My windows system32 folder had got affected by TROJAN.VUNDO a couple of days ago, after trying out a lot of workaround i was able to fix it by doing below things. I am just sharing to help others who's system might have got affected by TROJAN.VUNDO.
- First download and install Process Explorer v15.2
- Once installed, run the program.It will ask you to install a debugging tool from Microsoft, so select the latest debugging tool update for your operating system from the Microsofts site link that you will get in same pop up message.
- After installing debugging tool,re-run Process Explorer, check out the registry for pmkji.dll. Once you get it remove everything within your registry related to pmkji. Just make sure that you are not skipping the task, its quite important.
- Now open command prompt and type c:\windows\system32. After getting in to the directory type del pmkji.dll and dont hit enter.
- When you are done until here, locate explorer.exe and winlogon.exe using Process Explorer and kill both these processes.Now quickly revert back to command prompt and hit enter.
- In case your system gets lock up and comes up with blue screen of death, simply hard boot your system and things will be fine after that.
Best of luck.
Bookmarks