Can't Remove Trojan.Vundo
Nov 2, 2007
I get this trojan today and i never get viruses usually but this one reaqlly is annoying!
Ive looked at all the other posts and ive tried using the vundo fix tool etc but it does not pick it up at all. Ive tried doing it in safe mode and ive tried unistalling java to see if it was involved with that but nothing has worked so far.
I have located the file in my system32 folder and its named xxyywtq.dll but theres no way it will let me delete it as it says it is being used by another program or person.
View 1 Replies
ADVERTISEMENT
Jan 22, 2006
I've got the trojan.vundo virus. I have installed and run the vundo removal tool, and it shows me that it is gone-but when I restart my computer, Norton anti-virus finds it again (and again...and again).
View 14 Replies
View Related
Oct 17, 2005
I've been getting this winfixer 2005 pop up window everytime i open my pc. what i normally do is just close it. i've learned that it's something to do with the trojan.vundo.b virus. i searched the net for removal tools and downloaded one from norton but it didnt help.Now, i've been receiving virus alerts from norton.
View 14 Replies
View Related
Dec 10, 2005
We network our computers and I had alot of adware and a trojan virus on mine so I do believe she has the same. I ran a NIS scan and found a vundo trojan on this computer (hers). Had to download the tool to remove it and it appears it was successful. But the computer is still so slow and having some internet explorer errors.
View 14 Replies
View Related
Apr 15, 2007
I had this Trojan vundo virus about a month ago and you helped me remove it. My computer was running fine until all of the same things started happening again. Im pretty sure i still have the virus b/c my computer is running very slow and just plain bad. I ran VundoFix.exe (it found like 10 things), clicked remove vundo, and rebooted. I ran HijackThis and here is this log file.what i need to delete? ....
View 14 Replies
View Related
Oct 9, 2005
I'm running into a High Risk virus alert with Trojan.Vundo The object name is C:WINDOWSsystem32mljgd.dll --i've tried deleting it in safe mode through regedit but it always comes back up after i refresh.
View 3 Replies
View Related
Feb 11, 2005
I have of lot of trojans and can't seem to get rid of them I have ran Spy Bot,Avast,Ad-Aware,Stop Sign and found a 1 Trojan in reg32.exe =trojan.low zones
2 downloaded program files says: Trojan.downloader1097 3 System 32 sygate = Win32.HLLW.MyBot.based 4 Avenue Media Internet Optimizer Software Package = Possible spyware Application 5 Appropos Media People On Page Application = Possible Spyware
View 1 Replies
View Related
Apr 1, 2006
I have windows xp, i have avg antivirus and have run the tests in pc pitstop and done a regular search thru windows for the Trojan-Dropper.VBS.Inor.cz but can't locate it on my pc. My IE browser freezes everytime i go to a particular site and yet when i ask if anyone else has trouble with that site only a very few people say yes. The solution they give me is to download Mozilla and use it for that site. That doesn't protect me from the trojan completely infecting me does it? Can anyone tell me how to delete this trojan?
View 14 Replies
View Related
Jan 20, 2006
found some trojans with mcafee.. not that experienced to remove them yet. so here s my hijack this log,
View 7 Replies
View Related
Sep 17, 2005
Does anybody know how to remove the trojan, requiembot? Norton does not even know what it is let alone provide a removal tool, unless of course, they know it by another name.
View 8 Replies
View Related
Oct 1, 2009
This trojan virus slipped pass McAfee antivirus which still doesn't detect it. Also, each time I start my computer, Windows Defender (which is also installed) detects it, and even thogh I click on "Remove All", it still keeps popping up and is not removed. How do I get rid of this beast?
View 1 Replies
View Related
Sep 12, 2006
I just received a message from Norton Anti-Virus that I have a Trojan Horse virus in my command.exe file and it (Norton) can not remove it.
View 5 Replies
View Related
Jul 3, 2005
scanned and got trojan horse.... its says c/windows/system32/mqmapjk.exe. it wont let me quarantine or delete. How do i get rid of this
View 2 Replies
View Related
Sep 3, 2005
I have XP professional and I have a virus called Trojan House 16.AG. Can anyone help me to remove or fix this virus.
View 8 Replies
View Related
Oct 3, 2006
Ok so apparently someone hijacked a trusted freinds instant messenger screen name sent me an link in the IM window I clicked on it thinking it was my freind and AVG pops up and says a virus was found. So I quarantined it and though I was safe. When I restarted my computer I keep getting AVG poping up telling me the same viurus has been detected and then a website tries to automatically open in IE.
View 3 Replies
View Related
Sep 19, 2007
how to remove this trojan from the file? Submitted to McAfee and they said this is hueristic and may be a false positive but they are annallizing and will get back to me. I thought I could get support from this forum about this and other?
View 5 Replies
View Related
Dec 17, 2004
trojan horse Downloader .Agent.5.P - is found in C:WINDOWSsystem32calsp.dll
AVG can't remove it
View 10 Replies
View Related
Apr 12, 2006
i have in the windows task manager in the process tab runing system.exe according to processlibrary.com this is a trojan.mitglieder.b and i tried to end the process from the task manager it will start counting and shut down my pc. how can i remove this trojan.?
View 2 Replies
View Related
Sep 3, 2005
I am running XP professional and have a virus called trojan horse 16.AG it is located in my systemvolumeinformationrestore file and I can't find this file or cannot remove (Fix) this virus.
View 1 Replies
View Related
Aug 11, 2006
Trying to remove the above with F-secure anti virus 2006, ewido v4 and spydoctor without sucess, although F-secure generates 'popup' with Malware detected warning, but message says action failed.
View 2 Replies
View Related
May 15, 2006
a Trojan Horse called Spy Falcon on my machine. I have all the required stuff since it's a new machine, and now I can't get it off. If you could suggest a free download site to remove this, and if not, could you recommend a site that is pretty inexpensive
View 7 Replies
View Related
Jul 9, 2005
I inadvertently downloaded spyware about a month ago and since then my computer's system has been slowly deteriorating. I downloaded lavasoft and adaware but they did absolutely nothing to remove problems.Recently my entire computer's screen is blue and says "A fatal error has occurred...error caused by Trojan-Spy.html.smitfraud.c" I'm afraid to use the internet on that computer.
View 5 Replies
View Related
Jan 20, 2008
I have this software called SWF Sound Automation Tool, whenever I uses windows movie maker when I click on audio file, something pops up saying windows want to configure swf sound automation tool, and then it pops up some kind of error saying cannot write value to key etc, and I need to do cancel on the pop up and sometimes it hangs. Then my norton protection will pop up saying it blocks a trojan horse.
I tried to delete the software from control panel-remove software it doesn't work, then I do regedit and delete the entry in the uninstall area, however the control panel area still shows this software but it does not give remove button there anymore. However the problem still exists and hangs my movie maker! And I have no where to delete anything anymore, why this stupid software never goes away!
View 3 Replies
View Related
Mar 5, 2010
i was looking for an alternative to the google desktop's sidebar when i came across this "ricks sidebar" from this rickentendo dude on wincert.com.I downloaded it and it worked fine untill i tried setting up the weather gadget then i got a popup from threatfire telling me it just quarantined the sidebar.exe which supposedly was infected with a "trojan.win32.packed",so i checked out the details and it showed "registry value delete disallowed" under the quarantined win32 trojan.
View 12 Replies
View Related
Jul 27, 2005
My norton Antivirus detected ( after updating the definitions )Backdoor.Trojan having the object name c: WINDOWSSystem32scrsvc.exe I would like to know about its removal tool as Norton couldnot repair it .If deleting this file can get rid of this virus ?
View 2 Replies
View Related
Jul 31, 2010
Does any computer wiz out there know of an anti-virus site that will remove the rojan horse virus free? I know that all downloads are free,but once they find all the infected files,they won't remove them with out u paying for them
View 9 Replies
View Related
Aug 14, 2007
i used a vundo fix and got rid of all of the vundo viruses but two would not go away.
i got error message : Error: 75. Path/File access error
The two files were :
c:WINDOWSsystem32jkkjk.dll
c:WINDOWSsystem32\kjkkj.ini
why these two vundos won't go away? They won't clean from my antivirus or quarantine either.They keep popping up in my system notifying me that they are there.
