Fishslayer said:Here's what I found...thanks for your help!!:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"BCMSMMSG"="BCMSMMSG.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"StorageGuard"="\"C:\\Program Files\\Common Files\\Sonic\\Update
Manager\\sgtray.exe\" /r"
"DVDSentry"="C:\\WINDOWS\\System32\\DSentry.exe"
"diagent"="\"C:\\Program
Files\\Creative\\SBLive\\Diagnostics\\diagent.exe\"
startup"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"TkBellExe"="\"C:\\Program Files\\Common
Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\"
/checktask"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\mcupdate.exe"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"DwlClient"="C:\\Program Files\\Common Files\\Dell\\EUSW\\Support.exe"
"Dell AIO Printer A920"="\"C:\\Program Files\\Dell AIO Printer
A920\\dlbkbmgr.exe\""
"PLoader"="c:\\program files\\pendrive tools english version\\pendrive.exe
sys_auto_run C:\\Program Files\\PENDRIVE Tools English Version"
"QuickTime Task"="\"C:\\Program
Files\\QuickTime\\qttask.exe\" -atboottime"
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"iTunesHelper"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
When I tried to pull up the string :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
there
wasn't anything under MsConfig. The only items available with an "M"
were:
MSInfo; MSWinWrite; MSWord6.wpc and MSWord8
I hope this is what you were looking for...I'm not that technical. and
I've
never been in the registry before. Thanks "Nutcase"!
Fishslayer
Rick "Nutcase" Rogers said:Hi,
Click start/run, type regedit and click ok. Export a copy of the
following
keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
Right click each of the keys in turn, choose edit. Then copy/paste the
contents of each into a reply.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
Rick "Nutcase" Rogers said:Hi,
Two instances of spyware:
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
But no viruses. What makes you think that you have one?
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
Fishslayer said:Here's what I found...thanks for your help!!:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"BCMSMMSG"="BCMSMMSG.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"StorageGuard"="\"C:\\Program Files\\Common Files\\Sonic\\Update
Manager\\sgtray.exe\" /r"
"DVDSentry"="C:\\WINDOWS\\System32\\DSentry.exe"
"diagent"="\"C:\\Program
Files\\Creative\\SBLive\\Diagnostics\\diagent.exe\"
startup"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"TkBellExe"="\"C:\\Program Files\\Common
Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\"
/checktask"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\mcupdate.exe"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"DwlClient"="C:\\Program Files\\Common Files\\Dell\\EUSW\\Support.exe"
"Dell AIO Printer A920"="\"C:\\Program Files\\Dell AIO Printer
A920\\dlbkbmgr.exe\""
"PLoader"="c:\\program files\\pendrive tools english version\\pendrive.exe
sys_auto_run C:\\Program Files\\PENDRIVE Tools English Version"
"QuickTime Task"="\"C:\\Program
Files\\QuickTime\\qttask.exe\" -atboottime"
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"iTunesHelper"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
When I tried to pull up the string :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
there
wasn't anything under MsConfig. The only items available with an "M"
were:
MSInfo; MSWinWrite; MSWord6.wpc and MSWord8
I hope this is what you were looking for...I'm not that technical. and
I've
never been in the registry before. Thanks "Nutcase"!
Fishslayer
Rick "Nutcase" Rogers said:Hi,
Click start/run, type regedit and click ok. Export a copy of the
following
keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
Right click each of the keys in turn, choose edit. Then copy/paste the
contents of each into a reply.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
I finally managed to get in as the Adminisitrator!! I ran the Stinger,
under the repair option, and rebooted my computer. Nothing has really
changed. When I go into Outlook, my email program immediately attempts
to
send 55 emails. I don't know what else to do to get rid of the virus.
McAfee is of little help!! I've tried Spybot, Ad-Aware SE and Kapersky
virus
removal programs to identify and disable the virus...but none seem to
work.
Any programs that you would recommend? Thanks for your help, it is
much
appreciated!!
:
Thanks "Nutcase". I downloaded the Stinger program, but it is under
my
username, and not the Administrator. When I try to get into safemode,
I
keep
getting a "Key Board Failure" which won't allow me to type in the
password as
the Administrator. I can get into Safe Mode...just not as the
Administrator,
and the Stinger tool is not listed as one of the programs from which
to
choose. Any suggestions? This is frustrating!!
:
Hi,
If the restore points are infected, then going back is pointless. If
they
are corrupted and System Restore fails, then there is no going back.
Suggest instead you download stinger from
http://vil.nai.com/vil/stinger/
and then restart in Safe mode. Logon as administrator, then run the
file
where it won't be interfered with by the virus.
How to start in Safe mode:
http://www.rickrogers.org/fixes.htm#Safe mode
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
I can't go back in time with system restore due to a
trojan/virus/worm
that
has infected my computer. McAfee can't seem to identify/remove
the
virus
and
I'd like to go back in time to a previous setting. Help please.
Thanks
Fishslayer said:Everytime I go to Outlook, my computer tries to send 55 emails!! Can this
be
caused by Spyware? I can't seem to correct the problem. Thanks!
Fishslayer
Rick "Nutcase" Rogers said:Hi,
Two instances of spyware:
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
But no viruses. What makes you think that you have one?
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
Fishslayer said:Here's what I found...thanks for your help!!:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"BCMSMMSG"="BCMSMMSG.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"StorageGuard"="\"C:\\Program Files\\Common Files\\Sonic\\Update
Manager\\sgtray.exe\" /r"
"DVDSentry"="C:\\WINDOWS\\System32\\DSentry.exe"
"diagent"="\"C:\\Program
Files\\Creative\\SBLive\\Diagnostics\\diagent.exe\"
startup"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"TkBellExe"="\"C:\\Program Files\\Common
Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\"
/checktask"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\mcupdate.exe"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"DwlClient"="C:\\Program Files\\Common Files\\Dell\\EUSW\\Support.exe"
"Dell AIO Printer A920"="\"C:\\Program Files\\Dell AIO Printer
A920\\dlbkbmgr.exe\""
"PLoader"="c:\\program files\\pendrive tools english
version\\pendrive.exe
sys_auto_run C:\\Program Files\\PENDRIVE Tools English Version"
"QuickTime Task"="\"C:\\Program
Files\\QuickTime\\qttask.exe\" -atboottime"
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint
Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"iTunesHelper"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
When I tried to pull up the string :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
there
wasn't anything under MsConfig. The only items available with an "M"
were:
MSInfo; MSWinWrite; MSWord6.wpc and MSWord8
I hope this is what you were looking for...I'm not that technical. and
I've
never been in the registry before. Thanks "Nutcase"!
Fishslayer
:
Hi,
Click start/run, type regedit and click ok. Export a copy of the
following
keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
Right click each of the keys in turn, choose edit. Then copy/paste the
contents of each into a reply.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
I finally managed to get in as the Adminisitrator!! I ran the
Stinger,
under the repair option, and rebooted my computer. Nothing has
really
changed. When I go into Outlook, my email program immediately
attempts
to
send 55 emails. I don't know what else to do to get rid of the
virus.
McAfee is of little help!! I've tried Spybot, Ad-Aware SE and
Kapersky
virus
removal programs to identify and disable the virus...but none seem
to
work.
Any programs that you would recommend? Thanks for your help, it is
much
appreciated!!
:
Thanks "Nutcase". I downloaded the Stinger program, but it is
under
my
username, and not the Administrator. When I try to get into
safemode,
I
keep
getting a "Key Board Failure" which won't allow me to type in the
password as
the Administrator. I can get into Safe Mode...just not as the
Administrator,
and the Stinger tool is not listed as one of the programs from
which
to
choose. Any suggestions? This is frustrating!!
:
Hi,
If the restore points are infected, then going back is pointless.
If
they
are corrupted and System Restore fails, then there is no going
back.
Suggest instead you download stinger from
http://vil.nai.com/vil/stinger/
and then restart in Safe mode. Logon as administrator, then run
the
file
where it won't be interfered with by the virus.
How to start in Safe mode:
http://www.rickrogers.org/fixes.htm#Safe mode
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
message
I can't go back in time with system restore due to a
trojan/virus/worm
that
has infected my computer. McAfee can't seem to identify/remove
the
virus
and
I'd like to go back in time to a previous setting. Help
please.
Thanks
Rick "Nutcase" Rogers said:Hi,
What does your outbox look like? Is there simply something in there that
keeps trying to send to invalid addresses?
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
Fishslayer said:Everytime I go to Outlook, my computer tries to send 55 emails!! Can this
be
caused by Spyware? I can't seem to correct the problem. Thanks!
Fishslayer
Rick "Nutcase" Rogers said:Hi,
Two instances of spyware:
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
But no viruses. What makes you think that you have one?
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
Here's what I found...thanks for your help!!:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"BCMSMMSG"="BCMSMMSG.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"StorageGuard"="\"C:\\Program Files\\Common Files\\Sonic\\Update
Manager\\sgtray.exe\" /r"
"DVDSentry"="C:\\WINDOWS\\System32\\DSentry.exe"
"diagent"="\"C:\\Program
Files\\Creative\\SBLive\\Diagnostics\\diagent.exe\"
startup"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"TkBellExe"="\"C:\\Program Files\\Common
Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\"
/checktask"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\mcupdate.exe"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"DwlClient"="C:\\Program Files\\Common Files\\Dell\\EUSW\\Support.exe"
"Dell AIO Printer A920"="\"C:\\Program Files\\Dell AIO Printer
A920\\dlbkbmgr.exe\""
"PLoader"="c:\\program files\\pendrive tools english
version\\pendrive.exe
sys_auto_run C:\\Program Files\\PENDRIVE Tools English Version"
"QuickTime Task"="\"C:\\Program
Files\\QuickTime\\qttask.exe\" -atboottime"
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint
Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"iTunesHelper"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
When I tried to pull up the string :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
there
wasn't anything under MsConfig. The only items available with an "M"
were:
MSInfo; MSWinWrite; MSWord6.wpc and MSWord8
I hope this is what you were looking for...I'm not that technical. and
I've
never been in the registry before. Thanks "Nutcase"!
Fishslayer
:
Hi,
Click start/run, type regedit and click ok. Export a copy of the
following
keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
Right click each of the keys in turn, choose edit. Then copy/paste the
contents of each into a reply.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
I finally managed to get in as the Adminisitrator!! I ran the
Stinger,
under the repair option, and rebooted my computer. Nothing has
really
changed. When I go into Outlook, my email program immediately
attempts
to
send 55 emails. I don't know what else to do to get rid of the
virus.
McAfee is of little help!! I've tried Spybot, Ad-Aware SE and
Kapersky
virus
removal programs to identify and disable the virus...but none seem
to
work.
Any programs that you would recommend? Thanks for your help, it is
much
appreciated!!
:
Thanks "Nutcase". I downloaded the Stinger program, but it is
under
my
username, and not the Administrator. When I try to get into
safemode,
I
keep
getting a "Key Board Failure" which won't allow me to type in the
password as
the Administrator. I can get into Safe Mode...just not as the
Administrator,
and the Stinger tool is not listed as one of the programs from
which
to
choose. Any suggestions? This is frustrating!!
:
Hi,
If the restore points are infected, then going back is pointless.
If
they
are corrupted and System Restore fails, then there is no going
back.
Suggest instead you download stinger from
http://vil.nai.com/vil/stinger/
and then restart in Safe mode. Logon as administrator, then run
the
file
where it won't be interfered with by the virus.
How to start in Safe mode:
http://www.rickrogers.org/fixes.htm#Safe mode
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
message
I can't go back in time with system restore due to a
trojan/virus/worm
that
has infected my computer. McAfee can't seem to identify/remove
the
virus
and
I'd like to go back in time to a previous setting. Help
please.
Thanks
Fishslayer said:There was something in there. I deleted it and now the problem appears to
be
fixed. Thank You!!
Rick "Nutcase" Rogers said:Hi,
What does your outbox look like? Is there simply something in there that
keeps trying to send to invalid addresses?
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
Fishslayer said:Everytime I go to Outlook, my computer tries to send 55 emails!! Can
this
be
caused by Spyware? I can't seem to correct the problem. Thanks!
Fishslayer
:
Hi,
Two instances of spyware:
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint
Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
But no viruses. What makes you think that you have one?
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
Here's what I found...thanks for your help!!:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE
C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"BCMSMMSG"="BCMSMMSG.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"StorageGuard"="\"C:\\Program Files\\Common Files\\Sonic\\Update
Manager\\sgtray.exe\" /r"
"DVDSentry"="C:\\WINDOWS\\System32\\DSentry.exe"
"diagent"="\"C:\\Program
Files\\Creative\\SBLive\\Diagnostics\\diagent.exe\"
startup"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"TkBellExe"="\"C:\\Program Files\\Common
Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\"
/checktask"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\McAfee.com\\Agent\\mcupdate.exe"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"DwlClient"="C:\\Program Files\\Common
Files\\Dell\\EUSW\\Support.exe"
"Dell AIO Printer A920"="\"C:\\Program Files\\Dell AIO Printer
A920\\dlbkbmgr.exe\""
"PLoader"="c:\\program files\\pendrive tools english
version\\pendrive.exe
sys_auto_run C:\\Program Files\\PENDRIVE Tools English Version"
"QuickTime Task"="\"C:\\Program
Files\\QuickTime\\qttask.exe\" -atboottime"
"ViewMgr"="C:\\Program Files\\Viewpoint\\Viewpoint
Manager\\ViewMgr.exe"
"WildTangent CDA"="RUNDLL32.exe \"C:\\Program
Files\\WildTangent\\Apps\\CDA\\cdaEngine0400.dll\",cdaEngineMain"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"iTunesHelper"="C:\\Program Files\\iTunes\\iTunesHelper.exe"
When I tried to pull up the string :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared
Tools\MSConfig\startupreg
there
wasn't anything under MsConfig. The only items available with an
"M"
were:
MSInfo; MSWinWrite; MSWord6.wpc and MSWord8
I hope this is what you were looking for...I'm not that technical.
and
I've
never been in the registry before. Thanks "Nutcase"!
Fishslayer
:
Hi,
Click start/run, type regedit and click ok. Export a copy of the
following
keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared
Tools\MSConfig\startupreg
Right click each of the keys in turn, choose edit. Then copy/paste
the
contents of each into a reply.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
message
I finally managed to get in as the Adminisitrator!! I ran the
Stinger,
under the repair option, and rebooted my computer. Nothing has
really
changed. When I go into Outlook, my email program immediately
attempts
to
send 55 emails. I don't know what else to do to get rid of the
virus.
McAfee is of little help!! I've tried Spybot, Ad-Aware SE and
Kapersky
virus
removal programs to identify and disable the virus...but none
seem
to
work.
Any programs that you would recommend? Thanks for your help, it
is
much
appreciated!!
:
Thanks "Nutcase". I downloaded the Stinger program, but it is
under
my
username, and not the Administrator. When I try to get into
safemode,
I
keep
getting a "Key Board Failure" which won't allow me to type in
the
password as
the Administrator. I can get into Safe Mode...just not as the
Administrator,
and the Stinger tool is not listed as one of the programs from
which
to
choose. Any suggestions? This is frustrating!!
:
Hi,
If the restore points are infected, then going back is
pointless.
If
they
are corrupted and System Restore fails, then there is no going
back.
Suggest instead you download stinger from
http://vil.nai.com/vil/stinger/
and then restart in Safe mode. Logon as administrator, then
run
the
file
where it won't be interfered with by the virus.
How to start in Safe mode:
http://www.rickrogers.org/fixes.htm#Safe mode
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Associate Expert - WindowsXP Expert Zone
Windows help - www.rickrogers.org
message
I can't go back in time with system restore due to a
trojan/virus/worm
that
has infected my computer. McAfee can't seem to
identify/remove
the
virus
and
I'd like to go back in time to a previous setting. Help
please.
Thanks
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.