G
Guest
Hi there
I have the rpcsdbot.a worm, and while its not really causing me any direct headaches, i'd REALLY like to be rid of this thing
I've tried everything
I've downloaded the WindowsXP-KB823980-x86-ENU.exe patch from Microsoft that is recommended here
URL=http://www.sophos.com/virusinfo/analyses/w32rpcsdbota.htm
and talked about and linked to here (Microsoft Security Bulletin MS03-026)
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.as
I've run Trend Micro, Panda ActiveScan, and BitDefender online virus scans.
I've tried to manually remove it (files, registry entries) outlined here: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_RPCSDBOT.
I've tried to delete the yuetyutr.dll and winlogin.exe files from the \system32 directory manually, but yuetyutr.dll is always in use and winlogin.exe always returns in about 5 seconds. Same goes for the the registry entried i try to delete
PLEEEASE..... any help on getting this outta my system would be VERY appreciated
:
I have the rpcsdbot.a worm, and while its not really causing me any direct headaches, i'd REALLY like to be rid of this thing
I've tried everything
I've downloaded the WindowsXP-KB823980-x86-ENU.exe patch from Microsoft that is recommended here
URL=http://www.sophos.com/virusinfo/analyses/w32rpcsdbota.htm
and talked about and linked to here (Microsoft Security Bulletin MS03-026)
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.as
I've run Trend Micro, Panda ActiveScan, and BitDefender online virus scans.
I've tried to manually remove it (files, registry entries) outlined here: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_RPCSDBOT.
I've tried to delete the yuetyutr.dll and winlogin.exe files from the \system32 directory manually, but yuetyutr.dll is always in use and winlogin.exe always returns in about 5 seconds. Same goes for the the registry entried i try to delete
PLEEEASE..... any help on getting this outta my system would be VERY appreciated
: