Help
Aright all
Need help please.
Have Trojan Vundo b on me computor. Have scanned using norton and have three files with that virus on.
have used the symantec removal tool a few times but it hasnt worked. The pop up warning via norton will not go away also even after ive clicked OK.
Details of the viruses
C:\WINDOWS\addins\playsrv.dll: (will be deleted on next reboot)
C:\WINDOWS\assembly\temp\vsspc.dll: (will be deleted on next reboot)
C:\WINDOWS\java\javautil.dll: (will be deleted on next reboot)
The Trojan.Vundo.B removal was successful.
The system will delete 3 Trojan.Vundo.B files from your PC on next reboot
Even after using the removal tool it says it will delete on reboot but it hasnt.
Hope someone can help me. Please note im not to clued up with computors so please explain any responces in layman terms....thanks
Rafa
Page 1 of 1
Trojan Vundi b
#2
Wilhelmus 
- old hand
- Group: Members
- Posts: 1032
- Joined: 21-December 04
- LocationFinland
Posted 01 May 2005 - 05:16 PM
First update your antivirus.
Download Trojan.Vundo.B Removal Tool:
http://securityresponse.symantec.com/avcenter/venc/data/trojan.vundo.b.removal.tool.html
1) Disable System Restore.Disabling or enabling Windows XP System Restore
2) PHYSICALLY (turn modem off, pull plug, etc.) disconnect from Internet. Then boot into Safe Mode
Starting your computer in Safe mode
3) Scan system with AV. ALL files and ALL harddrives. DELETE any infected file it founds.
4) Delete any values added to the registry.
Click Start > Run.
Type "regedit", without quotes.
Click OK.
Navigate to and delete the following subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ [Trojan file name]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}
Exit the Registry Editor.
5) Reboot and restart in Safe mode. Do another full scan to make sure you got rid of it.
6) Re-enable System Restore (If you want).
Download Trojan.Vundo.B Removal Tool:
http://securityresponse.symantec.com/avcenter/venc/data/trojan.vundo.b.removal.tool.html
1) Disable System Restore.Disabling or enabling Windows XP System Restore
2) PHYSICALLY (turn modem off, pull plug, etc.) disconnect from Internet. Then boot into Safe Mode
Starting your computer in Safe mode
3) Scan system with AV. ALL files and ALL harddrives. DELETE any infected file it founds.
4) Delete any values added to the registry.
Click Start > Run.
Type "regedit", without quotes.
Click OK.
Navigate to and delete the following subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ [Trojan file name]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}
Exit the Registry Editor.
5) Reboot and restart in Safe mode. Do another full scan to make sure you got rid of it.
6) Re-enable System Restore (If you want).
Share this topic:
Page 1 of 1