View 10 Replies
View Related
Oct 15, 2005
A message from Norton that says I have a Trogan Vundo on my computer.When I use the Norton removal tool it does not find the virus.When I use the Norton scan it does.
View 3 Replies
View Related
May 10, 2007
Infected by the vundo/virtumonde virus
I have ran scans of spysweeper and max registry cleaner, and from what i understand the actual malware is gone. the problems is i have no icons/taskbar. ive tried running explorer.exe through the task manager, which gets the taskbar to flash fora couple seconds, but it disappears shortly after. ive tried running taskbar repair tool plus, but that doesnt help me much.
Here is it
Logfile of HijackThis v1.99.1
Scan saved at 4:10:39 PM, on 5/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesMicrosoft Windows OneCare LiveAntivirusMsMpEng.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:PROGRA~1COMMON~1AOLACSacsd.exe
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesUPHCleanuphclean.exe
C:WINDOWSwanmpsvc.exe
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesSkyhook WirelessWi-Fi ServiceWPSScannerSvc.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesMicrosoft Windows OneCare LiveFirewallmsfwsvc.exe
C:Program FilesMicrosoft Windows OneCare Livewinss.exe
C:Program FilesMicrosoft Windows OneCare Livewinssnotify.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:WINDOWSsystem32DllHost.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesHijackThisHijackThis.exe
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.emachines.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O4 - HKLM..Run: [SunKistEM] "C:Program FileseMachines Bay Readershwiconem.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_03�injusched.exe"
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] c:PROGRA~1mcafee.comagentMcUpdate.exe
O4 - HKLM..Run: [MSKAGENTEXE] C:PROGRA~1McAfeeSPAMKI~1MSKAgent.exe
O4 - HKLM..Run: [IPHSend] "C:Program FilesCommon FilesAOLIPHSendIPHSend.exe"
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe" /checktask
O4 - HKLM..Run: [VirusScan Online] "C:Program FilesMcAfee.comVSOmcvsshld.exe"
O4 - HKLM..Run: [OASClnt] "C:Program FilesMcAfee.comVSOoasclnt.exe"
O4 - HKLM..Run: [OneCareUI] "C:Program FilesMicrosoft Windows OneCare Livewinssnotify.exe"
O4 - HKLM..Run: [RCSystemTray] "C:Program FilesMax Registry CleanerMaxRCSystemTray.exe"
O4 - HKLM..Run: [SNM] "C:Program FilesSpyNoMoreSNM.exe" /startup
O4 - HKLM..Run: [KernelFaultCheck] C:WINDOWSsystem32dumprep 0 -k
O4 - HKLM..Run: [RCAutoLiveUpdate] "C:Program FilesMax Registry CleanerMaxLiveUpdateRC.exe" -AUTO
O4 - HKLM..Run: [SpySweeper] "C:Program FilesWebrootSpy SweeperSpySweeperUI.exe" /startintray
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2�in
pjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2�in
pjpi142.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:WINDOWSSystem32shdocvw.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - C:WINDOWSSystem32shdocvw.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:Program FilesICQICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:Program FilesICQICQ.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O15 - Trusted Zone: *.adxgate.net (HKLM)
O15 - Trusted Zone: *.errorprotector.com (HKLM)
O15 - Trusted Zone: *.snipenet.net (HKLM)
O15 - Trusted Zone: *.sxload.net (HKLM)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase8300.cab
O17 - HKLMSystemCCSServicesTcpip..{FB2E15D9-1174-4951-A108-219BE5713585}: NameServer = 71.242.0.12,71.252.0.12
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACSacsd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPod�iniPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:WINDOWSsystem32driversKodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:PROGRA~1McAfeeSPAMKI~1MSKSrvr.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:Program FilesSpyware Doctorsvcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:Program FilesSpyware Doctorswdsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:WINDOWSwanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:Program FilesWebrootSpy SweeperSpySweeper.exe
O23 - Service: WPS Scanner Service (WPSScannerSvc) - Skyhook Wireless - C:Program FilesSkyhook WirelessWi-Fi ServiceWPSScannerSvc.exe
View 2 Replies
View Related
May 18, 2007
I downloaded vundo.exe and ran it . Says Ok
Then I run xsoft and says has vundo . ?
View 1 Replies
View Related
Oct 16, 2008
I have a vundo infection (on it's automatic scans) i ran superantispyware pro and it said clean.
Then i restarted, and it was back.
I ran superantispyware pro again, along with cwshredder, spybot, spyware blaster, and prevx. the infection seemed to be gone, but then the next day trendmicro alerted me that it was in my system restore. so i turned off system restore, restarted, re-enabled system restore and made a restore point.
The infection isn't gone.
Hijack log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:58:03, on 16/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device Support�inAppleMobileDeviceService.exe
C:WINDOWSsystem32CTsvcCDA.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:OfficeScan NT
trtscan.exe
c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32SearchIndexer.exe
C:Program Files�oneTick imesync.exe
C:Program FilesCanonCALCALMAIN.exe
C:Program FilesHewlett-PackardSharedhpqwmiex.exe
C:WINDOWSsystem32mqsvc.exe
C:OfficeScan NT mlisten.exe
C:WINDOWSsystem32mqtgsvc.exe
C:WINDOWSTEMP�HF45E.EXE
C:WINDOWSsystem32dllhost.exe
C:OfficeScan NTCNTAoSMgr.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSehomeehtray.exe
C:Program FileshpqHP Wireless AssistantHP Wireless Assistant.exe
C:Program FilesJavajre1.6.0_07�injusched.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSeHomeehmsas.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesHPQuickPlayQPService.exe
C:Program FilesHpHP Software UpdateHPWuSchd2.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:Program FilesBabylonBabylon-ProBabylon.exe
C:Program FilesCreativeCreative ZEN�EN Media ExplorerCTCheck.exe
C:GeniusioCentregTaskBar.exe
C:OfficeScan NTpccntmon.exe
C:GeniusioCentregMouseTask.exe
C:GeniusioCentregKbdTask.exe
C:GeniusioCentregAutoPan.exe
C:GeniusioCentregAutoScroll.exe
C:GeniusioCentregZoom.exe
C:GeniusioCentregMGlass.exe
C:GeniusioCentregIMMgm.exe
C:GeniusioCentregDeskMgm.exe
C:Program FilesRainlendar2Rainlendar2.exe
C:GeniusioCentregTaskSwitch.exe
C:Program FilesATnotesATnotes.exe
C:Program Files�oneTickzonetick.exe
C:Documents and SettingscalindraLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesWindows Desktop SearchWindowsSearch.exe
C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
c:program filescommon filesinstallshieldupdateserviceisuspm.exe
C:Program FilesCommon FilesInstallShieldUpdateServiceagent.exe
C:Program FilesOperaopera.exe
C:Program FilesPrevx2PXConsole.exe
C:Program FilesPrevx2PXAgent.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSsystem32SearchProtocolHost.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ario&pf=laptop
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY...ario&pf=laptop
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.seamonkey-project.org/start/"); (C:Documents and SettingsCALINDRAApplication DataMozillaProfilesdefaultzz9effyd.sltprefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CSeaMonkey%5Csearchplugins%5Cgoogle.s rc"); (C:Documents and SettingsCALINDRAApplication DataMozillaProfilesdefaultzz9effyd.sltprefs.js)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayer
pbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:Documents and SettingsAll UsersApplication DataPrevxpxbho.dll
O2 - BHO: (no name) - {5C38F1A3-C14E-4EBD-A55B-CF9EE24FE46F} - C:WINDOWSsystem32qOIxWPhg.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07�inssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier4.1.805.4472swg.dll
O2 - BHO: {edb801e3-ef97-2908-71d4-7b292271204c} - {c4021722-92b7-4d17-8092-79fe3e108bde} - (no file)
O2 - BHO: (no name) - {CE24BFF5-E53D-4D0E-A2A4-DBF6EE6E92C3} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:Program FilesVeoh NetworksVeohPlugins
egVeohToolbar.dll
O3 - Toolbar: (no name) - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - (no file)
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:PROGRA~1TEXTAL~1TAForIE.dll
O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM..Run: [hpWirelessAssistant] C:Program FileshpqHP Wireless AssistantHP Wireless Assistant.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_07�injusched.exe"
O4 - HKLM..Run: [igfxtray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [igfxhkcmd] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [igfxpers] C:WINDOWSsystem32igfxpers.exe
O4 - HKLM..Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [QPService] "C:Program FilesHPQuickPlayQPService.exe"
O4 - HKLM..Run: [HP Software Update] C:Program FilesHpHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [ISUSPM Startup] "c:Program FilesCommon FilesInstallShieldUpdateServiceisuspm.exe" -startup
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [QlbCtrl] %ProgramFiles%Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
O4 - HKLM..Run: [Cpqset] C:Program FilesHewlett-PackardDefault Settingscpqset.exe
O4 - HKLM..Run: [RecGuard] C:WindowsSMINSTRecGuard.exe
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [Easy-PrintToolBox] C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN.EXE /logon
O4 - HKLM..Run: [Babylon Client] C:Program FilesBabylonBabylon-ProBabylon.exe -AutoStart
O4 - HKLM..Run: [CTCheck] C:Program FilesCreativeCreative ZEN�EN Media ExplorerCTCheck.exe
O4 - HKLM..Run: [ioCentre] C:GeniusioCentregTaskBar.exe
O4 - HKLM..Run: [IMJPMIG8.1] "C:WINDOWSIMEimjp8_1IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM..Run: [IMEKRMIG6.1] C:WINDOWSimeimkr6_1IMEKRMIG.EXE
O4 - HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 - HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 - HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 - HKLM..Run: [OfficeScanNT Monitor] "C:OfficeScan NTpccntmon.exe" -HideWindow
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device Support�inAppleSyncNotifier.exe
O4 - HKLM..Run: [QuickFinder Scheduler] "c:Program FilesCorelWordPerfect Office X4ProgramsQFSCHD140.EXE"
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [PrevxOne] "C:Program FilesPrevx2PXConsole.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Rainlendar2] C:Program FilesRainlendar2Rainlendar2.exe
O4 - HKCU..Run: [ATnotes.exe] C:Program FilesATnotesATnotes.exe
O4 - HKCU..Run: [ZoneTick] C:Program Files�oneTickzonetick.exe
O4 - HKCU..Run: [Google Update] "C:Documents and SettingscalindraLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe" /c
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:Program FilesVongoTray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:Program FilesVongoTray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:Program FilesVongoTray.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 - Global Startup: Windows Search.lnk = C:Program FilesWindows Desktop SearchWindowsSearch.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O8 - Extra context menu item: Open with WordPerfect - c:Program FilesCorelWordPerfect Office X4ProgramsWPLauncher.hta
O8 - Extra context menu item: Translate with &Babylon - res://C:Program FilesBabylonBabylon-ProUtilsBabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07�inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_07�inssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn...tDetection.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsAddFiltr.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device Support�inAppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:Program FilesCanonCALCALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe
O23 - Service: Google Update Service (gupdate1c920b4c2ad0755) (gupdate1c920b4c2ad0755) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPod�iniPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:OfficeScan NT
trtscan.exe
O23 - Service: PREVXAgent - Prevx - C:Program FilesPrevx2PXAgent.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:OfficeScan NT mlisten.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:OfficeScan NTTmProxy.exe
O23 - Service: ZoneTick Time (ZTime) - WR Consulting - C:Program Files�oneTick imesync.exe
--
End of file - 14271 bytes
View 14 Replies
View Related
