Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Zugo Toolbar/Homepage issues


27 Apr 2010   #1

Win 7 64-bit
 
 
Zugo Toolbar/Homepage issues

I've been seeing random Zugo related issues. IE (fully updated - which I don't use very often) refuses to lose the Zugo bug. Recently my Bing search tool in Firefox (top right search box) also seemed to be using bing.zugo.com as opposed to bing.com alone. I've used Spybot and MalwareBytes to try and rid myself of the problem without effect. So here are my logs:

HJT:
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan  saved at 11:04:35 AM, on 4/27/2010
Platform: Unknown Windows (WinNT  6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot  mode: Normal

Running processes:
C:\Program Files  (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common  Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON  Tools Lite\DTLite.exe
C:\Program Files  (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\Program  Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program  Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program  Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program  Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files  (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Users\Nachiket  Karnik\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files  (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program  Files (x86)\Common Files\Realtime  Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files  (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common  Files\Teleca Shared\logger.exe
C:\Program Files  (x86)\Digsby\lib\digsby-app.exe
C:\Program Files (x86)\Common  Files\Real\Update_OB\realsched.exe
C:\Program Files  (x86)\Digsby\lib\aspell\bin\aspell.exe
C:\Program Files (x86)\Mozilla  Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla  Firefox\firefox.exe
C:\Program Files (x86)\Trend  Micro\HijackThis\HijackThis.exe

R1 -  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =  http://go.microsoft.com/fwlink/?LinkId=54896
R0 -  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1  - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =  http://go.microsoft.com/fwlink/?LinkId=69157
R1 -  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =  http://go.microsoft.com/fwlink/?LinkId=54896
R1 -  HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =  http://go.microsoft.com/fwlink/?LinkId=54896
R0 -  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =  http://go.microsoft.com/fwlink/?LinkId=69157
R0 -  HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0  - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0  - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =  C:\Windows\SysWOW64\blank.htm
R1 -  HKCU\Software\Microsoft\Windows\CurrentVersion\Internet  Settings,ProxyOverride = *.local
R0 -  HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3  - URLSearchHook: ToolbarURLSearchHook Class -  {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Search  Toolbar\tbhelper.dll
O2 - BHO: AcroIEHelperStub -  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO:  WormRadar.com IESiteBlocker.NavFilter -  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files  (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Adobe PDF Conversion Toolbar  Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files  (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 -  BHO: Java(tm) Plug-In 2 SSV Helper -  {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files  (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect -  {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: TBSB05974 -  {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Search  Toolbar\tbcore3.dll
O3 - Toolbar: Search Toolbar -  {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search  Toolbar\tbcore3.dll
O3 - Toolbar: Adobe PDF -  {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run:  [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run:  [ATICustomerCare] "C:\Program Files  (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run:  [TkBellExe] "C:\Program Files (x86)\Common  Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run:  [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run:  [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched]  "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4  - HKLM\..\Run: [TuneClone] C:\Program Files  (x86)\TuneClone\TuneClone.exe /silence
O4 - HKLM\..\Run: [NoteBurner]  C:\Program Files (x86)\NoteBurner\VTBurnerGUI.exe /silence
O4 -  HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI  Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 -  HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files  (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe  ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4  - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files (x86)\Sony  Ericsson\Mobile4\Application Launcher\Application Launcher.exe"  /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files  (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run:  [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 -  HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common  Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4  - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files  (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run:  [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat  9.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [Google Update]  "C:\Users\Nachiket Karnik\AppData\Local\Google\Update\GoogleUpdate.exe"  /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files  (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run:  [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files  (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe"  ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run:  [DevconDefaultDB] C:\Windows\system32\readreg /PSCONV={NO} /FAIL=1
O4  - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic  Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program  Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON  Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe"  -autorun
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files  (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 -  HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows  Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 -  HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe  (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar]  %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK  SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin]  C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 -  Startup: Dropbox.lnk = C:\Users\Nachiket  Karnik\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup:  Digsby.lnk = C:\Program Files (x86)\Digsby\lib\digsby-app.exe
O4 -  Global Startup: MozyHome Status.lnk = C:\Program  Files\MozyHome\mozystat.exe
O4 - Global Startup: UltraMon.lnk = ?
O8  - Extra context menu item: Append to existing PDF - res://C:\Program  Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 -  Extra context menu item: Convert link target to Adobe PDF -  res://C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8  - Extra context menu item: Convert link target to existing PDF -  res://C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8  - Extra context menu item: Convert to Adobe PDF - res://C:\Program  Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8  - Extra context menu item: E&xport to Microsoft Excel -  res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button:  Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -  C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16  - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -  http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16  - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software  AutoUpdate Support Package) -  http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab
O18  - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com -  {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:  acaptuser32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112  (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23  - Service: AMD External Events Utility - Unknown owner -  C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple  Mobile Device - Apple Inc. - C:\Program Files (x86)\Common  Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 -  Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o.  - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free  WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files  (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple  Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 -  Service: Creative Audio Engine Licensing Service - Creative Labs -  C:\Program Files (x86)\Common Files\Creative Labs  Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio  Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files  (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service:  @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner -  C:\Windows\System32\lsass.exe (file missing)
O23 - Service:  @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner -  C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet  Licensing Service - Acresso Software Inc. - C:\Program Files  (x86)\Common Files\Macrovision Shared\FLEXnet  Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing  Service 64 - Acresso Software Inc. - C:\Program Files\Common  Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23  - Service: Google Update Service (gupdate) (gupdate) - Google Inc. -  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service:  iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23  - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -  C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MozyHome  Backup Service (mozybackup) - Mozy, Inc. - C:\Program  Files\MozyHome\mozybackup.exe
O23 - Service: @comres.dll,-2797  (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23  - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) -  Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 -  Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common  Files\Nero\Lib\NMIndexingService.exe
O23 - Service:  @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown  owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service:  @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner -  C:\Windows\system32\locator.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner -  C:\Windows\system32\lsass.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner -  C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service:  @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner -  C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner -  C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner -  C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner -  C:\Windows\system32\lsass.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -  C:\Windows\System32\vds.exe (file missing)
O23 - Service:  @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -  C:\Windows\system32\vssvc.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner -  C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 -  Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown  owner - C:\Windows\system32\wbengine.exe (file missing)
O23 -  Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -  Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23  - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101  (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media  Player\wmpnetwk.exe (file missing)
O23 - Service: Zune Wireless  Configuration Service (ZuneWlanCfgSvc) - Unknown owner -  c:\Windows\system32\ZuneWlanCfgSvc.exe (file missing)

--
End  of file - 12994 bytes




Uninstall:
Code:
Adobe Acrobat 9 Pro Extended - English, Français,  Deutsch
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe  Acrobat 9.2.0 - CPSID_50026
Adobe Anchor Service CS4
Adobe Bridge  CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe  Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe  Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe  CSI CS4
Adobe Default Language CS4
Adobe ExtendScript Toolkit CS4
Adobe  Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts  All
Adobe Linguistics CS4
Adobe Output Module
Adobe PDF Library  Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe  Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.3.1
Adobe  Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe  Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft  Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Amazon  MP3 Downloader 1.0.5
AMD DnD V1.0.19
Apple Application Support
Apple  Software Update
ATI Catalyst Registration
AVG Free 9.0
Catalyst  Control Center - Branding
Comical 0.8
Connect
Creative Audio  Console
Creative Software AutoUpdate
Digsby
DivX Codec
DivX  Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web  Player
FIFA MANAGER 10
Foxit Reader
Google Earth
Google  Update Helper
HijackThis 2.0.2
Java(TM) 6 Update 18
kuler
Malwarebytes'  Anti-Malware
Microsoft Age of Empires Gold
Microsoft Office  Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI  (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office  Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft  Office Groove MUI (English) 2007
Microsoft Office Groove Setup  Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English)  2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office  Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English)  2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof  (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft  Office Proofing (English) 2007
Microsoft Office Publisher MUI  (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft  Office Shared Setup Metadata MUI (English) 2007
Microsoft Office  Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Mozilla  Firefox (3.6.3)
Mozilla Thunderbird (3.0.4)
MSXML 4.0 SP2  (KB954430)
MSXML 4.0 SP2 (KB973688)
MyPhoneExplorer
Nero 8
neroxml
OpenAL
PC  Probe II
PC Suite for Sony Ericsson
PC Suite for Sony Ericsson
PDF  Settings CS4
Photoshop Camera Raw
QuickTime
RealPlayer
Realtek  8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Search  Toolbar
Skype Toolbars
Skype™ 4.2
Suite Shared Configuration  CS4
The Lord of the Rings FREE Trial 
TVUPlayer 2.4.9.1
VC80CRTRedist  - 8.0.50727.4053
Veetle TV 0.9.16
Visual C++ 8.0 Runtime Setup  Package (x64)
VLC media player 1.0.5
WinRAR archiver



