SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 Unknown dll

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
Lobo
419Eater is my life


Joined: 04 Aug 2007
Posts: 365
Location: Adrift in cyberspace


PostPosted: Wed Oct 29, 2008 2:48 am Reply with quoteBack to top

I have winpatrol installed on my laptop(XP SP2). I rebooted it earlier today, and since that time winpatrol keeps complaining about a new IE add-on.
the add-on is listed as :
C:\windows\system32\opnlJaWP.dll

I keep saying no to adding it, and it keeps popping up. I've tried a google search , with no results returned.

I haven't installed anything on the laptop today, just surfed the web.

Anyone have any ideas what this .dll is for? Is it safe to go in and remove?

_________________
Closed lad accounts x8 x19
Cellphone Easter Egg 2012
Lobo's List of Lads that can't spell F*CK:
DONT FULK WITH US PAUL !! Agent Monday Snipper
FORK YOUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU Moses Modese


"write to me and tell to me more about myself" KristinaLove
"i might be shit to another time which might be in 3weeks or 1month" Raymond Miller mass bait
"you will be pilled to death" Adamu Ibrahim
"why is western union hard this time please?" Mr. Morgan

JOIN THE PACK!
View user's profileSend private message
bill2
Baiting Guru


Joined: 10 Sep 2006
Posts: 5496
Location: Yeah who can tell me where I am?


PostPosted: Wed Oct 29, 2008 2:51 am Reply with quoteBack to top

No documentation on Google means it's not safe. Run a scan and try to see what happens, if you got lots of time. http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

_________________
I don't do bling, I just do lads Evil or Very Mad
View user's profileSend private message
Ex.
Nature's Asshole


Joined: 28 Dec 2007
Posts: 990
Location: Hell's Presidential Suite


PostPosted: Wed Oct 29, 2008 4:33 am Reply with quoteBack to top

Firefox FTW.

_________________
YOU ARE JUST A CHILD WHOO SIT BEHIND HIS COMPUTER MASSTERBATI NG FO HISS FAMILLY - D3nnis M4rk, my lost Safari.

JACK B QUICK YOU ARE NATURES ASHOLE DO NOT EMAIL ME ANYMORE OK - R0ger Jon3s (Right you are mate)

i much prefer s3x in the 4ss - B4rrister 0luwa

United Kingdom x28 United States x9 Nigeria Czech Republic Denmark Argentina Spain Australia Canada Benin Germany United Nations Portugal Question
Closed lad accounts x97 (Updated 02/20/09) pony pony
View user's profileSend private messageSend e-mail
Lobo
419Eater is my life


Joined: 04 Aug 2007
Posts: 365
Location: Adrift in cyberspace


PostPosted: Wed Oct 29, 2008 8:13 am Reply with quoteBack to top

@Ex I only use Firefox and have for some time Smile . IE can kiss my...

Anyone have any suggestions as to how I can get rid of the damn dll??
I've tried going in through safe mode, couldn't rename or delete.
I used a couple of freeware utilities: Unlocker, & Fileutilities' "moveonboot".
Ran IE (ughhhh) and disabled the add-on in add-on manager.

In each case, it's still there after reboot. It's integrated with the winlogon service, so I'm not sure how to proceed...

_________________
Closed lad accounts x8 x19
Cellphone Easter Egg 2012
Lobo's List of Lads that can't spell F*CK:
DONT FULK WITH US PAUL !! Agent Monday Snipper
FORK YOUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU Moses Modese


"write to me and tell to me more about myself" KristinaLove
"i might be shit to another time which might be in 3weeks or 1month" Raymond Miller mass bait
"you will be pilled to death" Adamu Ibrahim
"why is western union hard this time please?" Mr. Morgan

JOIN THE PACK!
View user's profileSend private message
Ex.
Nature's Asshole


Joined: 28 Dec 2007
Posts: 990
Location: Hell's Presidential Suite


PostPosted: Wed Oct 29, 2008 8:19 am Reply with quoteBack to top

ah ok I apologize, I thought you were one of ...... you know ..... the Others. In any case, have you tried AVG?

_________________
YOU ARE JUST A CHILD WHOO SIT BEHIND HIS COMPUTER MASSTERBATI NG FO HISS FAMILLY - D3nnis M4rk, my lost Safari.

