G
Guest
Hi there,
I have the rpcsdbot.a worm, also known as W32.Randex.E, and while its not really causing me any direct headaches, i'd REALLY like to be rid of this thing.
I've tried everything.
I've downloaded the WindowsXP-KB823980-x86-ENU.exe patch from Microsoft that is recommended here:
URL=http://www.sophos.com/virusinfo/analyses/w32rpcsdbota.html
and talked about and linked to here (Microsoft Security Bulletin MS03-026):
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp
I've run Trend Micro, Panda ActiveScan, Symantec, and BitDefender online virus scans.
I've tried to manually remove it (files, registry entries) according to this:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_RPCSDBOT.A
as well as this
http://securityresponse.symantec.com/avcenter/venc/data/w32.randex.e.htm
I've tried to delete the yuetyutr.dll and winlogin.exe files from the \system32 directory manually, but yuetyutr.dll is always in use and winlogin.exe always returns in about 5 seconds. Same goes for the the registry entried i try to delete.
I dont have the malicious files, "winlogin.exe" or sntask32.exe running, at least in the task manager
PLEEEASE..... any help on getting this outta my system would be VERY appreciated.
I have the rpcsdbot.a worm, also known as W32.Randex.E, and while its not really causing me any direct headaches, i'd REALLY like to be rid of this thing.
I've tried everything.
I've downloaded the WindowsXP-KB823980-x86-ENU.exe patch from Microsoft that is recommended here:
URL=http://www.sophos.com/virusinfo/analyses/w32rpcsdbota.html
and talked about and linked to here (Microsoft Security Bulletin MS03-026):
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp
I've run Trend Micro, Panda ActiveScan, Symantec, and BitDefender online virus scans.
I've tried to manually remove it (files, registry entries) according to this:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_RPCSDBOT.A
as well as this
http://securityresponse.symantec.com/avcenter/venc/data/w32.randex.e.htm
I've tried to delete the yuetyutr.dll and winlogin.exe files from the \system32 directory manually, but yuetyutr.dll is always in use and winlogin.exe always returns in about 5 seconds. Same goes for the the registry entried i try to delete.
I dont have the malicious files, "winlogin.exe" or sntask32.exe running, at least in the task manager
PLEEEASE..... any help on getting this outta my system would be VERY appreciated.