Home > Trouble With > Trouble With WINNT Trojan Vundo Virus

Trouble With WINNT Trojan Vundo Virus

Please include a link to this thread with your request. Reboot and tell how things are running. To my surprise, five viruses and six traces of spyware were detected. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Click on this link to see a list of programs that should be disabled. http://gsdclb.org/trouble-with/trouble-with-computer-malware-virus.php

I also tried the Symantec fix for Trojan.Vundo ... Click "Select All" and then "Next". Share this post Link to post Share on other sites AdvancedSetup    Staff Root Admin 64,430 posts Location: US ID: 3   Posted September 12, 2009 Please post an update on Check "Local Disc C".

About CNET Privacy Policy Ad Choice Terms of Use Mobile User Agreement Help Center Sign in AccountManage my profileView sample submissionsHelpMalware Protection CenterSearchMenuSearch Malware Protection Center Search Microsoft.com Search the Web Quote Report Back to top Post a reply Unread posts or replies No unread posts or replies Unread Posts (Read Only Forum) No Unread Posts (Read Only Forum) Forum Thanks!The fixes and advice in this thread are for this machine only.

Legal Terms Privacy Policy & Cookies © 2017 BullGuard. Stay logged in AfterDawn Discussion Forums Home Forums > Software, operating systems and more > Windows - Virus and spyware problems > Home Forums Forums Quick Links Search Forums Recent Posts Flag Permalink This was helpful (0) Collapse - fsafisher.. Advertisement angelhermit Thread Starter Joined: Jan 27, 2006 Messages: 18 I clicked something stupid and ended up with a virus on my computer.

I guess he backed everything up with this 'Old' folder. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Products Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. I'm hoping they are.

Please download VundoFix.exe to your desktop. Any help will be greatly appreciated. All rights reserved. by Carol~ Forum moderator / October 10, 2005 7:17 AM PDT In reply to: Trojan.Vundo / ssqro.dll as of yet, this may be of interest:http://www.atribune.org/content/view/13/2/'In the last few weeks a new

Quote Report Back to top Posted 12/3/2005 4:40 PM #24395 Touch Advanced member Date Joined Nov 2016 Total Posts: 12976 If you are able to move Old system folder Click here to Register a free account now! Then it says that 'C:\WINNT\system32\ssqro.dll', couldn't be repaired and that access to that file was denied. I've noticed you tried..

What to do now Manual removal is not recommended for this threat. have a peek at these guys This is normal. Did you try the trial version of SpySweeper as mentioned above?If that does not work, please read this post again:http://reviews.cnet.com/5208-6132-0.html?forumID=32&threadID=129884&messageID=1467472 Flag Permalink This was helpful (0) Collapse - Spy Sweeper got Javascript Disabled Detected You currently have javascript disabled.

LOL Carol Flag Permalink This was helpful (0) Collapse - Two AV's? After doing this, I stll couldn't delete it, but I restarted the computer and this the standard Norton program was able to quarantine it, which it had failed doing thousands of When JavaRa is done, a notice will appear that a logfile has been produced. check over here My thinking is, since there is no harm in running this tool AND if you are able to do so w/o the ssqro.dll issue interferring, there is nothing lost..

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]"ImagePath"="\??\c:\docume~1\USER\LOCALS~1\Temp\PSBB.tmp"[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]"ImagePath"="c:\winnt\system32\GameMon.des -service".------------------------ Other Running Processes ------------------------.c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exec:\program files\Bonjour\mDNSResponder.exec:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exec:\winnt\system32\nvsvc32.exec:\progra~1\AVG\AVG8\avgam.exec:\program files\AVG\AVG8\avgrsx.exec:\progra~1\AVG\AVG8\avgnsx.exec:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exec:\winnt\system32\rundll32.exec:\program files\iPod\bin\iPodService.exec:\winnt\system32\wscntfy.exec:\program files\Yahoo!\Messenger\Ymsgr_tray.exe.**************************************************************************.Completion time: 2009-09-19 10:17 - machine was rebootedComboFix-quarantined-files.txt 2009-09-19 02:17ComboFix2.txt Download, install and run Cleanup[/color] Check 'options' to customize your settings, and then make sure only the following are checked: Cleanup all user profiles Delete prefetch files Empty the recycle bins.

Was this the tool you ran?http://securityresponse.symantec.com/avcenter/venc/data/trojan.vundo.b.removal.tool.htmlAccording to the instructions I've read you must disable Norton's AV from loading in start up, reboot and THEN run fx.vundo.exe.

I'm getting really desperate! Chkdsk will run. Fixing Registry -------------------------------------------------------------------------------------- BTW: As you can see many things are being found in the C:\(Old System) folder, etc. I was able to delete one of them, and the process mcpc.exe just sits there in the processes however its not running.

Please save it to a convenient location and post it back when you replyThen look for the following Java folders and if found delete them.C:\Program Files\JavaC:\Program Files\Common Files\JavaC:\Windows\SunC:\Documents and Settings\All Users\Application Please try again now or at a later time. It contacts remote the host nx1.mslivelogin.com in order to receive directives. this content Besides my computer being overall sluggish, I've also been receiving some "naughty" popups lately.

I have followed the instructions other than the system restore stuff, to no avail. For example: "\prndev.dll" "%temp%\prndev.dll"   Note - refers to a variable location that is determined by the malware by querying the Operating System.