CariDotMy

 Forgot password?
 Register

ADVERTISEMENT

View: 2773|Reply: 12

Tolong Hapuskan Trojan ni...

[Copy link]
Post time 12-4-2007 10:04 AM | Show all posts |Read mode
Scan type:  Auto-Protect Scan
Event:  Threat Found!
Threat: Trojan.Vundo
File:  C:\WINDOWS\system32\vtustus.dll
Location:  C:\WINDOWS\system32
Computer:  ***
User:  Administrator
Action taken:  Clean failed : Quarantine failed : Access denied
Date found: Thursday, April 12, 2007  9:57:55 AM


tolong la kepada sesape yg bijak pandai
trojan.vundo ni eda xleh nak delete dr pc..
manual pun xleh...
vtustus.dll tu windows mmg guna or dia baru wujud?
tlg la... dh tensen ni...

eda dh run spybot ngn ad-ware.. x detect plak..
ada download trojan remover x leh delete gak benda ni..

camane ek? antivirus asyik dok pop-up jek ni..
ada cara lain x selain format?
banyak fail kena back up ni
Reply

Use magic Report


ADVERTISEMENT


Post time 12-4-2007 10:12 PM | Show all posts
ko pkai antivirus ape

kalo guna avg,cuba move to vault
Reply

Use magic Report

Post time 12-4-2007 10:55 PM | Show all posts

Reply #2 unnamed's post

cuba terminta process, pastuh delete aje. tak pun rename jadik nama lain.
Reply

Use magic Report

Post time 12-4-2007 11:17 PM | Show all posts

Reply #1 waneeda1904's post

sila g ke http://411-spyware.com/remove/trojan-vundo-virus/ dan download removal software dari symantec ni..direct link dia di http://www.symantec.com/content/ ... iteups/FixVundo.exe dan cara manual di http://www.411-spyware.com/remove-vundo...

*Manual removal process for any spyware can be difficult. When you attempt to manually remove Vundo, you risk destroying your PC. It抯 highly recommended that you use an automatic spyware removal tool.

To remove Vundo manually, you need to:
Delete Vundo registry values:
HKEY_CURRENT_USER SoftwareMicrosoftWindows CurrentVersionRunOnce*WinLogon
HKEY_LOCAL_MACHINE SoftwareMicrosoftWindows CurrentVersionRunOnce*[filename]
HKEY_CLASSES_ROOTCLSID{2316230A-C89C-4BCC-95C2-66659AC7A775}
HKEY_CLASSES_ROOTCLSID{8109AF33-6949-4833-8881-43DCC232B7B2}
HKEY_LOCAL_MACHINE SOFTWAREClassesATLEvents.ATLEvents
HKEY_LOCAL_MACHINE SOFTWAREClassesATLEvents.ATLEvents.1
HKEY_LOCAL_MACHINE SOFTWAREClassesCLSID{02F96FB7-8AF6-439B-B7BA-2F952F9E4800}
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows CurrentVersionExplorerBrowser Helper Objects{02F96FB7-8AF6-439B-B7BA-2F952F9E4800}
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows CurrentVersionExplorerBrowser Helper Objects{2316230A-C89C-4BCC-95C2-66659AC7A775}
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows CurrentVersionExplorerBrowser Helper Objects{8109AF33-6949-4833-8881-43DCC232B7B2}
HKEY_CURRENT_USER SoftwareMicrosoftInternet ExplorerMainActive StateRecommendation:
Reply

Use magic Report

Post time 12-4-2007 11:20 PM | Show all posts
Important:

If you are on a network or have a full-time connection to the Internet, such as a DSL or cable modem, disconnect the computer from the network and Internet. Disable or password-protect file sharing, or set the shared files to Read Only, before reconnecting the computers to the network or to the Internet. Because this worm spreads by using shared folders on networked computers, to ensure that the worm does not re-infect the computer after it has been removed, Symantec suggests sharing with Read Only access or by using password protection.

If you are removing an infection from a network, first make sure that all the shares are disabled or set to Read Only.
Reply

Use magic Report

Post time 12-4-2007 11:21 PM | Show all posts
kalu dah infected,baik jgn guna system restore...
Reply

Use magic Report

Follow Us
Post time 12-4-2007 11:23 PM | Show all posts
Trojan.Vundo.B Removal Failed..in case le...

kena manually delete cam ni:
with system restore off, start up in safe mode:
empty temp folder,
Using Regedit,search forr
Navigate to and delete the following subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Winlogon\Notify\[Trojan file name]

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}


pastikan kao run dlm safe mode..
Reply

Use magic Report

Post time 12-4-2007 11:27 PM | Show all posts
ni satu lagi tool=http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

"please be advised that this program will generate a "BLUE SCREEN OF DEATH"... this is an expected/necessary part of the process, so don't be surprised when it happens.

just reboot if your system "jams"
Reply

Use magic Report


ADVERTISEMENT


Post time 12-4-2007 11:32 PM | Show all posts
Reply

Use magic Report

 Author| Post time 13-4-2007 10:14 AM | Show all posts
mekasih...
byk plak respon...
semlm tggu cam xde org reply..

eda pkai antivirus symantec, mls nak uninstall pas tu install lain takut ada plak virus2 benci yg x bg

so eda pun memandai la sendiri...
eda pkai trojan remover, dia dpt detect tp xleh delete...
degil sgt, eda scan dlm safe mode plak..
separuh hari dok perang ngn vundo ni jek...

dr lepas scan semlm smpai pg ni xde lg pop up mgs kuar...
mintak2 la bterusan...


nak tye psl amaena.com ni ape ke menda plak ek?
klu eda pkai ie musti pop up windows kuar..
kat mane dia nyorok ek..
cookies hari2 clean..
:@ :@ :@ :@
Reply

Use magic Report

Post time 13-4-2007 11:58 AM | Show all posts
g ke fileforum.com dan downloadkan CCLEANER....'amaena.com'? mana wujud site tu? pop up ni,kao guna kan le,g kat pop-up blocker,activate kan,letak 'high'...kalo malas ,kao guna je firefox....
Reply

Use magic Report

Post time 13-4-2007 12:04 PM | Show all posts
btw kao patut guna registry cleaner..cuci abis semua bekas2 vundo tu...dapatkan yg freeware cam 'Free Window Registry Repair' kat http://www.regsofts.com
Reply

Use magic Report

 Author| Post time 20-4-2007 11:56 AM | Show all posts
lupa plak nak msuk sini..
hehe...
vundo dh xde.... kot..
tp nak gak la try wat ni...
Reply

Use magic Report

You have to log in before you can reply Login | Register

Points Rules

 

ADVERTISEMENT



 

ADVERTISEMENT


 


ADVERTISEMENT
Follow Us

ADVERTISEMENT


Mobile|Archiver|Mobile*default|About Us|CariDotMy

3-12-2024 04:24 AM GMT+8 , Processed in 0.660812 second(s), 25 queries , Gzip On, Redis On.

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

Quick Reply To Top Return to the list