| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 62745 | 2005-10-18 06:58:00 | Help Remove Trojan.Vundo.B | jwcalho (9095) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 397350 | 2005-10-18 06:58:00 | I am really stumped here, I have tried many things. Here is what I have tried so far. First I noticed that Microsoft Antispyware and Ad-aware both saw vundomundo as an adware threat but could not remove it. Then today Norton 2005 picked up up as a Trojan virus named Trojan.Vundo.B So I first downloaded and ran the norton trojan.vundo removal tool- Nothing found Then I realized they had a trojan.vundo.b removal tool.- same result nothing found Then I read more and ran the removal tool (trojan.vundo.b, because thats what norton said I had) I ran it in safe mode. Still it did not find the threat. I tried running and removing the threat through Microsoft Antispyware and AdAware 6 se in safe mode, still no luck it always comes back. I tried deleting the registry file which is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnn.dll I deleted sub-folders or whatever option came up too. Still every time reboot it comes back, so i tried deleting that file from safe mode, still no luck. It is really annoying that norton recognizes I have a virus, keeps giving me this popup, and cant fix it. Please help. I have tried so many things and am getting frustrated. I read other posts about this and tried some techniques but still no luck. Thanks for help |
jwcalho (9095) | ||
| 397351 | 2005-10-18 07:04:00 | Try The Ewido Suite www.ewido.net Make sure you update the definitions after installing and Trojan Remover http://www.simplysup.com/ Make sure you update the definitions after installing |
bartsdadhomer (80) | ||
| 397352 | 2005-10-18 07:05:00 | Try this previous post pressf1.pcworld.co.nz |
Speedy Gonzales (78) | ||
| 397353 | 2005-10-18 07:14:00 | trying to download trojan remover from simply sup.com, um I looked at that post alreayd speedy and since the trojan remover(from symantec) didnt find anything at all it didn't help me that much. Also i dont know how to suspend a file. I only see: end processs, end process tree and set priority, and I cant end winlogs process because it is too important or something.... | jwcalho (9095) | ||
| 397354 | 2005-10-18 07:20:00 | trojan remover did not find anything. and yes it was updated. | jwcalho (9095) | ||
| 397355 | 2005-10-18 07:24:00 | Get the removal tool from symantec, which is in that previous post and run it in safe mode. | Speedy Gonzales (78) | ||
| 397356 | 2005-10-18 07:28:00 | Get the removal tool from symantec, which is in that previous post and run it in safe mode. I know you are trying to help, but seriously did you read my post? I tried that, I tried the regular removal tool and trojan.vundo.b removal tool, and I've run them in safe mode, it still finds nothing yet when I manually look the registry file is still there and norton autoprotect when I turn it back on (after I have scanned with removal tool). I am going to bed for tonight, any suggestions I will try in the morning. Thanks everyone for help. This sucks :( I never get viruses :( I got it from a false email from our network administator here at college. Someone hacked the admin account and sent out emails with attachments saying, your account pw has been changed please download and review to this log to authorize or unathorize this change. If someone got my college pw and change dit they could drop all my classes, so I had to check :(. Thanks for help |
jwcalho (9095) | ||
| 397357 | 2005-10-18 07:42:00 | Download Hijackthis then and post a log here.. Unzip it first and put it in its own folder. There might be something else apart from Vundo on the PC. www.spywareinfo.com |
Speedy Gonzales (78) | ||
| 397358 | 2005-10-18 07:50:00 | Well I had the identical problem. Downloaded the Symantec tool, found it didn't work, then found out about running in safe mode etc. After 2 days I was readt to do a clean install then this was the sequence: Ran Vundo in safe mode having turned off Norton, re-started and ran Norton in normal, then downloaded the latest 7 security patches and presto on re-start MS said it was scanning for viruses. I then re-started and found that the file geeby.dll had been deleted. Since then no problems. Every site I have searched about this has people doing different things then finally it is resolved. I think the Security Update is the key. Rob |
Rob (6897) | ||
| 397359 | 2005-10-18 08:56:00 | Turn off System Restore Run CCleaner to remove all temp files Install Ewido & update Run Ewido in both normal & safe mode in each account on the computer |
bartsdadhomer (80) | ||
| 1 2 | |||||