My System SpecsSystem Spec
.

30 Apr 2010   #2

Windows 7 Ultimate x64 SP1
 
 

Quote   Quote: Originally Posted by spektre View Post
I've been seeing random Zugo related issues. IE (fully updated - which I don't use very often) refuses to lose the Zugo bug. Recently my Bing search tool in Firefox (top right search box) also seemed to be using bing.zugo.com as opposed to bing.com alone. I've used Spybot and MalwareBytes to try and rid myself of the problem without effect. So here are my logs:

HJT:
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan  saved at 11:04:35 AM, on 4/27/2010
Platform: Unknown Windows (WinNT  6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot  mode: Normal

Running processes:
C:\Program Files  (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common  Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON  Tools Lite\DTLite.exe
C:\Program Files  (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\Program  Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program  Files (x86)\AVG\AVG9\avgtray.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program  Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program  Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files  (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Users\Nachiket  Karnik\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files  (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program  Files (x86)\Common Files\Realtime  Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files  (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common  Files\Teleca Shared\logger.exe
C:\Program Files  (x86)\Digsby\lib\digsby-app.exe
C:\Program Files (x86)\Common  Files\Real\Update_OB\realsched.exe
C:\Program Files  (x86)\Digsby\lib\aspell\bin\aspell.exe
C:\Program Files (x86)\Mozilla  Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla  Firefox\firefox.exe
C:\Program Files (x86)\Trend  Micro\HijackThis\HijackThis.exe

R1 -  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =  http://go.microsoft.com/fwlink/?LinkId=54896
R0 -  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1  - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =  http://go.microsoft.com/fwlink/?LinkId=69157
R1 -  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =  http://go.microsoft.com/fwlink/?LinkId=54896
R1 -  HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =  http://go.microsoft.com/fwlink/?LinkId=54896
R0 -  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =  http://go.microsoft.com/fwlink/?LinkId=69157
R0 -  HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0  - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0  - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =  C:\Windows\SysWOW64\blank.htm
R1 -  HKCU\Software\Microsoft\Windows\CurrentVersion\Internet  Settings,ProxyOverride = *.local
R0 -  HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3  - URLSearchHook: ToolbarURLSearchHook Class -  {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Search  Toolbar\tbhelper.dll
O2 - BHO: AcroIEHelperStub -  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO:  WormRadar.com IESiteBlocker.NavFilter -  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files  (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Adobe PDF Conversion Toolbar  Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files  (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 -  BHO: Java(tm) Plug-In 2 SSV Helper -  {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files  (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect -  {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: TBSB05974 -  {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Search  Toolbar\tbcore3.dll
O3 - Toolbar: Search Toolbar -  {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search  Toolbar\tbcore3.dll
O3 - Toolbar: Adobe PDF -  {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run:  [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run:  [ATICustomerCare] "C:\Program Files  (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run:  [TkBellExe] "C:\Program Files (x86)\Common  Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run:  [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run:  [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched]  "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4  - HKLM\..\Run: [TuneClone] C:\Program Files  (x86)\TuneClone\TuneClone.exe /silence
O4 - HKLM\..\Run: [NoteBurner]  C:\Program Files (x86)\NoteBurner\VTBurnerGUI.exe /silence
O4 -  HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI  Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 -  HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files  (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe  ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4  - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files (x86)\Sony  Ericsson\Mobile4\Application Launcher\Application Launcher.exe"  /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files  (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run:  [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 -  HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common  Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4  - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files  (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run:  [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat  9.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [Google Update]  "C:\Users\Nachiket Karnik\AppData\Local\Google\Update\GoogleUpdate.exe"  /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files  (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run:  [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files  (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe"  ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run:  [DevconDefaultDB] C:\Windows\system32\readreg /PSCONV={NO} /FAIL=1
O4  - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic  Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program  Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON  Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe"  -autorun
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files  (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 -  HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows  Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 -  HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe  (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar]  %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK  SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin]  C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 -  Startup: Dropbox.lnk = C:\Users\Nachiket  Karnik\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup:  Digsby.lnk = C:\Program Files (x86)\Digsby\lib\digsby-app.exe
O4 -  Global Startup: MozyHome Status.lnk = C:\Program  Files\MozyHome\mozystat.exe
O4 - Global Startup: UltraMon.lnk = ?
O8  - Extra context menu item: Append to existing PDF - res://C:\Program  Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 -  Extra context menu item: Convert link target to Adobe PDF -  res://C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8  - Extra context menu item: Convert link target to existing PDF -  res://C:\Program Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8  - Extra context menu item: Convert to Adobe PDF - res://C:\Program  Files (x86)\Common  Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8  - Extra context menu item: E&xport to Microsoft Excel -  res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button:  Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -  C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16  - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -  http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16  - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software  AutoUpdate Support Package) -  http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab
O18  - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com -  {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:  acaptuser32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112  (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23  - Service: AMD External Events Utility - Unknown owner -  C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple  Mobile Device - Apple Inc. - C:\Program Files (x86)\Common  Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 -  Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o.  - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free  WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files  (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple  Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 -  Service: Creative Audio Engine Licensing Service - Creative Labs -  C:\Program Files (x86)\Common Files\Creative Labs  Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio  Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files  (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service:  @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner -  C:\Windows\System32\lsass.exe (file missing)
O23 - Service:  @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner -  C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet  Licensing Service - Acresso Software Inc. - C:\Program Files  (x86)\Common Files\Macrovision Shared\FLEXnet  Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing  Service 64 - Acresso Software Inc. - C:\Program Files\Common  Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23  - Service: Google Update Service (gupdate) (gupdate) - Google Inc. -  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service:  iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23  - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -  C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MozyHome  Backup Service (mozybackup) - Mozy, Inc. - C:\Program  Files\MozyHome\mozybackup.exe
O23 - Service: @comres.dll,-2797  (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23  - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) -  Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 -  Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common  Files\Nero\Lib\NMIndexingService.exe
O23 - Service:  @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown  owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service:  @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner -  C:\Windows\system32\locator.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner -  C:\Windows\system32\lsass.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner -  C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service:  @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner -  C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner -  C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner -  C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner -  C:\Windows\system32\lsass.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -  C:\Windows\System32\vds.exe (file missing)
O23 - Service:  @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -  C:\Windows\system32\vssvc.exe (file missing)
O23 - Service:  @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner -  C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 -  Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown  owner - C:\Windows\system32\wbengine.exe (file missing)
O23 -  Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -  Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23  - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101  (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media  Player\wmpnetwk.exe (file missing)
O23 - Service: Zune Wireless  Configuration Service (ZuneWlanCfgSvc) - Unknown owner -  c:\Windows\system32\ZuneWlanCfgSvc.exe (file missing)

