NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY
 
 
 
 
 
 
  
Register   FAQ   Login  

Can I see your health card??





AddThis Social Bookmark Button AddThis Feed Button

       2-spyware forum index -> HijackThis log analysis
Author Message
sdme



Joined: 08 Mar 2006
Posts: 2
Post Post subject: Can I see your health card?? Reply with quote
Following is a HijackThis log. Can you look it over and give me the low down on my system?!?!


Thanks


Logfile of HijackThis v1.99.1
Scan saved at 5:30:08 PM, on 3/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\System32\RenumNNT.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\Logi_MwX.Exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\2Wire\2PORTA~1.EXE
C:\WINDOWS\System32\p0850b9v.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\MediaPipe\MPTray.exe
C:\Program Files\AltPayments\AltPayments.exe
C:\Program Files\ItBill\itbill.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\MediaPipe\DownloadManager.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Greetings Workshop\GWREMIND.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by SBC Yahoo! DSL
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000000-0000-47ED-9A0A-D0ED5A758842} - C:\Program Files\g559asbj\g559asbj.dll
O2 - BHO: IncrediFindBHO Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: (no name) - {01531E03-B224-4FD6-9308-812526C3440D} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {05E880EB-1080-4C14-A8FD-14D0511894BC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0CA0151E-4A46-47F9-BCA1-278056B939A7} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {12D8D939-ED2F-430E-B849-6CA9A70097F3} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {17349C87-EC2A-453C-AD2E-95C6BC330524} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {183113E5-ED40-4084-8664-A4AB6360397E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {1A737D62-3216-458D-A94F-A087D98C233B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {39C0936A-15AE-4942-BD74-8328C81857B1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3B5C6030-39AB-4F3F-89D4-6065DB5D4243} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3DB199EF-3018-434D-BD94-36E68951D465} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3F5BEC98-C89A-44CD-8A94-E90BC47F32C1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4E3F8747-D82C-4AFB-A1D9-76BEF909802E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4F1F4543-27C2-43DF-B88D-C48794B53920} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: (no name) - {5FDA2407-5186-41B6-B1B9-46645C75E40A} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\common\YIeTagBm.dll
O2 - BHO: (no name) - {672F14CC-46E1-4297-81B4-4A68CD8B8125} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {69A67ABC-E0A8-4FA1-B331-BE0DD5F7B862} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {77387075-3251-455F-8981-F5652A51A549} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7DE4889C-DF98-42D6-9588-887CF31A237C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7F000DD4-9914-4E66-BD67-29562AC96D82} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {8428ACBA-C422-4586-8262-482F3B80EE2F} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {89E0C0AA-2129-4D84-AE68-9F01B95ABB3C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {8BBBE1F7-FCDF-406E-922C-A43C757E05D4} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B81F46B4-7779-4EA3-9BD6-C800E19AAED1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {CC67C2D6-8B94-4DDE-BAC0-EDC25D52AEB6} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {CF7013E3-14CF-42C9-8B9A-781C8AEDBD42} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: (no name) - {F2DC2CE0-2D27-4AE7-BEBD-5F5708DB3140} - C:\Program Files\CSBB\CSBB.dll (file missing)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [USB Renumeration Utility] C:\WINDOWS\System32\RenumNNT.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [2wSysTray] C:\PROGRA~1\2Wire\2PORTA~1.EXE
O4 - HKLM\..\Run: [p0850b9v] C:\WINDOWS\System32\p0850b9v.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [MediaPipe] "C:\Program Files\MediaPipe\MediaPipe.exe" /H
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [MediaPipeTrayIcon] "C:\Program Files\MediaPipe\MPTray.exe" /H
O4 - HKLM\..\Run: [AltPayments] "C:\Program Files\AltPayments\AltPayments.exe"
O4 - HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program Files\Greetings Workshop\GWREMIND.EXE
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Push Client.LNK = C:\Interwise\Student\pull.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omaha/omaha-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.4.1.46/backgammon/backgammon-ob-assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.1.53/blackjack/blackjack-ob-assets.cab
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.4.1.46/canasta/canasta-ob-assets.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.1.46/checkers2/checkers-ob-assets.cab
O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.5.0.45/chess2/chess2-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.4.4.34/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.4.1.46/domino/domino-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.4.1.46/superbingo/superbingo-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.5.0.45/greenback/greenback-ob-assets.cab
O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.4.2.23/harvest/harvest-ob-assets.cab
O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.4.1.53/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.5.3.44/drawpoker/drawpoker-en_US.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.1.53/pool2/pool-ob-assets.cab
O16 - DPF: Its Outta Here 2 by pogo - http://game1.pogo.com/applet-6.4.1.53/itsoutofhere/itsoutofhere-ob-assets.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.4.1.46/jigsaw/jigsaw-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.5.1.24/gin/gin-en_US.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.4.1.46/lottso/lottso-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.3.36/mahjong/mahjong-ob-assets.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.4.3.28/mlslots/mlslots-ob-assets.cab
O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.4.34/paigow/paigow-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.4.1.46/freecell/freecell-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.5.0.45/flinger/flinger-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.4.2.30/pinochle/pinochle-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.1.46/popfu/popfu-ob-assets.cab
O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.4.2.30/poppazoppa/poppazoppa-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.4.4.34/poppit2/poppit2-ob-assets.cab
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.5.0.45/hotstreak/hotstreak-ob-assets.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.1.53/squares/squares-ob-assets.cab
O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.4.3.36/ride/ride-ob-assets.cab
O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.5.0.45/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.4.3.36/squelchies/squelchies-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.5.1.24/stax/stax-en_US.cab
O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.4.3.28/sweeper/sweeper-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.5.3.44/holdem/holdem-en_US.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.4.3.28/peaks/peaks-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.4.4.34/videopoker2/videopoker-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.4.4.34/wordwhomp2/whomp2-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.4.4.34/whackdown/whackdown-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.1.53/wordjong/wordjong-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.2.23/worldclass/worldclass-ob-assets.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c266.cab
O20 - AppInit_DLLs: mad.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
Wed Mar 08, 2006 1:32 am
Back to top
sdme View user's profile Send private message
 