JACK B QUICK YOU ARE NATURES ASHOLE DO NOT EMAIL ME ANYMORE OK - R0ger Jon3s (Right you are mate)

i much prefer s3x in the 4ss - B4rrister 0luwa

United Kingdom x28 United States x9 Nigeria Czech Republic Denmark Argentina Spain Australia Canada Benin Germany United Nations Portugal Question
Closed lad accounts x97 (Updated 02/20/09) pony pony
View user's profileSend private messageSend e-mail
Lobo
419Eater is my life


Joined: 04 Aug 2007
Posts: 365
Location: Adrift in cyberspace


PostPosted: Wed Oct 29, 2008 8:26 am Reply with quoteBack to top

Never mind folks. I DL'd hijackthis and it seems to have taken care of the problem. Smile

Edit: no it didn't Sad . Back to the drawing board...

_________________
Closed lad accounts x8 x19
Cellphone Easter Egg 2012
Lobo's List of Lads that can't spell F*CK:
DONT FULK WITH US PAUL !! Agent Monday Snipper
FORK YOUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU Moses Modese


"write to me and tell to me more about myself" KristinaLove
"i might be shit to another time which might be in 3weeks or 1month" Raymond Miller mass bait
"you will be pilled to death" Adamu Ibrahim
"why is western union hard this time please?" Mr. Morgan

JOIN THE PACK!
View user's profileSend private message
wokabo
Master of Master Baiters


Joined: 23 Sep 2004
Posts: 825
Location: best beer country in onomatopoeia world


PostPosted: Wed Oct 29, 2008 8:35 am Reply with quoteBack to top

The file name "opnlJaWP.dll" may indicate that it's a randomly generated name, so most probably it is produced (and contains) malware.

If you can trace the actual file back, store it in a password protected zip and send it to Symantec (or whatever AV you like better) for analysis.

_________________
pony pony pony

Fight My Brute
View user's profileSend private message
Lobo
419Eater is my life


Joined: 04 Aug 2007
Posts: 365
Location: Adrift in cyberspace


PostPosted: Wed Oct 29, 2008 9:07 am Reply with quoteBack to top

Seems to gone after this last reboot. I missed a few entries in the registry. Then had to stop winlogon, and delete the file before allowing the system to reboot.
(Just in case someone else needs to get rid of this &$q*$*# file...) Smile

_________________
Closed lad accounts x8 x19
Cellphone Easter Egg 2012
Lobo's List of Lads that can't spell F*CK:
DONT FULK WITH US PAUL !! Agent Monday Snipper
FORK YOUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU Moses Modese


"write to me and tell to me more about myself" KristinaLove
"i might be shit to another time which might be in 3weeks or 1month" Raymond Miller mass bait
"you will be pilled to death" Adamu Ibrahim
"why is western union hard this time please?" Mr. Morgan

JOIN THE PACK!
View user's profileSend private message
SlapHappy
Body Eater


Joined: 15 May 2006
Posts: 9614
Location: Floating up and down with happiness.


PostPosted: Wed Oct 29, 2008 10:21 am Reply with quoteBack to top

Hmm. I was going to suggest turning off system restore before trying to remove it. Most malware will copy itself into system restore files, and re-infect the system when it's rebooted. If it comes back, try that.

_________________
Sand Timer x Reven U., Fats Walla, Donny
Safari x10 Sand Timer X2 MM:Mikex2, JohnK, [email protected], Ob1, Armstrong, Ismail, TG&Friend
Safari x3 Nancy, Security Guy, Robert Accra-Tamale
Safari Safari Sand Timer (19 mo.) Tina and Joe's Safari - Accra to Niger & Timbucktu
Safari Safari [email protected] & Charlie -Wulugu Or Bust Safari- Lagos to Paga & Tokwari X2 - 3800mi.
Golden Pith x3 H3ctor & [email protected] - Yankar1 & Parakou
Safari x2 Charles and Friend-Amsterdam to Vatican
Safari Issac to Chad
Be A Cool Cat, Like Me Trophy Videos Cool Stuff
pony pony Closed lad accounts Mortar Goat Easter Egg 2011
View user's profileSend private messageSkype Name
manbiteslion
never f*cking learns


Joined: 12 Dec 2007
Posts: 4816
Location: Connecting my chair and keyboard


PostPosted: Wed Oct 29, 2008 9:15 pm Reply with quoteBack to top

Random name = shitware, pretty much guaranteed. Hijack This will remove the hook into IE but not necessarily the file itself.

Be wary, shitware like this tends to dig itself right in deeply, and can come back - it's like a cheating spouse, once the trust is gone, it's gone. Flatten and Rebuild if you possibly can (it has other benefits too, you'll be surprised how much faster your PC will be for a rebuild!)
View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



E-Mail Header Analysis


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT