Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

random.dll + Umonitor


  • This topic is locked This topic is locked

#1
spunog

spunog

    New Member

  • Member
  • Pip
  • 1 posts
Could someone please help me with this problem. Every time I reboot my machine I get a pop up message saying that ramdom.dll could not be opened . With "Umonitor" beside it. I have run the find it and here is the output. Any help would be greatly appreciated.

Spunog


------- System Files in System32 Directory -------

Volume in drive C has no label.
Volume Serial Number is A0C8-2771

Directory of C:\WINDOWS\System32

01/23/2005 16:06 229,658 dn4m01h1e.dll
01/23/2005 15:38 228,876 l88mlil118q.dll
01/23/2005 14:07 230,330 l4n4le5q1h.dll
01/23/2005 13:00 229,153 kt0ul7d91.dll
01/23/2005 12:58 228,862 ir2ol5f31.dll
01/23/2005 12:56 228,371 fp4o03h3e.dll
01/23/2005 12:22 231,792 OWBCJI32.DLL
01/23/2005 12:20 231,792 n84s0ih7e84.dll
01/23/2005 12:19 228,993 p68qlgl516q.dll
01/23/2005 12:19 <DIR> DLLCACHE
01/23/2005 12:17 231,792 SZCLIENT.DLL
01/23/2005 12:08 230,948 aza80ehueh480.dll
01/23/2005 12:05 230,948 WQAVIDEO.DLL
01/23/2005 12:04 230,494 jt0u07d9e.dll
01/23/2005 11:52 232,039 ir4ql5h51.dll
01/23/2005 11:50 230,494 mptask.dll
01/23/2005 11:49 228,476 p2p6lc7s1f.dll
01/23/2005 11:41 228,476 DHSEC.DLL
01/23/2005 11:41 229,958 o284lclq1fqe.dll
01/23/2005 11:36 228,476 iyss.dll
01/23/2005 11:36 230,195 mvjsl9171.dll
01/23/2005 11:24 232,223 mqdart.dll
01/23/2005 11:24 228,668 o6lu0g39e6.dll
01/23/2005 11:22 228,800 en02l1do1.dll
01/23/2005 11:20 232,223 TREMEUI.DLL
01/22/2005 11:45 232,223 l8p2li7o18.dll
01/22/2005 11:38 232,223 j40s0ed7eh0.dll
01/22/2005 11:35 232,223 t2r80c9uef.dll
01/21/2005 21:20 230,315 irnul5591.dll
07/01/2004 02:48 67,584 bkrll.dll
12/13/2002 19:25 <DIR> Microsoft
29 File(s) 6,516,605 bytes
2 Dir(s) 8,256,815,104 bytes free

------- Hidden Files in System32 Directory -------

Volume in drive C has no label.
Volume Serial Number is A0C8-2771

Directory of C:\WINDOWS\System32

01/23/2005 12:19 <DIR> DLLCACHE
07/01/2004 02:48 67,584 bkrll.dll
09/03/2002 08:57 488 logonui.exe.manifest
09/03/2002 08:57 488 WindowsLogon.manifest
09/03/2002 08:57 749 nwc.cpl.manifest
09/03/2002 08:57 749 sapi.cpl.manifest
09/03/2002 08:57 749 ncpa.cpl.manifest
09/03/2002 08:57 749 cdplayer.exe.manifest
09/03/2002 08:57 749 wuaucpl.cpl.manifest
8 File(s) 72,305 bytes
1 Dir(s) 8,256,815,104 bytes free

------------ Files Named "Guard" ---------------

Volume in drive C has no label.
Volume Serial Number is A0C8-2771

Directory of C:\WINDOWS\System32

01/23/2005 16:08 228,876 guard.tmp
1 File(s) 228,876 bytes
0 Dir(s) 8,256,811,008 bytes free

------ Temp Files in System32 Directory ------

Volume in drive C has no label.
Volume Serial Number is A0C8-2771

Directory of C:\WINDOWS\System32

01/23/2005 16:08 228,876 guard.tmp
08/29/2002 05:00 2,577 CONFIG.TMP
2 File(s) 231,453 bytes
0 Dir(s) 8,256,811,008 bytes free

------------------ User Agent ----------------

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{426C7383-4775-40B6-B15B-08F8295F96CF}"=""


------------- Keys Under Notify -------------

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Internet Settings]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\l88mlil118q.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"


------------- Locate.com Results -------------

-------- Strings.exe Qoologic Results --------


--------- Strings.exe Aspack Results ---------


-------------- HKLM Run Key ----------------

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"AdaptecDirectCD"="\"C:\\Program Files\\Roxio\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"vptray"="C:\\PROGRA~1\\SYMANT~1\\SYMANT~1\\vptray.exe"
"PaperPort PTD"="C:\\Program Files\\Scansoft\\PaperPort\\pptd40nt.exe"
"IndexSearch"="C:\\Program Files\\Scansoft\\PaperPort\\IndexSearch.exe"
"SetDefPrt"="C:\\Program Files\\Brother\\BRMFLPRO\\BrDefPrt.exe"
"26dd7cd48a79"="C:\\WINDOWS\\System32\\CCFGNT00.exe"
"AcyU"="C:\\WINDOWS\\wojko.exe"
"rndkwlvi"="C:\\WINDOWS\\System32\\rndkwlvi.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"



  • 0

Advertisements


#2
bilko

bilko

    Member

  • Member
  • PipPip
  • 35 posts
You certainly have some .dll files there that you shouldn't have.

Goto this link and read it

http://www.geekstogo..._Log-t2852.html

Then post a Hijack this log, in the appropriate section.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP