This
particular Spyware is nearly impossible to remove
by hand. This particular spyware has a number of names
like: winfixer 2005, winfixer, virtumundo, vundo,
trojan.vundo.b, win fixer, and look2me. We have a number
of spyware tools that will help eliminate this. Typical
spyware entries that one would find listed in
hijackthis would be the follow.
O2 - BHO: (no name) -
{00DBDAC8-4691-4797-8E6A-7C6AB89BC441} -
C:\WINDOWS\System32\pmnli.dll
O2 - BHO: MSEvents Object -
{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} -
C:\WINDOWS\System32\gebcd.dll
Typical spyware listings under "Winlogon Notify"
are the follow.
O20 - Winlogon Notify: gebcd - C:\WINDOWS\System32\gebcd.dll
O20 - Winlogon Notify: pmnli - C:\WINDOWS\SYSTEM32\pmnli.dll
Step 1
Backup any important data.
Step 2 Download and Install
Webroot's Spysweeper. Spysweeper will remove
Winfixer 2005. The 14 day trial version will remove it
assuming you've never used Spysweeper in the past.
Step 3 Go to Add/Remove
Programs and see if Winfixer 2005 Spyware is
listed as being an installed program. If so, remove the
program.
Step 4 Next download and run
VirtumundoBeGone (Click Start and Click Yes - it
is normal to cause a bluescreen if it removes the
Virtumundo trojan)
Step 5 Next download and run
FixVundo Tool by Symantec (Click Start and
Click Yes)
Symantec's instructions and Reboot.
Step 6 Remove any outdated
virus scanner you have.
DO NOT
install more than one virus scanner for
"full-time/resident scanning."
Common file names of Winfixer Spyware
C:\WINDOWS\system32\pmnnm.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\ljhgh.dll
C:\WINDOWS\system32\nnnnk.dll
C:\WINDOWS\system32\awvts.dll
C:\WINDOWS\system32\ssqpn.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\qopnm.dll
C:\WINDOWS\system32\vtstq.dll
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\ddccy.dll
C:\WINDOWS\system32\vtstt.dll
C:\WINDOWS\system32\jkhhf.dll
C:\WINDOWS\System32\jkklm.dll
C:\WINDOWS\system32\req.dll
C:\WINDOWS\system32\igfxsrvc.dll
C:\WINDOWS\system32\yabya.dll
C:\WINDOWS\system32\igfxsrvc.dll
C:\WINDOWS\system32\geebc.dll
C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\awtqq.dll
C:\WINDOWS\system32\sstqq.dll
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\mljge.dll
C:\WINDOWS\system32\sstts.dll
C:\WINDOWS\system32\pmnno.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\jkkji.dll
C:\WINDOWS\system32\efeca.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\ssqro.dll
