TechSpot

Vundo and other Trojan Removal

By BrooksG
Mar 27, 2008
Topic Status:
Not open for further replies.
  1. I read the pre-posting instructions. I think I got it all completed ok.
    I was helping B-I-L get rid of Adware.Vundo pop-ups. It started to lok bad and
    I found this site.
    Great site !
    After running all the tools, things are looking better.
    No more pop-ups.
    If you could review my logs I would appreciate it.
    I had a pop-up pointing to xxyyx.dll, and a reference to Adware.Vundo.
    Any idea what this dll is ?
    Oh....AntiRootKit showed nothing

    Attached Files:

  2. kritius

    kritius TS Guru Posts: 2,087

    This next step is purely optional however viewpoint is considered foistware and is not needed on your computer,


    Go to Start > Run and copy/paste or type: taskmgr
    • Under the Processes tab find the following tasks or processes:
      ViewpointService.exe
      ViewMgr.exe
    • Highlight and click "End Process".
    • Exit Task Manager.
    Click on Start > Run and type: services.msc
    • Press "OK".
    • Click the "Extended tab".
    • Scroll down the list and find the service called "Viewpoint Manager Service"
    • When you find the service, double-click on it.
    • In the Properties Window > General Tab that opens, click the "Stop" button.
    • From the drop-down menu next to "Startup Type", click on "Disabled".
    • Now click "Apply", then "OK" and close any open windows.
    Click on Start > Settings > Control Panel > Add/Remove Programs > highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.

    Finally, delete the following folders if they still exist:
    C:\Program Files\ViewManager\ <-- and delete this folder
    C:\Program Files\Viewpoint\ <-- and delete this folder

    I don't see an anitivirus program installed.

    Today's internet is simply suicide without an up to date antivirus.
    Not much point in you and I cleaning up the system if you refuse to protect yourself.
    However -- if you don't understand or cannot install an antivirus -- please let me know.

    Please download ONE of the following antivirus programs and install it.
    Once installed, Update it, run full system scan with it and allow it to fix up what it wants.
    Reboot if it fixed anything.

    You should get a firewall as well, either, these firewalls are all free,
    Fix entries using HiJackThis
    • Launch HiJackThis
    • Click the Do a system scan only button
    • Put a check next to the entrieslisted below

      O2 - BHO: {3fbc398f-7c92-e8a8-f6f4-b1bf0cd2609c} - {c9062dc0-fb1b-4f6f-8a8e-29c7f893cbf3} - C:\WINDOWS\system32\dffbkdse.dll (file missing)
    • IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
    • Click the Fix checked button and close HiJackThis
    • Reboot HijackThis if necessary

    Update your Java Runtime Environment
    • First try going to Start -> Control Panel -> double click Java
    • Select the Update TAb at the top
    • Click the Check for Updates button at the bottom
    • If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
    • After it installs the newest version Go back to Control Panel -> Add/remove programs
    • Uninstall any older versions of Java

    If for some reason you couldn't update through the above instructions.
    • Click the following link
      Java Runtime Environment 6 Update 5
    • The 4th option down is the one you want (click Download)
    • Check the box to agree to terms of service
    • Check the box for your operating system and click 'Download selected'at the bottom
    • After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
    • Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

    try that for now and ill look over it properly later.
  3. BrooksG

    BrooksG TS Rookie Topic Starter

    Totally agree about security. My bad.
    I installed and have AVG running
    I installed ZoneAlarm. Up and running. Catching all kinds of stuff. Excellent
    Ran HJT successfully
    Updated Java successfully.
    Thanks for the help. Its running much better.
  4. BrooksG

    BrooksG TS Rookie Topic Starter

    Oh....I forgot....Removed Viewpoint
  5. kritius

    kritius TS Guru Posts: 2,087

    Want to post a fresh HJT log for me then?
  6. BrooksG

    BrooksG TS Rookie Topic Starter

    Sure. Here it is
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.