Ask Me Help Desk

Ask Me Help Desk (https://www.askmehelpdesk.com/forum.php)
-   Other Software (https://www.askmehelpdesk.com/forumdisplay.php?f=394)
-   -   Hijack This Logfile analysis (https://www.askmehelpdesk.com/showthread.php?t=235641)

  • Jul 9, 2008, 01:54 PM
    Duecey93
    Hijack This Logfile analysis
    What should I do about the items I cut/paste from my Hijack This Logfile analysis below? :confused:

    O2 - BHO: (no name) - {378ABD4E-1471-46AB-A35E-B04EE10AD7A0} - C:\WINDOWS\system32\fccyxwWm.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.
    O2 - BHO: (no name) - {4E59D533-8183-4891-B657-D1ED8E8ED5CB} - C:\WINDOWS\system32\hgGyvstU.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    02 - BHO: (no name) - {8F8CEEF1-3393-47B5-A5E5-94AE8C71979A} - C:\WINDOWS\system32\iifCVlmm.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.
    O2 - BHO: (no name) - {A98D0065-7326-41B5-B8D9-C5B692CDB82F} - C:\WINDOWS\system32\wvUmMCRI.dll (file missing)
    Must be fixed!
    Unnecessary (deactivated) entry that can be fixed. [random filename] - ConHook, http://research.sunbelt-software.com/thr eatdisplay.aspx?threatid=45786 aka Chisyne, CA Global Security Advisor - CA info/virus.aspx?id=48117 trojan variant - VirtuMonde/Vundo, http://www.symantec.com/security_resp
    O2 - BHO: (no name) - {B2DD45E2-0B28-4FF3-B257-AEB5A3A11BD0} - C:\WINDOWS\system32\byXoomKb.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.
    O2 - BHO: (no name) - {E2BAA01F-EE6F-431E-8EFC-A9907B678560} - C:\WINDOWS\system32\tuvUNgGw.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.
    O2 - BHO: (no name) - {EA219909-B178-40A3-ACE2-7DD209447DA3} - C:\WINDOWS\system32\qoMfcdEw.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.
    O4 - HKCU\..\Run: [yrjlentu] C:\WINDOWS\system32\tmfopcxk.exe
    Unknown application.
    O4 - HKCU\..\Run: [yuqgfcmn] C:\WINDOWS\system32\gpydutkp.exe
    Unknown application.
    O4 - HKCU\..\Run: [oidcivqj] C:\WINDOWS\system32\orcvqpkz.exe
    Unknown application.
    O20 - Winlogon Notify: wvUmMCRI - wvUmMCRI.dll (file missing)
    Unnecessary (deactivated) entry that can be fixed.
    O21 - SSODL: qdnkewfa - {65217AB2-022E-4E8C-8885-42A772381977} - C:\WINDOWS\qdnkewfa.dll (file missing)
    O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
    This entry was classified from our visitors as bad.
  • Jul 9, 2008, 03:48 PM
    JBeaucaire
    Try running a cleanup utility like CCleaner (Download Here) instead of manually fiddling with all of these entries.
  • Jul 9, 2008, 04:09 PM
    jstrike
    For those entries that have file missing you can use Hijack This to remove the entry. For those that you're not sure of you can go into IE7 and disable them to see what happens but based on those file names I wouldn't trust anything on that list other than the entry for Java 6. (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll) If you're in doubt try googling the file name before you delete it/disable it.
  • Jul 9, 2008, 05:38 PM
    seahwk83
    Mark the boxes next to All these items and choose the option to fix, bottom left

    After restarting the PC, run a full Anitvirus scan on your PC

    Here are some links for Online scans if you do not have an antivirus application that is updated

    Free online Virus scans
    Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro USA
    http://www.thepcmanwebsite.com/virus_help.shtml
    http://www.ravantivirus.com/scan/
    Virus File Scanner
    Free AntiVirus Software and Free Online Virus Scanning Services (thefreecountry.com)

    I would suggest using 2 of these.

    Quote:
    O2 - BHO: (no name) - {378ABD4E-1471-46AB-A35E-B04EE10AD7A0} - C:\WINDOWS\system32\fccyxwWm.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.

    02 - BHO: (no name) - {8F8CEEF1-3393-47B5-A5E5-94AE8C71979A} - C:\WINDOWS\system32\iifCVlmm.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.

    O2 - BHO: (no name) - {B2DD45E2-0B28-4FF3-B257-AEB5A3A11BD0} - C:\WINDOWS\system32\byXoomKb.dll (file missing)
    Unknown application. Unnecessary (deactivated) entry that can be fixed.

    O4 - HKCU\.. \Run: [yrjlentu] C:\WINDOWS\system32\tmfopcxk.exe
    Unknown application.
    O4 - HKCU\.. \Run: [yuqgfcmn] C:\WINDOWS\system32\gpydutkp.exe
    Unknown application.
    O4 - HKCU\.. \Run: [oidcivqj] C:\WINDOWS\system32\orcvqpkz.exe
    Unknown application.

    O20 - Winlogon Notify: wvUmMCRI - wvUmMCRI.dll (file missing)
    Unnecessary (deactivated) entry that can be fixed.
    O21 - SSODL: qdnkewfa - {65217AB2-022E-4E8C-8885-42A772381977} - C:\WINDOWS\qdnkewfa.dll (file missing)
    And as suggested run CCleaner

    Download CCleaner 2.09.600 - FileHippo.com
    On the right hand side, click download latest version
    When done, run another Hijack and see what kind of info may come up

    • All times are GMT -7. The time now is 12:25 AM.