-stat Reported C:\Documents and Settings\Ken Kegan\Cookies\ken kegan@www.web-stat[2].txt Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\a.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\b.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ba.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bb.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bc.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bd.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\be.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bf.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bg.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bh.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bi.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bj.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bk.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bl.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bm.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bn.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bo.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\bp.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bq.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\br.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bs.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bt.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bu.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bv.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bw.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bx.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\by.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\bz.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\c.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ca.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cb.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cc.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cd.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\ce.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cf.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cg.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ch.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ci.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cj.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ck.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cl.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cm.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cn.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\co.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cp.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\cq.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\cr.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cs.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\ct.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cu.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cv.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\cx.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\cz.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\d.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\da.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\db.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dc.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dd.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\de.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\df.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\di.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dl.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dn.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dp.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dr.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ds.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dt.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\du.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dv.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\dw.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dy.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\dz.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\ed.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\f.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\h.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\i.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\j.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\l.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\m.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\Main.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\n.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\p.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\q.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\r.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\s.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\t.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\u.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\w.class Adware:Adware/TopMoxie Reported C:\Program Files\UpromiseRemindU\System\Code\x.class Adware:Adware/MoeMoney Reported C:\Program Files\UpromiseRemindU\System\Code\y.class Adware:Adware/ShoppingCommunityReported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq109.tmp Adware:Adware/ShoppingCommunityReported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq10A.tmp Spyware:Cookie/DomainSponsor Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1D.tmp Spyware:Cookie/RealMedia Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq28.tmp Spyware:Cookie/Zedo Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq32.tmp Spyware:Spyware/BetterInet Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq42.tmp Spyware:Cookie/RealMedia Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4A.tmp Adware:Adware/MSView Reported C:\Program Files\Yahoo!\YPSR\Quarantine\ppqFF.tmp Adware:Adware/IPInsight Reported C:\WINDOWS\INF\alchem.inf Adware:Adware/Transponder Reported C:\WINDOWS\INF\polall1r.inf Spyware:Spyware/BetterInet Reported C:\WINDOWS\INF\satmat.inf Adware:Adware/IPInsight Reported C:\WINDOWS\satmat.ini Adware:Adware/WurldMedia Reported C:\WINDOWS\SYSTEM32\winbpupd.exe Last edited by sUBs; 10-22-2005 at 06:52 PM.*