GTO



Joined: 15 Nov 2005
Posts: 1519
Post Post subject: Reply with quote
Hi, sdme. Welcome to 2-Spyware.com forums!

Your system is infected with numerous adware threats and a few malicious parasites. Please follow these steps in order to eliminate the infection:

1. Download the Pocket KillBox utility.

2. Open the Control Panel and launch the tool Add or Remove Programs. Find the following applications in the list of installed software and uninstall them:
MediaPipe
AltPayments
ItBill
P2P

If you cannot find any of them, use HijackThis to fix the following entries:
O4 - HKLM\..\Run: [MediaPipe] "C:\Program Files\MediaPipe\MediaPipe.exe" /H
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [MediaPipeTrayIcon] "C:\Program Files\MediaPipe\MPTray.exe" /H
O4 - HKLM\..\Run: [AltPayments] "C:\Program Files\AltPayments\AltPayments.exe"
O4 - HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"

3. Use HijackThis to fix the remaining entries:
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000000-0000-47ED-9A0A-D0ED5A758842} - C:\Program Files\g559asbj\g559asbj.dll
O2 - BHO: IncrediFindBHO Class - {0026AD90-C86F-4269-97F3-DAB4897C6D06} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: (no name) - {01531E03-B224-4FD6-9308-812526C3440D} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {05E880EB-1080-4C14-A8FD-14D0511894BC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {0CA0151E-4A46-47F9-BCA1-278056B939A7} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {12D8D939-ED2F-430E-B849-6CA9A70097F3} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {17349C87-EC2A-453C-AD2E-95C6BC330524} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {183113E5-ED40-4084-8664-A4AB6360397E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {1A737D62-3216-458D-A94F-A087D98C233B} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {39C0936A-15AE-4942-BD74-8328C81857B1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3B5C6030-39AB-4F3F-89D4-6065DB5D4243} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3DB199EF-3018-434D-BD94-36E68951D465} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3F5BEC98-C89A-44CD-8A94-E90BC47F32C1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4E3F8747-D82C-4AFB-A1D9-76BEF909802E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4F1F4543-27C2-43DF-B88D-C48794B53920} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {5FDA2407-5186-41B6-B1B9-46645C75E40A} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {672F14CC-46E1-4297-81B4-4A68CD8B8125} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {69A67ABC-E0A8-4FA1-B331-BE0DD5F7B862} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {77387075-3251-455F-8981-F5652A51A549} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7DE4889C-DF98-42D6-9588-887CF31A237C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7F000DD4-9914-4E66-BD67-29562AC96D82} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {8428ACBA-C422-4586-8262-482F3B80EE2F} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {89E0C0AA-2129-4D84-AE68-9F01B95ABB3C} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {8BBBE1F7-FCDF-406E-922C-A43C757E05D4} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B81F46B4-7779-4EA3-9BD6-C800E19AAED1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {CC67C2D6-8B94-4DDE-BAC0-EDC25D52AEB6} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {CF7013E3-14CF-42C9-8B9A-781C8AEDBD42} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {F2DC2CE0-2D27-4AE7-BEBD-5F5708DB3140} - C:\Program Files\CSBB\CSBB.dll (file missing)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)
O4 - HKLM\..\Run: [p0850b9v] C:\WINDOWS\System32\p0850b9v.exe
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c266.cab

4. Now restart your system in Safe Mode. This step is very important!

5. Use Pocket KillBox to delete the following files:
C:\Program Files\g559asbj\g559asbj.dll
C:\WINDOWS\System32\p0850b9v.exe

Also delete the following folders:
C:\Program Files\MediaPipe
C:\Program Files\AltPayments
C:\Program Files\ItBill
C:\Program Files\p2pnetworks
C:\Program Files\CSBB
C:\PROGRAM FILES\INCREDIFIND

6. After you get done, restart your computer, run a new HijackThis scan and post a fresh log here.
Wed Mar 08, 2006 2:56 pm
Back to top
GTO View user's profile Send private message
 
sdme



Joined: 08 Mar 2006
Posts: 2
Post Post subject: Reply with quote
here is my latest log... Do I get a clean bill of health?!?!


Logfile of HijackThis v1.99.1
