Umonitor, VX2? Dll issues. Hijack log included.

By aedwards
Jan 25, 2005
  1. I have a user who is getting random .dll errors at bootup with "umonitor" after each. I have done some research and believe it is a variant of VX2. I have ran updated adaware, spy sweeper, spybot and could not completely remove this. I have deleted spyware entries out of the registry also and cleaned up the system using ccleaner. Does anyone see anything malicious in the log?
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Go to this post here first, and read the instructions carefully.
    How to remove Begin2Search / Coolwebsearch

    At least, download/update/run those 4-5 programs in the beginning of it.

    Then reboot in safe mode and run Hijackthis on its own and let it 'fix':
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =;;;;;;;;;;;;;;;;;;;;;;;;;;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O1 - Hosts: ;Entries for Campus Cluster user base
    O1 - Hosts:
    O1 - Hosts:
    O1 - Hosts: ;Entries for MCG_SOD user base
    O1 - Hosts: ;Entries for MCG_PSD user base
    O1 - Hosts: ; Entries for MCG_HOSPITAL3 user base
    O1 - Hosts: # MCG HealthCare
    O1 - Hosts: ; mcgor
    O1 - Hosts: ; Entries for MCG_RE user base
    O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) -
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\WINNT\
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -

    Use the LSPFIX at the bottom of my post for this one:
    O10 - Broken Internet access because of LSP provider 'vnsp.dll' missing

Topic Status:
Not open for further replies.

Similar Topics

Create an account or login to comment

You need to be a member in order to leave a comment
TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.