Results 1 to 13 of 13

Thread: Trogen removal

  1. #1
    Registered User
    Join Date
    Apr 2004
    Location
    Bristol
    Posts
    3,166
    Rep Power
    11

    Trogen removal

    O Dear

    I seem to have picked up a nasty Trojan

    McAfee is detecting :

    C:\WINDOWS\system32\duzirasa.dll - Vundo.gen.bm
    but is unable to clean or delete it

    I am running Widows XP SP3

    It is stopping windows updates

    and bringing up unwanted web pages

  2. #2
    Registered User
    Join Date
    Feb 2004
    Location
    Inverness for now
    Posts
    1,863
    Rep Power
    11

    Re: Trogen removal

    Came across this advice on the McAfee forum, so probably no easy tool to remove it. Came across other online guides which were quite lengthy.

    Oh and before you start disable system restore, incase the virus has managed to safely ensconce itself there.

  3. #3
    Registered User Phil_dB's Avatar
    Join Date
    Sep 2008
    Posts
    535
    Rep Power
    8

    Re: Trogen removal

    I've seen a lot of success from this, - no need to buy it, the free version can fix problems

    http://www.malwarebytes.org/mbam.php

  4. #4
    Registered User knightengale's Avatar
    Join Date
    Nov 2006
    Location
    aberdeen
    Posts
    720
    Rep Power
    9

    Re: Trogen removal

    Quote Originally Posted by philsmove View Post
    O Dear

    I seem to have picked up a nasty Trojan

    McAfee is detecting :


    but is unable to clean or delete it

    I am running Widows XP SP3

    It is stopping windows updates

    and bringing up unwanted web pages
    Try and get hold of Avast, CCleaner, Spybot, Adware etc.

    Then shutdown teh machine and restart in SAFE Mode.
    Install the above / run your antivius on full scan in safe mode.
    Wait till it finds (and hopefully deletes it).
    Then run the next one on the list, hopefully this will work.
    Although some are really B@stards to get rid of.

  5. #5
    Registered User
    Join Date
    Apr 2004
    Location
    Bristol
    Posts
    3,166
    Rep Power
    11

    Re: Trogen removal

    Quote Originally Posted by knightengale View Post
    Try and get hold of Avast, CCleaner, Spybot, Adware etc.

    :
    unfortunately Avast had a similar success rate as McAfee, some deleted but 3 still there

  6. #6
    Papa Smurf
    Join Date
    Jan 2002
    Location
    Planet Scathe
    Posts
    12,528
    Blog Entries
    6
    Rep Power
    18

    Re: Trogen removal

    nuke your entire computer from orbit

    its the only way to be sure

  7. #7
    Registered User
    Join Date
    Apr 2004
    Location
    Bristol
    Posts
    3,166
    Rep Power
    11

    Re: Trogen removal

    Quote Originally Posted by Dreadful Scathe View Post
    nuke your entire computer from orbit

    its the only way to be sure
    Looking forward to it
    but got to wait for the new one first

  8. #8
    Registered User Missy D's Avatar
    Join Date
    Feb 2004
    Location
    N3
    Posts
    3,712
    Rep Power
    12

    Re: Trogen removal

    Quote Originally Posted by philsmove View Post
    O Dear

    I seem to have picked up a nasty Trojan

    McAfee is detecting :


    but is unable to clean or delete it

    I am running Widows XP SP3

    It is stopping windows updates

    and bringing up unwanted web pages
    I have this too and have McAfee. How come this trojan got in. Actually I have 2 and cant access my control panel to add or remove programmes.

  9. #9
    Commercial Operator
    Join Date
    May 2003
    Location
    The far east-Kent
    Posts
    3,687
    Rep Power
    11

    Re: Trogen removal

    It seems like MalWareByte (but not MalwareRemovalBot - that is malware!) is the way to go to attack this, if the infection stops you installing or running it, there's loads of advice here, including information on how you got infected:-

    http://hubpages.com/hub/Trojan-Vundo-Removal

    This includes the advice -
    "Free Malwarebyte's should be enough to clean out the infection. It just works in on-demand scan mode, not in the background.

    Make sure you repeat the MB scan at least twice, hard-resetting PC aftre each scan. Also do a scan in Safe Mode (when computer boots, hold F8 key until Windows Boot Menu appears, and select safe mode either VGA or with Networking)."

    This looks a bit old (updated Nov 2005) but might be worth a try, it has had some favourable mentions -
    http://www.symantec.com/security_res...112210-3747-99

    And if all else fails, and you're brave/foolish enough to delve into your registry, here are details for doing it manually -
    http://segmentnext.com/index.php/200...-vundo-trojan/

    I'm now feeling a bit paranoid about Vundo and other nasties!
    HTH
    Greg
    Last edited by Sheepman; 9th-October-2009 at 11:55 AM.

  10. #10
    Registered User
    Join Date
    Apr 2004
    Location
    Bristol
    Posts
    3,166
    Rep Power
    11

    Re: Trogen removal

    In the end I I took to a Orchard Computers in Yate
    they used

    Malwaewbytes
    Trsteer Rapport
    HiJack This
    Spybot
    C Cleaner

    They recommended I keep McAfee
    But run Spybot from time to time
    Also do a manual McAfee update and scan from time to time

  11. #11
    Registered User
    Join Date
    Sep 2007
    Location
    St Neots, Cambs
    Posts
    699
    Rep Power
    9

    Re: Trogen removal

    Quote Originally Posted by Sheepman View Post
    I'm now feeling a bit paranoid about Vundo and other nasties!
    I work in information security, and use up to date packages for protecting the endpoint with MalwareBytes (free version), Ad-Aware and Spybot. Even with my browser security settings cranked up I've been hit twice in the last 18 months because the kids have clicked on web-pages and ended up downloading malcious payloads. I've actually printed off a page like the one in your first link to show them the kinds of web pop-ups to ignore.

  12. #12
    Registered User
    Join Date
    Apr 2004
    Location
    Bristol
    Posts
    3,166
    Rep Power
    11

    Re: Trogen removal

    Quote Originally Posted by Sheepman View Post
    Make sure you repeat the MB scan at least twice, hard-resetting PC aftre each scan. Also do a scan in Safe Mode (when computer boots, hold F8 key until Windows Boot Menu appears, and select safe mode either VGA or with Networking)."

    I seems to need AT LEAST TWO scans (one in Safe mode) to complete get rid of it


    It you pick up a second infection, remember to run an update

  13. #13
    Registered User
    Join Date
    Mar 2003
    Location
    bedford
    Posts
    4,899
    Rep Power
    13

    Re: Trogen removal

    www.ternd.com do a free online scan called housecall which removed a worm that somehow got on my PC.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Excel help - easy removal of duplicate rows
    By robd in forum Geeks' Corner
    Replies: 4
    Last Post: 30th-June-2009, 12:41 AM

Tags for this Thread

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •