Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vundo still there..HELP [CLOSED]

Started by ProTurbo , Feb 21 2008 04:11 AM

  • This topic is locked This topic is locked

#16
sage5
Posted 23 February 2008 - 06:23 PM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Hi ProTurbo

This file, C:\WINDOWS\system32\umonit.exe might actually be a problem. It appears nearly everywhere on the internet as a harmless USB monitor, apart from Here
I think we should check this out:

Online Scanner:
You have a suspicious file on your computer, which I am not familiar with. It needs to be analysed by an online scanner like Virustotal.
To use Virustotal go to Here
  • Click on the Browse button at the top of the screen.
  • Go to C:\WINDOWS\system32 and highlight umonit.exe and click Open.
  • Click the Send button and wait for the reply.
  • Copy the text from the reply message, paste it to a new text file and save it to your Desktop as virustotal_log.txt
  • I will ask you to include the contents with your next post.

  • 0

Advertisements

#17
ProTurbo
Posted 25 February 2008 - 09:00 AM

ProTurbo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
here you go


File umonit.exe received on 02.25.2008 16:09:09 (CET)
Current status: finished

Result: 0/32 (0.00%)
Compact Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.2.22.0 2008.02.22 -
AntiVir 7.6.0.67 2008.02.25 -
Authentium 4.93.8 2008.02.24 -
Avast 4.7.1098.0 2008.02.24 -
AVG 7.5.0.516 2008.02.25 -
BitDefender 7.2 2008.02.25 -
CAT-QuickHeal 9.50 2008.02.22 -
ClamAV 0.92.1 2008.02.25 -
DrWeb 4.44.0.09170 2008.02.25 -
eSafe 7.0.15.0 2008.02.21 -
eTrust-Vet 31.3.5562 2008.02.25 -
Ewido 4.0 2008.02.25 -
FileAdvisor 1 2008.02.25 -
Fortinet 3.14.0.0 2008.02.25 -
F-Prot 4.4.2.54 2008.02.24 -
F-Secure 6.70.13260.0 2008.02.25 -
Ikarus T3.1.1.20 2008.02.25 -
Kaspersky 7.0.0.125 2008.02.25 -
McAfee 5236 2008.02.22 -
Microsoft 1.3204 2008.02.25 -
NOD32v2 2899 2008.02.25 -
Norman 5.80.02 2008.02.25 -
Panda 9.0.0.4 2008.02.25 -
Prevx1 V2 2008.02.25 -
Rising 20.33.02.00 2008.02.25 -
Sophos 4.26.0 2008.02.25 -
Sunbelt 3.0.893.0 2008.02.23 -
Symantec 10 2008.02.25 -
TheHacker 6.2.9.228 2008.02.23 -
VBA32 3.12.6.1 2008.02.21 -
VirusBuster 4.3.26:9 2008.02.24 -
Webwasher-Gateway 6.6.2 2008.02.25 -
Additional information
File size: 53248 bytes
MD5: c1760626a42abeec280254e21aef222c
SHA1: f653d22cd97c88e41816a70535866a05b4ab17c7
PEiD: Armadillo v1.71


Thank you

Dan


Found this on the Net

This one says its ok
http://www.file.net/...umonit.exe.html

This one says maybe not
http://www.answersth.../tasklist_u.htm

Edited by ProTurbo, 25 February 2008 - 09:40 AM.

  • 0

#18
sage5
Posted 26 February 2008 - 06:29 AM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Hi ProTurbo

Here are some that you can remove using HijackThis:

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe --> Lightscribe componant. If you don't use Lightscribe, get rid of it.
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe --> Can be run manually, if required.
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" --> supposedly speeds the load time of Acrobat Reader
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe --> unnecessary
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime --> unnecessary
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe --> manages wireless & bluetooth connections If you use it, keep it.
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe --> unnecessary
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe --> System Tray access to HP Director. If you use it, keep it.
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe --> Improves the startup time of HP Image Zone. If you use it, keep it.


Network Magic --> Some have reported that this was not installed by them, so may be installed during hardware driver install. If not used, remove it using the Add/Remove Programs section of the Control Panel.

See if getting rid of some of those, doesn't speed things up a bit.

My 2 cents:
Arguably, the greatest resource hog on that machine is the Symantec/Nortons stuff.
I would seriously consider getting rid of all the Symantec gear and using AntiVir or Avast as an antivirus, and Comodo or ZoneAlarm as a firewall.

Cheers,

sage5
  • 0

#19
ProTurbo
Posted 28 February 2008 - 05:22 PM

ProTurbo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Will try this out and get back ASAP//


How about Umont.exe? leave it on..?


ProTurbo
  • 0

#20
sage5
Posted 29 February 2008 - 08:21 PM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
ProTurbo

Hi ProTurbo

That file tested alright , so leave in place for now.

Cheers,

sage5
  • 0

#21
sage5
Posted 20 March 2008 - 11:24 PM

sage5

    RIP 10/2009

  • Retired Staff
  • 2,646 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP