Umonitor, VX2? Dll issues. Hijack log included.

By aedwards
Jan 25, 2005
  1. I have a user who is getting random .dll errors at bootup with "umonitor" after each. I have done some research and believe it is a variant of VX2. I have ran updated adaware, spy sweeper, spybot and could not completely remove this. I have deleted spyware entries out of the registry also and cleaned up the system using ccleaner. Does anyone see anything malicious in the log?
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Go to this post here first, and read the instructions carefully.
    How to remove Begin2Search / Coolwebsearch

    At least, download/update/run those 4-5 programs in the beginning of it.

    Then reboot in safe mode and run Hijackthis on its own and let it 'fix':
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =;;;;;;;;;;;;;;;;;;;;;;;;;;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O1 - Hosts: ;Entries for Campus Cluster user base
    O1 - Hosts:
    O1 - Hosts:
    O1 - Hosts: ;Entries for MCG_SOD user base
    O1 - Hosts: ;Entries for MCG_PSD user base
    O1 - Hosts: ; Entries for MCG_HOSPITAL3 user base
    O1 - Hosts: # MCG HealthCare
    O1 - Hosts: ; mcgor
    O1 - Hosts: ; Entries for MCG_RE user base
    O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
    O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) -
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\WINNT\
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -

    Use the LSPFIX at the bottom of my post for this one:
    O10 - Broken Internet access because of LSP provider 'vnsp.dll' missing

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...