Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Dll File?


  • Please log in to reply
10 replies to this topic

#1 brus brother

brus brother

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 07 May 2008 - 06:33 AM

I am trying to recover a friend's computer from a wild virus/malware assault. XPHome. Pentium4.
Finally made some headway using AVG but had plodded through many other processes and failed attempts.
After all this, I got a messages at startup about two dll unable to locate/load.
I unchecked them in msconfig startup so as to not get the message.
The computer seems to be running fine.
I am unable to identify these processes through Google and yes, I have rechecked the spelling.
pdjvikeu.dll
rabqqemt.dll
Any ideas what this is or what they do?

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:12:24 PM

Posted 07 May 2008 - 07:49 AM

Not a good sign. I'm going to move you to the Am I Infected forum
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:24 PM

Posted 07 May 2008 - 08:33 AM

the message is harmless, just means you have deleted that part of the infection and the registry has references to those files and wants to load them when windows boots

would you post the log from avg that shows the infection?

when we are sure the infection is gone then we can deal with the registry? It's a simple fix

they are random named files

old malware trick

Edited by DaChew, 07 May 2008 - 08:36 AM.

Chewy

No. Try not. Do... or do not. There is no try.

#4 brus brother

brus brother
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 07 May 2008 - 07:01 PM

Well, I'm not sure if I kept the logs but AVG said I was squeaky clean after two runs.
This computer had more viruses than the lips on a sailor's date.
I am left with a number of names in the registry that seem harmless.
Hmmm... should I allow all of these to load at startup and then run AVG again to be sure?? I guess I might as well do that right now and report back.

#5 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:24 PM

Posted 07 May 2008 - 07:03 PM

http://www.bleepingcomputer.com/forums/ind...st&p=818222

for those broken registry files
Chewy

No. Try not. Do... or do not. There is no try.

#6 brus brother

brus brother
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 07 May 2008 - 09:16 PM

Thanks Chewy and all those who create such nifty tools as the one you refer.
I ran AVG again and nothing showed up.
The MSCONFIG start menu still includes such overstayed guests as rabqqemt.dll, Antispyware, AntiVirProtect, pdjvikeu.dll, xpa and Zango.
The infections on the earliest AVG log included Vundo, Heur, YBY and a few Trojans.
What a mess!
In hopes of avoiding such intrusions again, I think I'll suggest to my friend that he gets his music from a retail store and studies human "anatomy" at a college evening art course.

#7 brus brother

brus brother
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 08 May 2008 - 10:18 AM

Aside from the dll files indicated above, Autoruns indicates there are a number of other "files not found". Is it safe to remove these in the hopes of speeding the startup process?

Edited by brus brother, 08 May 2008 - 10:20 AM.


#8 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:24 PM

Posted 08 May 2008 - 10:36 AM

The MSCONFIG start menu still includes such overstayed guests as rabqqemt.dll, Antispyware, AntiVirProtect, pdjvikeu.dll, xpa and Zango


would they be related to this
Chewy

No. Try not. Do... or do not. There is no try.

#9 brus brother

brus brother
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 08 May 2008 - 11:48 AM

The following is the alphabet soup of "files not found":
LMImirr (I uninstalled LogMeIn but this remains)
PCIDump
PDCOMP
PDFRAME
PDRELI
WDICA
wwUoLbAS
PRISM_AO2
C:\\Windows\system32 awtqqoLE
Can I remove these safely? The last three have no match in Google.
The computer seems to be running fine.
Before pondering the what to delete question, I had deleted a number of other "files not found" (gone for good??) but so far the computer seems to be running faster than ever with no problems. Phew!

#10 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:24 PM

Posted 08 May 2008 - 12:05 PM

proceed cautiously, you might gain a few microseconds in bootup or lose an eternity, registry edits are best few and far between
Chewy

No. Try not. Do... or do not. There is no try.

#11 brus brother

brus brother
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 08 May 2008 - 12:51 PM

proceed cautiously, you might gain a few microseconds in bootup or lose an eternity, registry edits are best few and far between

Ah the wisdom of Yoda with the mane of Chewbaca...
I will assume that I'm OK with whatever damage I've done so far as the computer is runnung fine and call it a day.
Thanks for your guidance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users