i picked up the vundo trjan somewhere. searched for help. ran hijack this. found one entry, but it wouldnt get rid of it. searched my registry, deleted the BHO for it. but it was still there.
i downlaoded process explorer, fix vundo registry file and also killbox. I ran in safe mode and followed all instructions that i had found. killbox would not work for me. i tried it twice, but everything went fine. i've deleted all cookies, shut off system restore. etc. ran hijack this again and its still there, still getting msevent popups.

now what? how do i get rid of it?

XP Home sp2., Compaq Presario SR1330NX, 512mb ram, AMD Athlon, LAN

Have you tried Symantec's removal tool? - download & instructions here:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.vundo.removal.tool.html

"I know that I'm mad - I've always been mad..."

thank you for the link.

I ran the program as instructed and it found nothing, both times. Maybe i got it. I hope. I havent been on all day, so i'll have to wait and see.

thanks again.

XP Home sp2., Compaq Presario SR1330NX, 512mb ram, AMD Athlon, LAN

I was on my comp for 3hours last night, after doing the removal and there were no incidences or popups of any kind. Then first thing this morning they started again. I ran process explorer to stop them. what it is finding is a BHO which is in my win32 file. its nnnll.dll, the same thing hijack this found. i deleted this key from my registry. so why cant i get rid of it? where else might i find it? Or what else can i so.
I just finished running trendmicro housecall and it found nothing.

XP Home sp2., Compaq Presario SR1330NX, 512mb ram, AMD Athlon, LAN

Try WinPatrol
and find out which browser helpers are running and remove the ones you don't need.
This is a great freebie and also warns you when programs try to get installed on your PC along with other features.

Hopefully my advice will help you...Please post back with your results....thanks

XpUser4Real, thanks for your help. i used the winpatrol and it seems to have done the trick. i ran hijack this twice and no signs of the bho. *crossing fingers*. thanks again.

XP Home sp2., Compaq Presario SR1330NX, 512mb ram, AMD Athlon, LAN

Thanks a million for posting back and hope all works out well for you in the future!

Hopefully my advice will help you...Please post back with your results....thanks

I got this thing yesterday. My Symantec finds it, but cannot delete or clean it: systems32/byvvt.dll - Tried the removal tool in and out of Safe Mode and it find nothing. Also tried suspending some programs as sugested by one person - no luck. I'm a novice at these things - would be grateful for instructions on what to do? - -
:( - Mary

I also tried everything. Even the Samantic Vundofix wouldnt work.this was a hard one to get rid of.
But do use WinPatrol that XpUser4Real suggested. It was the only thing that worked for me. Also after that, my Adaware program got updated and it found and got rid of the registry keys that i couldnt find. Been running fine ever since.

Wish you luck.

XP Home sp2., Compaq Presario SR1330NX, 512mb ram, AMD Athlon, LAN

try these instructions explaining how to remove vundo trojan