Scan saved at 8:55:31 PM, on 3/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\System32\RenumNNT.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\Logi_MwX.Exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\2Wire\2PORTA~1.EXE
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Greetings Workshop\GWREMIND.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Temporary Directory 3 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dsl.sbc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by SBC Yahoo! DSL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\common\YIeTagBm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [USB Renumeration Utility] C:\WINDOWS\System32\RenumNNT.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [2wSysTray] C:\PROGRA~1\2Wire\2PORTA~1.EXE
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program Files\Greetings Workshop\GWREMIND.EXE
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Push Client.LNK = C:\Interwise\Student\pull.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omaha/omaha-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.4.1.46/backgammon/backgammon-ob-assets.cab
O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.1.53/blackjack/blackjack-ob-assets.cab
O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.5.4.27/canasta/canasta-en_US.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.1.46/checkers2/checkers-ob-assets.cab
O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.5.0.45/chess2/chess2-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.4.4.34/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.4.1.46/domino/domino-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.4.1.46/superbingo/superbingo-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.5.0.45/greenback/greenback-ob-assets.cab
O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.4.2.23/harvest/harvest-ob-assets.cab
O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.4.1.53/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.5.3.44/drawpoker/drawpoker-en_US.cab
O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.4.1.53/pool2/pool-ob-assets.cab
O16 - DPF: Its Outta Here 2 by pogo - http://game1.pogo.com/applet-6.4.1.53/itsoutofhere/itsoutofhere-ob-assets.cab
O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.4.1.46/jigsaw/jigsaw-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.5.1.24/gin/gin-en_US.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.4.1.46/lottso/lottso-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.3.36/mahjong/mahjong-ob-assets.cab
O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.4.3.28/mlslots/mlslots-ob-assets.cab
O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.4.4.34/paigow/paigow-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.4.1.46/freecell/freecell-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.5.0.45/flinger/flinger-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.4.2.30/pinochle/pinochle-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.1.46/popfu/popfu-ob-assets.cab
O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.4.2.30/poppazoppa/poppazoppa-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.4.4.34/poppit2/poppit2-ob-assets.cab
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.5.0.45/hotstreak/hotstreak-ob-assets.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.1.53/squares/squares-ob-assets.cab
O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.5.4.27/ride/ride-en_US.cab
O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.5.0.45/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.4.3.36/squelchies/squelchies-ob-assets.cab
O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.5.1.24/stax/stax-en_US.cab
O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.4.3.28/sweeper/sweeper-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.5.3.44/holdem/holdem-en_US.cab
O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.4.3.28/peaks/peaks-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.4.4.34/videopoker2/videopoker-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.4.4.34/wordwhomp2/whomp2-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.4.4.34/whackdown/whackdown-ob-assets.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.1.53/wordjong/wordjong-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.2.23/worldclass/worldclass-ob-assets.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab
O20 - AppInit_DLLs: mad.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
Fri Mar 10, 2006 5:05 am
Back to top
sdme View user's profile Send private message
 
