Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop Ups Web Pages Are Turning Off When I Look At Them


  • Please log in to reply
3 replies to this topic

#1 bjtref

bjtref

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 04 April 2007 - 01:20 PM

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2:16:26 PM, on 4/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\billy teter\My Documents\My Music\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.27:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = www.direcwaysupport.com;192.168.0.*
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4698139E-0C33-45C4-9F29-21E47C641565} - C:\WINDOWS\system32\mljgg.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\uctfoghk.dll (file missing)
O2 - BHO: (no name) - {733FD72F-103E-4B9E-BCB9-A76064AF3C72} - C:\WINDOWS\SYSTEM32\qommmnk.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ElnkProtectionBHO Class - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink\Toolbar\ProtctIE.dll (file missing)
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKLM\..\Run: [SystemGuardAlerter] "C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\sxlrtrxx.dll",setvm
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02995C52-A0DF-532F-A62C-492C34892B68} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {0533489B-F2F6-263E-6C84-4E3E37C0BD61} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {097AC3BC-07F0-238B-60EE-46C145445C76} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {0BEDC1E6-0168-78F1-EC8D-31555A22B8C9} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {11A02365-2859-4598-A9D5-4FDE99D67723} (PQIEBrowserConnector Class) - http://www.pqprintcenter.com/plugin/axvers...ntquick1611.cab
O16 - DPF: {14A95DFC-E55D-25AB-EBEE-496E7F2F3F84} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {1BD8C65C-7091-179C-F9D0-1BD948C541C9} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {223A8D1B-1987-0BDC-7414-3D4756C009A5} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {27E4D1C3-0A49-25A6-756A-48534A1C76E9} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {29BEAF8D-0DD8-5062-0A0B-250F3B884530} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {2E3C034B-42B4-4A6F-D882-0FBB6C6F020D} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab
O16 - DPF: {402633AB-B65B-21C0-42B3-249B4D0C3242} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {44258E92-C0FE-0C85-B5E2-3C1A42488E7F} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {48C8098B-8777-306A-19D9-075E6CC36B79} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {49665FBC-FD59-4E85-AC17-09AB03E64377} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-36.cab
O16 - DPF: {4D507A9D-C089-60AA-0D6A-462E08F7B98F} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54F75C3C-74B3-70F3-1597-67232EDDEAB4} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {5FA23F12-4BBA-107E-E1D2-3F6A6FBF81A4} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134613804975
O16 - DPF: {6518ADC7-CB05-0165-27BD-3ADD4A8C34A4} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6D59CF49-D0A5-01E3-CBF4-079972343F9A} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6E4C7841-6929-0CD6-94D1-4954178D421B} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6E4DCC12-153A-29B6-CE34-4657141CDC09} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {700BA93D-296C-1904-E0CB-3C7F4E3791A1} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {70910ED3-2263-5C47-947E-5B8D196DE1A3} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {72469F0E-06B9-2AAC-5CD6-416949E5652D} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://surf.direcway.com/dwayready/dpcsysinfo.cab
O16 - DPF: {76E5238A-6227-672D-7F83-47214090EF22} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {7BC806E3-74FF-7D27-1DA8-6E237A2C4767} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab
O20 - Winlogon Notify: mljgg - C:\WINDOWS\system32\mljgg.dll
O20 - Winlogon Notify: qommmnk - C:\WINDOWS\SYSTEM32\qommmnk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://images.starpulse.com/Photos/pv/Jeff%20Gordon-2.JPG

--
End of file - 8237 bytes

BC AdBot (Login to Remove)

 


#2 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:55 PM

Posted 05 April 2007 - 04:31 PM

Please download VundoFix.exe
to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above
instructions starting from "Click the Scan for Vundo button." when
VundoFix appears at reboot.
Greets Jürgenv

Donation: Click me.

#3 bjtref

bjtref
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 06 April 2007 - 08:51 AM

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 9:32:26 AM, on 4/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\billy teter\My Documents\My Music\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.27:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = www.direcwaysupport.com;192.168.0.*
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\uctfoghk.dll (file missing)
O2 - BHO: (no name) - {733FD72F-103E-4B9E-BCB9-A76064AF3C72} - C:\WINDOWS\SYSTEM32\qommmnk.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {8191A897-B11F-4179-B149-FE0E91C11791} - C:\WINDOWS\system32\mljgg.dll (file missing)
O2 - BHO: ElnkProtectionBHO Class - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink\Toolbar\ProtctIE.dll (file missing)
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCTAVApp] "C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN
O4 - HKLM\..\Run: [SystemGuardAlerter] "C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\sxlrtrxx.dll",setvm
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic Professional 6\PopupBlocker.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02995C52-A0DF-532F-A62C-492C34892B68} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {0533489B-F2F6-263E-6C84-4E3E37C0BD61} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {097AC3BC-07F0-238B-60EE-46C145445C76} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {0BEDC1E6-0168-78F1-EC8D-31555A22B8C9} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {11A02365-2859-4598-A9D5-4FDE99D67723} (PQIEBrowserConnector Class) - http://www.pqprintcenter.com/plugin/axvers...ntquick1611.cab
O16 - DPF: {14A95DFC-E55D-25AB-EBEE-496E7F2F3F84} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {1BD8C65C-7091-179C-F9D0-1BD948C541C9} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {223A8D1B-1987-0BDC-7414-3D4756C009A5} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {27E4D1C3-0A49-25A6-756A-48534A1C76E9} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {29BEAF8D-0DD8-5062-0A0B-250F3B884530} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {2E3C034B-42B4-4A6F-D882-0FBB6C6F020D} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab
O16 - DPF: {402633AB-B65B-21C0-42B3-249B4D0C3242} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {44258E92-C0FE-0C85-B5E2-3C1A42488E7F} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {48C8098B-8777-306A-19D9-075E6CC36B79} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {49665FBC-FD59-4E85-AC17-09AB03E64377} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-36.cab
O16 - DPF: {4D507A9D-C089-60AA-0D6A-462E08F7B98F} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54F75C3C-74B3-70F3-1597-67232EDDEAB4} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {5FA23F12-4BBA-107E-E1D2-3F6A6FBF81A4} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134613804975
O16 - DPF: {6518ADC7-CB05-0165-27BD-3ADD4A8C34A4} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6D59CF49-D0A5-01E3-CBF4-079972343F9A} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6E4C7841-6929-0CD6-94D1-4954178D421B} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {6E4DCC12-153A-29B6-CE34-4657141CDC09} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {700BA93D-296C-1904-E0CB-3C7F4E3791A1} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {70910ED3-2263-5C47-947E-5B8D196DE1A3} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {72469F0E-06B9-2AAC-5CD6-416949E5652D} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://surf.direcway.com/dwayready/dpcsysinfo.cab
O16 - DPF: {76E5238A-6227-672D-7F83-47214090EF22} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {7BC806E3-74FF-7D27-1DA8-6E237A2C4767} - http://85.255.113.214/1/gdnUS2218.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab
O20 - Winlogon Notify: qommmnk - C:\WINDOWS\SYSTEM32\qommmnk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O24 - Desktop Component 0: (no name) - http://images.starpulse.com/Photos/pv/Jeff%20Gordon-2.JPG

--
End of file - 8841 bytes



when I did the vundo scan and checked fix button my computer shut off and there was no log file

Edited by bjtref, 06 April 2007 - 08:56 AM.


#4 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:55 PM

Posted 06 April 2007 - 08:53 AM

And the report of vundofix?
Greets Jürgenv

Donation: Click me.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users