Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Vundo still there..HELP [CLOSED]


  • This topic is locked This topic is locked

#16
sage5

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Hi ProTurbo

This file, C:\WINDOWS\system32\umonit.exe might actually be a problem. It appears nearly everywhere on the internet as a harmless USB monitor, apart from Here
I think we should check this out:

Online Scanner:
You have a suspicious file on your computer, which I am not familiar with. It needs to be analysed by an online scanner like Virustotal.
To use Virustotal go to Here
  • Click on the Browse button at the top of the screen.
  • Go to C:\WINDOWS\system32 and highlight umonit.exe and click Open.
  • Click the Send button and wait for the reply.
  • Copy the text from the reply message, paste it to a new text file and save it to your Desktop as virustotal_log.txt
  • I will ask you to include the contents with your next post.

  • 0

Advertisements


#17
ProTurbo

ProTurbo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
here you go


File umonit.exe received on 02.25.2008 16:09:09 (CET)
Current status: finished

Result: 0/32 (0.00%)
Compact Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.2.22.0 2008.02.22 -
AntiVir 7.6.0.67 2008.02.25 -
Authentium 4.93.8 2008.02.24 -
Avast 4.7.1098.0 2008.02.24 -
AVG 7.5.0.516 2008.02.25 -
BitDefender 7.2 2008.02.25 -
CAT-QuickHeal 9.50 2008.02.22 -
ClamAV 0.92.1 2008.02.25 -
DrWeb 4.44.0.09170 2008.02.25 -
eSafe 7.0.15.0 2008.02.21 -
eTrust-Vet 31.3.5562 2008.02.25 -
Ewido 4.0 2008.02.25 -
FileAdvisor 1 2008.02.25 -
Fortinet 3.14.0.0 2008.02.25 -
F-Prot 4.4.2.54 2008.02.24 -
F-Secure 6.70.13260.0 2008.02.25 -
Ikarus T3.1.1.20 2008.02.25 -
Kaspersky 7.0.0.125 2008.02.25 -
McAfee 5236 2008.02.22 -
Microsoft 1.3204 2008.02.25 -
NOD32v2 2899 2008.02.25 -
Norman 5.80.02 2008.02.25 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.25 -
Rising 20.33.02.00 2008.02.25 -
Sophos 4.26.0 2008.02.25 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.25 -
TheHacker 6.2.9.228 2008.02.23 -
VBA32 3.12.6.1 2008.02.21 -
VirusBuster 4.3.26:9 2008.02.24 -
Webwasher-Gateway 6.6.2 2008.02.25 -
Additional information
File size: 53248 bytes
MD5: c1760626a42abeec280254e21aef222c
SHA1: f653d22cd97c88e41816a70535866a05b4ab17c7
PEiD: Armadillo v1.71


Thank you

Dan


Found this on the Net

This one says its ok
http://www.file.net/...umonit.exe.html

This one says maybe not
http://www.answersth.../tasklist_u.htm

Edited by ProTurbo, 25 February 2008 - 09:40 AM.

  • 0

#18
sage5

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Hi ProTurbo

Here are some that you can remove using HijackThis:

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe --> Lightscribe componant. If you don't use Lightscribe, get rid of it.
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe --> Can be run manually, if required.
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" --> supposedly speeds the load time of Acrobat Reader
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe --> unnecessary
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime --> unnecessary
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe --> manages wireless & bluetooth connections If you use it, keep it.
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe --> unnecessary
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe --> System Tray access to HP Director. If you use it, keep it.
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe --> Improves the startup time of HP Image Zone. If you use it, keep it.


Network Magic --> Some have reported that this was not installed by them, so may be installed during hardware driver install. If not used, remove it using the Add/Remove Programs section of the Control Panel.

See if getting rid of some of those, doesn't speed things up a bit.

My 2 cents:
Arguably, the greatest resource hog on that machine is the Symantec/Nortons stuff.
I would seriously consider getting rid of all the Symantec gear and using AntiVir or Avast as an antivirus, and Comodo or ZoneAlarm as a firewall.

Cheers,

sage5
  • 0

#19
ProTurbo

ProTurbo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Will try this out and get back ASAP//


How about Umont.exe? leave it on..?


ProTurbo
  • 0

#20
sage5

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
ProTurbo

Hi ProTurbo

That file tested alright , so leave in place for now.

Cheers,

sage5
  • 0

#21
sage5

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP