Home > Solved Vundo > Solved: Vundo Trojan Problems On XP

Solved: Vundo Trojan Problems On XP

PLEASE TELL ME ANY SUGGESTIONS YOU MIGHT HAVE Problem was successfully solved. Win32/Vundo might modify the following registry entry to load the newly created DLL whenever you start your PC or Internet Explorer: In subkey: HKLM\SOFTWARE\Classes\CLSID\Sets value: "InprocServer32"With data: "have a peek at these guys

The /EXCLUDE switch will only work with one path, not multiple. Because this worm spreads by using shared folders on networked computers, to ensure that the worm does not re-infect the computer after it's removed, Symantec suggests sharing with Read Only access We were able to change in the registry, did the reboot and nothing. MOBO problem? https://forums.techguy.org/threads/solved-vundo-trojan-problems-on-xp.726292/

much appreciated Changing the case should not make a difference but you can try it. solved Windows 10 crashed and only boots into safe mode after cloning to an SSD solved HP compaq shutsdown after loading OS, but stays open and running on safe mode Tom's I returned to Task Manager, used the manual fix again, and I was able to retrieve desktop and taskbar and a working computer. Choose the REPAIR option by pressing R.Select InstallationRecovery Console is command based.

That kdcom.dll file seems to be the issue. Even if I include the full path (C:\windows\explorer.exe) it gives an error message saying it can't find the file. By default, this switch creates the log file, FixVundo.log, in the same folder from which the removal tool was executed. /MAPPED Scans the mapped network drives. (We do not recommend using It found nothing.

I know I can just open task manager and run explorer.exe, but it just bugs me to have to do that !) and I guess I'll quit trying to fix this Cheers to good people like yourself!Todd WMonkton, Maryland circawhenNov 16, 2010, 5:21 PM what a great thread! as my computer is still having issues where some programs are freezing and it takes an eternity to shut down because they arent responding AnonymousMay 24, 2010, 5:51 AM PetterrPan said: More Help If a downloader component is used (such as Trojan:Win32/Vundo.gen!AW or Trojan:Win32/Vundo.QA), it downloads a DLL component (for example, TrojanDownloader:Win32/Vundo.J) that it saves with a file name that can be randomly generated or created

Please try again now or at a later time. However, we are logged on as an administrator and where not able to rename explore.exe to explore1.exe. Try just using the root of your drive C:\. Then ran Adaware.

If it works for you, it may work for others, too. Sends information to a remote server Variants of the family might gather and send information from your PC to a remote server. When I went to regedit and checked out the "shell" the new name was there, explorer1.exe so it was changed. davidjriveraAug 31, 2012, 1:17 AM coldclone02 said: I need help so badly please someone!!

If you're tech savvy, just skip through what ever you already know.Boot From DiskInsert your Windows XP disc and boot from it. More about the author About CNET Privacy Policy Ad Choice Terms of Use Mobile User Agreement Help Center Articles & News Forum Graphics & Displays CPU Components Motherboards Games Storage Overclocking Tutorials All categories Flag Permalink This was helpful (0) Collapse - thanks by 89darkstar / September 22, 2007 5:55 AM PDT In reply to: After running VundoFix......... I will update this thread one more time once I know what is going on.Bottom Line: Using the Recovery Console to repair individual corrupted OS files works.

Only in safe mode/from CD. Help? There is one other thing I you could try if that doesn't work. check my blog Type regedit.exe and click OK.

because for some reason, my computer wont..ive tried just about everything.. Hijack This To Solve Problems Started by derbu , Oct 19 2007 02:24 AM This topic is locked 12 replies to this topic #1 derbu derbu Members 12 posts OFFLINE Make sure that "kdcom.dl_" is in the folder by typing DIR.

It will automatically restart in 1 minute.

Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Flag Permalink This was helpful (0) Collapse - Yes... Problem Summary: Abruptly windows search pane opens up, system starts typing some random letters viz. 65'-=88 etc., the font size changes and then finally it shuts down with a sound. Report Anonymous- Apr 4, 2010 at 03:44 PM THANK YOU!

Navigate to explorer.exe, right click and copy explorer. In the Run dialog box type "msconfig" and press enter to start the MSCONFIG utility. Download Trojan.Shutdown Removal Tool. news We have observed the following exploits detected alongside Win32/Vundo infections: CVE-2008-5353 CVE-2009-3867 CVE-2009-3869 CVE-2010-0094 CVE-2010-0188 CVE-2010-0840 CVE-2010-0842 CVE-2010-1297 CVE-2010-4452 CVE-2011-1823 CVE-2011-3521 CVE-2011-3544 CVE-2012-0056 CVE-2012-0507 CVE-2012-1723 CVE-2012-4621 CVE-2012-4681 CVE-2012-5076 CVE-2013-0422 CVE-2013-0431 CVE-2013-1493

Is there anyway to remove the software key? That dell I was working on still couldn't connect. Problem Summary: how to remove Enter both words below, separated by a space in windows xp professional? For example, in the wild variants have been observed to connect to the following IP addresses: 207.226.179.18 62.4.84.56 65.243.103.52 65.54.225.100 69.31.80.179 69.31.80.180 72.247.31.80 82.98.235.210 82.98.235.216 89.188.16.22 Later variants, such as Trojan:Win32/Vundo.QA and Trojan:Win32/Vundo.gen!AW, may connect to

All content on this website is protected and belongs to Security Stronghold LLC.

Even if I copy explorer from another machine onto a removable drive it STILL cannot find it. the kdcom.dl_ is not a typo either.C:\WINDOWS\system32>REN kdcom.dl_ kdcom.dllrenames kdcom.dl_ you copied to kdcom.dllC:\WINDOWS\system32>EXITreboots your computer.If all is right in the world, you should be able to boot right up without Again start with deleting the kdcom file from system32.

Double-click on dss.exe to run it, and follow the prompts. 3. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Preview post Submit post Cancel post You are reporting the following post: Undeletable Trojan.vundo virus This post has been flagged and will be reviewed by our staff.