Google

Get RID of Those Trojan.Vundo !!

Wednesday, June 20, 2007

Recently, I've attacked by this annoying Vundo !! I even have to RE-INSTALL my computer TWICE !! VERY ANNOYING !

Trojan.Vundo is a component of an adware program that downloads and displays pop-up advertisements. It is known to be installed by visiting a Web site link contained in a spammed email.

This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.

The latest variants of this trojan are observed to display fake error messages and asks the user to download security software programs. User will be asked to download SysProtect application to remove the threat.

This thing is very sneaky ! Almost every antivirus CANT ! I repeat ! CANT ! CANT remove this Vundo ! (and to think that we have to pay and subscribe for those ! jeez ! especially those big guy in this AntiVirus bussiness ! bah !)

Sure thing, if you search on google, there are ways to remove it manually ! But man! You have to be an ubber geek to do that nice and smoothly.

So, lemme share my experience.

I've tried to delete those pesky .dll files, unregistered it from the system, delete the registry, but damn, i finally gave up, and search for a free removal tool.

The first one i try is this one


I run that thing ! For more than 1 hours ! Coz, it scans all of my HDD, which is more than 300GB. Sure thing it can be stopped manually, but i never really sure about stopping it in the middle of scanning somethin' . So there it goes, another night with those windows of ads still poppin' out.

The second night, i googled another one. That is this one.


I tried to avoid hotlinking here, so i just point out to the URL ^^ . Still if you can't access it because of the traffic, then lemme know, i'll send you the 105KB VundoFix.exe ;)

Anyway, this is the ONLY SOLUTIONS that worked for me ! Well, since after trying this one, the NASTY Vundo is gone, then why bother to search another one right ?! ;)

You just run it, basically it'll close all your explorer process, search the trojan.
Listing files found while scanning....

C:\windows\system32\awtqn.dll
C:\windows\system32\bjfygvan.ini
C:\windows\system32\dboybwuu.dll
C:\windows\system32\dyvclesl.dll
C:\windows\system32\elypwnht.dll
C:\windows\system32\eqihpwtl.ini
C:\windows\system32\exjtbjdq.dll
C:\WINDOWS\system32\jbgwofny.dll
C:\windows\system32\ltwphiqe.dll
C:\windows\system32\navgyfjb.dll
C:\windows\system32\nqtwa.bak1
C:\WINDOWS\system32\nqtwa.bak2
C:\windows\system32\nqtwa.ini
C:\windows\system32\qfptmcsg.exe
C:\WINDOWS\system32\qomkiff.dll
C:\WINDOWS\system32\sceoejde.dll
C:\windows\system32\uuwbyobd.ini
C:\windows\system32\ynfowgbj.ini

After listing all the trojan files, you just click the Remove Vundo button. But then, there are still 1 file that can't be deleted !

But no worry, the program suggested to reboot first, and it'll try to remove it again when the windows starts for the first time.

So i just followed the instructions, and when the windows start. You know what ?! It HALT all other process ! Including the explorer.exe . You just see the Vundo Fix Program, trying to remove the last trojan file, before any other process started ! This is the only way to remove it totally i guess !

Overall, it took no more than 15 minutes !! GREAT ! With just a few clicks here and there ! BRILLIANT !

This cybertech guys, surely are good ^^ . So for everybody that found this useful (me too) ;)
If we have helped you, please consider making a donation to TSG!

Thanks a bunch ^^

Technorati tags:
.

1 comments:

Anonymous said...

It's a superb bit of kit. Unfortunately, all versions up to 6.7.0 will not detect the latest one, which is a real pain. Even Norton, AntiVir and others can't detect it.
I've tried about 20 different dedicated Vundo removal tools and still no joy.

That said, I've contacted the author of this bit of kit to pass on my system files to help him (and others) to solve the problem.

All the best
Charles

About Me

My Photo
Efendi
An ordinary, a bit 'geeky' guy, who enjoy blogging about all unique things across the internet world. Blogs about the blogosphere, scripts, fun, games, interesting stuffs, etc. Currently staying and working in Singapore.
View my complete profile