Results 1 to 7 of 7
  1. #1
    3 Star Lounger
    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    220
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I got the blue screen of death and ran my anti virus software (Trend Micro's PC -cillin).

    The software Quarantined what it said could be a Windows\system32 possible Vundo G. After two more clean runs of the software, I thought we were O.K. but the same blue screen popped up the next day.

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts
    Symantec has a free tool to remove Vundo: Trojan.Vundo Removal Tool.

    Malwarebytes Anti-Malware has gained a good reputation for removing many kinds of malware - download and install the free version and run a full scan.

  3. #3
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    [quote name='wfjdi0r1' post='781981' date='26-Jun-2009 14:59']I got the blue screen of death and ran my anti virus software (Trend Micro's PC -cillin).[/quote]
    By the way, if you renewed your subscription to updates without downloading the latest version (now called Trend Micro Internet Security), you might want to do the program update as well.

  4. #4
    3 Star Lounger
    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    220
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='HansV' post='781983' date='26-Jun-2009 22:12']Symantec has a free tool to remove Vundo: Trojan.Vundo Removal Tool.

    Malwarebytes Anti-Malware has gained a good reputation for removing many kinds of malware - download and install the free version and run a full scan.[/quote]

    I tried the malware. It seemed to find it but it only happened again. I'll run the Trojan.Vundo Removal Tool.

    Thanks.

  5. #5
    Uranium Lounger
    Join Date
    Mar 2001
    Location
    New Jersey
    Posts
    6,684
    Thanks
    1
    Thanked 11 Times in 11 Posts
    If what MalwareBytes found was indeed the Vundo Trojan then using the Symantec tool is the best way to get rid of the renamed .dll files that it will try to create and the .dll that is causing that behavior.

    Before the tool was created you had to jump through hoops like the ones described here to get it off your system.
    <IMG SRC=http://www.wopr.com/w3tuserpics/DocWatson_sig.gif>

  6. #6
    3 Star Lounger
    Join Date
    Apr 2002
    Location
    Atlanta, GA
    Posts
    220
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='HansV' post='781983' date='26-Jun-2009 22:12']Symantec has a free tool to remove Vundo: Trojan.Vundo Removal Tool.

    Malwarebytes Anti-Malware has gained a good reputation for removing many kinds of malware - download and install the free version and run a full scan.[/quote]

    I ran the tool. It locked up and when I rebooted CHKDSK ran automatically and left the following message:

    The type of file system is NTFS. The volume is dirty. Chkdsk is verifying indexes correcting error in index i30 for file 26075.

    What's next?

  7. #7
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post
    [quote name='wfjdi0r1' post='782119' date='27-Jun-2009 20:33']I ran the tool. It locked up and when I rebooted CHKDSK ran automatically and left the following message:

    The type of file system is NTFS. The volume is dirty. Chkdsk is verifying indexes correcting error in index i30 for file 26075.

    What's next?[/quote]

    From MS technet:
    Error Message: drive letter is dirty. You may use the /C option to schedule chkdsk for this drive.

    Explanation:

    Chkdsk or NTFS has found that the specified volume or disk drive is dirty. That is, data corruption may have occurred because of an improper shutdown of the system.

    User Action:

    For an NTFS volume, run the chkntfs from the command using the /C option. The /C option will schedule chkdsk to be run at the next reboot. You can also enter chkdsk at the command line prompt and specify the drive the volume resides on. If you chose to run chkdsk from the command line prompt, use the /f option to fix any problems on the volume. chkdsk can be used to verify and fix problems on both NTFS and FAT volumes. If you use chkdsk on an NTFS volume and you get an error message that says, "cannot lock volume". Run chkntfs from the command line with the /c option. Then reboot the system.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •