Trojan Vundo.B
Kill Vundo
How I removed Trojan.Vundo.B
I thought that I would share a little story about my experience removing a Spyware Trojan from my computer so that you get an idea of the various steps involved sometimes. Quite often all you have to do is press a button and BUG-B-GONE but sometimes it’s not that easy.
About a year ago, while Scotty the Windows Watchdog was on patrol of my personal home computer, he detected a sneaky attack of a BHO (browser helper object). Scotty would ask if I allowed a new addition C:\WINDOWS\system32\awvvt.dll to the system. I would say no but it would repeatedly ask every few minutes. I scanned my computer several times with my anti spyware and anti virus programs but only Scotty detected this. I then investigated this odd file on the web to see what it was and how to tackle it.
I found out that the purpose of this file awvvt.dll was advertising adware. Its official name was Trojan.Vundo.B. As the name indicates, it is a Trojan Horse that drops adware onto the compromised computer. It seems that part of it at least snuck onto my computer even with all the security measures that I had in place so I needed to get rid of the little critter.
The first thing that I did was clean the systems with a gutter cleaner. Then I updated all of my spyware programs as well as made additions to my arsenal. I ran my antivirus program which still didn’t find anything then ran a few online scans which I don’t believe found anything either. However, Scotty was still barking so I downloaded the latest version of Hijack This. Hijack This scans your registry and hard drive listing the contents. When you run it, you can save a copy in Notepad. At this point, you can check items that you want to fix or remove. This is not something that you should attempt if you don’t know what you’re doing. If you remove the wrong file then you could crash your own system or prevent some programs from working correctly. Most people have an expert look at it or post it on a forum to get help with. In my case, I knew what to look for. I also knew that even if I tried to remove the files in question, they would just reappear and they did. It appeared that I only had part of the Trojan on my system. One of my programs had prevented the whole Trojan from getting on to my system.
Anyways on to the next step Kill Vundo, which meant downloading the latest version of Vundo Fix. This program was easy to install and run in Safe Mode. Again, don’t touch it if you don’t know what you’re doing. You need to know specifically which file path to use. Once I finished running Kill Vundo, I ran Hijack This again and I had successfully removed the file in question. Scotty could finally relax, he did his job. Good Doggy!!! The only thing that I also should have done at the time was clean up my registry for any leftovers. These leftovers weren't anything to be worried about, just junk cluttering up the registry.
Now a year later, one of my anti spyware programs just receuntly informed me that I have traces of this Trojan still on my computer but again none of the other scans detected this. This is just a great example of why you shouldn’t trust your complete computer security protection to just one product. All programs are not created equally!!! In the end, I was able to remove these traces and a whole lot more by doing a good old-fashioned registry Fall cleaning.
For more information on Trojan.Vundo.B or to post your Hijack This log, visit Castle Cops as they offer a very extensive help forum.
Related Articles
Top