Are you the author of the original post ? If not, please respond to the
original thread or the Subject of the thread so that someone can assist.
This behavior is seen when there is thread injection into the winlogon
and can only be removed by using ProcessExplorerNT to kill that thread
prior to deleting the .dll file.
How this is done is explained here for the :
Trojan.Vundo.B / Search42.com / MSevent / Req.dat Redirector http://www.bleepingcomputer.com/for...TrojanVundoB_Search42com_MSevents-t18610.html
Steve Wechsler (akaMowGreen)
MS-MVP 2003-2005
===============
*-343-* FDNY
Never Forgotten
===============
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