--
End  of file - 12994 bytes


Uninstall:
Code:
Adobe Acrobat 9 Pro Extended - English, Français,  Deutsch
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe  Acrobat 9.2.0 - CPSID_50026
Adobe Anchor Service CS4
Adobe Bridge  CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe  Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe  Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe  CSI CS4
Adobe Default Language CS4
Adobe ExtendScript Toolkit CS4
Adobe  Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts  All
Adobe Linguistics CS4
Adobe Output Module
Adobe PDF Library  Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe  Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.3.1
Adobe  Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe  Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft  Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Amazon  MP3 Downloader 1.0.5
AMD DnD V1.0.19
Apple Application Support
Apple  Software Update
ATI Catalyst Registration
AVG Free 9.0
Catalyst  Control Center - Branding
Comical 0.8
Connect
Creative Audio  Console
Creative Software AutoUpdate
Digsby
DivX Codec
DivX  Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web  Player
FIFA MANAGER 10
Foxit Reader
Google Earth
Google  Update Helper
HijackThis 2.0.2
Java(TM) 6 Update 18
kuler
Malwarebytes'  Anti-Malware
Microsoft Age of Empires Gold
Microsoft Office  Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI  (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office  Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft  Office Groove MUI (English) 2007
Microsoft Office Groove Setup  Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English)  2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office  Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English)  2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof  (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft  Office Proofing (English) 2007
Microsoft Office Publisher MUI  (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft  Office Shared Setup Metadata MUI (English) 2007
Microsoft Office  Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Mozilla  Firefox (3.6.3)
Mozilla Thunderbird (3.0.4)
MSXML 4.0 SP2  (KB954430)
MSXML 4.0 SP2 (KB973688)
MyPhoneExplorer
Nero 8
neroxml
OpenAL
PC  Probe II
PC Suite for Sony Ericsson
PC Suite for Sony Ericsson
PDF  Settings CS4
Photoshop Camera Raw
QuickTime
RealPlayer
Realtek  8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Search  Toolbar
Skype Toolbars
Skype™ 4.2
Suite Shared Configuration  CS4
The Lord of the Rings FREE Trial 
TVUPlayer 2.4.9.1
VC80CRTRedist  - 8.0.50727.4053
Veetle TV 0.9.16
Visual C++ 8.0 Runtime Setup  Package (x64)
VLC media player 1.0.5
WinRAR archiver
Hi. Download Malwarebytes here: Malwarebytes
Install, update it and run a FULL SCAN.

Let us know the results.

"PLEASE REP ANYONE WHO HELPS YOU"
My System SpecsSystem Spec
30 Apr 2010   #3

MS Windows 7 Ultimate SP1 64-bit
 
 

Spektre,
In addition to the excellent instructions you received, I add:

1. rename that mbam file you downloaded to anything, for example, xxyyzz.exe and then run it. Some bad software will recognize the default name and thwart your efforts.

2. Before running malware bytes program.
a. disconnect from internet,
b. completely remove any and all antispyware, anti-virus software (don't just disable but use Control Panel | Programs and Features to uninstall those programs).
c. install and run the renamed malware bytes.
d. run the full scan.
e. reconnect to the internet.
f. choose the update option in malware bytes and update malware bytes.
g. run the full scan.

Now download, install and run Microsoft Security Essentials. http://www.microsoft.com/security_essentials/
My System SpecsSystem Spec
.


Reply

 Zugo Toolbar/Homepage issues




Thread Tools



Similar help and support threads for2: Zugo Toolbar/Homepage issues
Thread Forum
homepage Browsers & Mail
Solved Windows 7 Taskbar / Toolbar - Colour Blending Issues Themes and Styles
How to uninstall Zugo..no malware , no spyware System Security
Homepage for IE9 Browsers & Mail
Cannot see routers homepage. Browsers & Mail
MSN homepage Browsers & Mail

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 04:26 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33