GTO



Joined: 15 Nov 2005
Posts: 1519
Post Post subject: Reply with quote
Well, not yet. But you will get a clean bill soon Wink. Just do this:

1. Use HijackThis to fix the following entry:
O20 - AppInit_DLLs: mad.dll

2. Then use Pocket KillBox to delete the following file:
C:\WINDOWS\System32\mad.dll

Everything else in your log looks clean.
Fri Mar 10, 2006 3:33 pm
Back to top
GTO View user's profile Send private message
 
tschrock



Joined: 29 Jun 2006
Posts: 2
Post Post subject: Remove MoviePass! Reply with quote
I was researching the latest variant to remove MoviePass for one of my customers. I went to their website and read the terms of service (I had looked at them a few months ago) and they changed! They took down their toll-free number and created a subscription cancellation page.

They didn't even make it a link, so you have to copy and paste it into your browser window. Then if you have a clean system it tells you access is denied, and asks you to reinstall MoviePass!

If you have an infected system, it lets you in.

Whatever you do, do not reinstall MoviePass. You don't have to pay these people a dime. http://www.schrockinnovations.com/removemoviepass.php Remove Moviepass and then report these jerks to the FTC!!! This is such a SCAM!
_________________
Thor Schrock
http://www.thorschrock.com
Thu Jun 29, 2006 3:36 am
Back to top
tschrock View user's profile Send private message
 
       2-spyware forum index -> HijackThis log analysis All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




Recommended software:
Spyware Doctor
(91/100)
Spyware Doctor is a very powerful, but yet highly user-friendly spyware remover, made by PC Tools, reputable computer security experts. This product provides effective and easy-to-manage...
SUPERAntiSpyware
(89/100)
SUPERAntiSpyware is a powerful, highly effective spyware remover introducing advanced parasite detection and removal features along with reliable real-time protection. The program is not...
CounterSpy
(85/100)
CounterSpy is a powerful spyware remover based on revolutionary hybrid engine, which incorporates traditional anti-spyware and advanced antivirus engines. Such combination allows CounterSpy...
Malwarebytes Anti Malware
(75/100)
There are loads of malware removers on the net today and most of them are lightweight applications, which usually means they’re fast and don’t have many features. One such...
Windows Defender
(75/100)
Windows Defender is a free anti-spyware program made by the leading software company to add native spyware protection to its most popular product - the Microsoft Windows operating...
Encyclopedia of parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2007 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions. Forum powered by phpBB