I read the pre-posting instructions. I think I got it all completed ok.
I was helping B-I-L get rid of Adware.Vundo pop-ups. It started to lok bad and
I found this site.
Great site !
After running all the tools, things are looking better.
No more pop-ups.
If you could review my logs I would appreciate it.
I had a pop-up pointing to xxyyx.dll, and a reference to Adware.Vundo.
Any idea what this dll is ?
Oh....AntiRootKit showed nothing

Attached Files

	ComboFix.txt (11.7 KB, 1 views)
	AVG Log.txt (2.4 KB, 1 views)
	Hijack_This.txt (7.8 KB, 5 views)

This next step is purely optional however viewpoint is considered foistware and is not needed on your computer,


Go to Start > Run and copy/paste or type: taskmgr

• Under the Processes tab find the following tasks or processes:
  ViewpointService.exe
  ViewMgr.exe
• Highlight and click "End Process".
• Exit Task Manager.

Click on Start > Run and type: services.msc

• Press "OK".
• Click the "Extended tab".
• Scroll down the list and find the service called "Viewpoint Manager Service"
• When you find the service, double-click on it.
• In the Properties Window > General Tab that opens, click the "Stop" button.
• From the drop-down menu next to "Startup Type", click on "Disabled".
• Now click "Apply", then "OK" and close any open windows.

Click on Start > Settings > Control Panel > Add/Remove Programs > highlight and remove all references to Viewpoint - i.e. Viewpoint, Viewpoint Manager, Viewpoint Media Player.

Finally, delete the following folders if they still exist:
C:\Program Files\ViewManager\ <-- and delete this folder
C:\Program Files\Viewpoint\ <-- and delete this folder

I don't see an anitivirus program installed.

Today's internet is simply suicide without an up to date antivirus.
Not much point in you and I cleaning up the system if you refuse to protect yourself.
However -- if you don't understand or cannot install an antivirus -- please let me know.

Please download ONE of the following antivirus programs and install it.

• Avast:
• AVG:
• AntiVir:

Once installed, Update it, run full system scan with it and allow it to fix up what it wants.
Reboot if it fixed anything.

You should get a firewall as well, either, these firewalls are all free,

• Comodo
• Kerio
• Online Armor
• Zonealarm

Fix entries using HiJackThis

• Launch HiJackThis
• Click the Do a system scan only button
• Put a check next to the entrieslisted below
  
  O2 - BHO: {3fbc398f-7c92-e8a8-f6f4-b1bf0cd2609c} - {c9062dc0-fb1b-4f6f-8a8e-29c7f893cbf3} - C:\WINDOWS\system32\dffbkdse.dll (file missing)
  
• IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
• Click the Fix checked button and close HiJackThis
• Reboot HijackThis if necessary

Update your Java Runtime Environment

• First try going to Start -> Control Panel -> double click Java
• Select the Update TAb at the top
• Click the Check for Updates button at the bottom
• If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
• After it installs the newest version Go back to Control Panel -> Add/remove programs
• Uninstall any older versions of Java

If for some reason you couldn't update through the above instructions.

• Click the following link
  Java Runtime Environment 6 Update 5
• The 4th option down is the one you want (click Download)
• Check the box to agree to terms of service
• Check the box for your operating system and click 'Download selected'at the bottom
• After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
• Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

try that for now and ill look over it properly later.

Totally agree about security. My bad.
I installed and have AVG running
I installed ZoneAlarm. Up and running. Catching all kinds of stuff. Excellent
Ran HJT successfully
Updated Java successfully.
Thanks for the help. Its running much better.

Oh....I forgot....Removed Viewpoint

Want to post a fresh HJT log for me then?

Sure. Here it is

Attached Files

hijackthis.log (7.6 KB, 4 views)