The title says it all, Norton doesn't really have any info on it, and it can't access the file or delete it or quarantine it, so I don't know what to doo, I can't even touch the file in safe mode, does anyone have any suggestions? This is the wifes rig, we have no idea how it got on there. The OS is Windows XP Home SP2. We gotta fix this! Thank you so much. :(

EDIT: Norton names it "Trojan.Vundo", if that helps any...

http://www.techspot.com/downloads/194-symantec-trojan-vundo-removal-tool.html

And scrap Symantec....use AVG. ;)

You're the man, thanks a lot, hopefully this works...I hate this, ever since I installed service pack 2 it's like something happens every few weeks! Oh well, thanks a lot, I will update ASAP.

Google: Ewido

thanks lostmatt, i will try that....

anyways, the removal tool scanned for a good 30 mins and finished....but it said that "Trojan.Vundo wasn't found on your computer" WTF???? :(

I use NOD32. To alot of people, including me, its the best AV that their is. Its like 35 USD a year, but you can DL a free 30 trial which should own that Virus of yours

Have you even tried simply turning off System Restore, running a NAV scan, then turning System Restore back on? That is step one when trying to remove a virus that makes it on to your system, and without turning off System Restore you can try everything under the sun and come up with no solution.

http://www.techspot.com/downloads/194-symantec-trojan-vundo-removal-tool.html

And scrap Symantec....use AVG. ;)
Don't confuse Norton and Symantec. They are the same company, but two different product lines.....and they are far from the same in terms of quality.

Have you even tried simply turning off System Restore, running a NAV scan, then turning System Restore back on? That is step one when trying to remove a virus that makes it on to your system, and without turning off System Restore you can try everything under the sun and come up with no solution.
Yep, and most AV software companies recommend disabling System Restore completely.

http://www.techspot.com/downloads/194-symantec-trojan-vundo-removal-tool.html

And scrap Symantec....use AVG. ;)
Symantec is awsome, and last I saw kicks AVG's ass in tests.

I hear norton sucks tho. Dunno, never used it.

Symantec is awsome, and last I saw kicks AVG's ass in tests.

I hear norton sucks tho. Dunno, never used it.
Yes, Symantec absolutely rules. Norton is nothing but bloatware.

I just went to a client's house to remove the Vundo virus. I don't remember if you can go into Safe Mode to delete (I think I tried to remove it from another client's computer a long time ago but working in Safe Mode didn't help in deleting it) but the easiest way is to write down the location and file name of the virus, restart the computer and boot into a Windows 2000/XP install CD and start the Recovery Console. Then delete the file. For example if the file is c:\windows\system32\balh.dll, then type del \windows\system32\balh.dll and then restart and you should be ready to go. If you want to go another step, you can go into the Registry and search for the file name and delete the key that holds entry.

Edit: Last I checked, the Norton line of products are made by Symantec.

Edit: Last I checked, the Norton line of products are made by Symantec.
Yes, as stated above. They are made by the same company, but they aren't the same products. Norton and Symantec products have always been developed separately.

Thanks for thhe responses guys, I've tried everything, and the son of a bitch wouldn't leave...I had to reformat/reinstall. Luckily, I recently backed-up important stuff...thanks again guys! :) I really appreciate it!

I recently tried to help a couple of my friends who had the exact same trojan. I couldn't figure it out. Norton would pick it up but not do anything. AVG wouldn't see it at all. The vundo removal tool on symantec's site didn't clean it. Ended up reformatting the box as well.

I removed this virus today from a laptop.

The guy had norton just like you,it detected the vundo virus.
I tried the symantec vundo cleaner and just like you it didn't work. It even said "Vundo Virus not detected" which was silly.

Before you do this write down the .DLL file that Norton Detected if it is a .dll file.
The one I removed was a .dll file

So I googled and found out this place

undo vundo (http://www.atribune.org/forums/Last-effort-to-remove-TrojanVundo-t834.html)

Scroll down to the second post.

What you want to do it download the vundo fix to your desktop,like he mentions.
Then boot into safe mode
Next run the KillVundo.bat

Okay in the post it mentions to delete a certain .dll.
Now here is where instead of the .dll mentioned I entered the .dll norton detected.
Then follow the instructions in the post

After that you could run spybot,antivirus software,adware,crapcleaner just too see if everything else is clean.

The above did removed the vundo virus from the laptop I worked on.
Hope it works for you

the .dll file was "cr.dll"

Yeah now I see you formatted DOH! Glad you got rid of it for good though. It was a pita that norton vundo didn't remove it which was stupid.

i wrote this on a differant site in response to viruses, spyware ect. try installing these programs and scanning them in safemode. i wrote it to not include more risky stuff like hijackthis or "assassin".

http://hmongblog.com/forums/viewtopic.php?p=33692#33692