Win32:tratbho Or Vundo Removal
After running bitdefender and allowing it to clean/delete what it can often there is a root dll that generates the unwanted random dll replicating the virus. This can be removed pretty easy as BitDefender nor anything I found will delete it for you.
Follow these steps:
1) run bit defender and allow it to clean up what it can.
2) use CCleaner or hijackthis to clear the BHO
3) Boot to safe mode and go to windows directory locate the DLL bitdefender could not remove. example mine was C:\windows\system32\vrtvur.dll
4) it can not be deleted BUT it can be cut and paste..oversite on virus developers part. Cut and Paste it to desktop.
5) reboot PC and do F8 select windows domain controllers only.
6) once windows starts, bring up task manager and kill the explorer.exe, everything will disappear so don't freak.
7) In task manager select start new task and a dialog will appear, select file types all and click browse button.
8) in open file dialog browse to desktop and locate the dll. highlight it but DO NOT DOUBLE CLICK. right click with dll highlighted and select delete..
POOF Vundo or Win32TratBHO virus main dll is gone. With that deleted virus is dead...
Hope this helps someone as it was driving me nuts..VundoFix, Bitdefender,Avast , Symantec none could get rid of it...This was the easiest and fastest way I could find..
Cheers,
Comments
-
Thank you very much for this tip .. i have the same problem .. but different file.. gebyw.dll
Thanks alot !!!
0 -
Thanks, this was very helpful. I kept seeing efefe.dll replicate itself on each restart and I think this put an end to that.
0 -
I probably have the same virus, how can I detect the problem dll? Please advise, because it seems the dll name for the virus is different for each computer. Thanks in advance.
0 -
The antivirus tool (I'm using avast) would go off and give this information if I used Internet Explorer and later when I knew the dll it would go off if I scanned the file or tried to move it. Vundofix didn't seem to work for me but it did provide some of the virus dlls - it seems there are several. Finally, you can also look in c:\windows\system32\ for the latest .dll files added.
I also had to use Hijackthis and eventually I deleted all the BHO files associated with Internet Explorer.
This was a really stubborn virus as it kept on coming back. At some point it no longer seemed to impact the system in terms of browsing and performance but I couldn't seem to make it stop replicating after deleting it. Eventually deleting the BHO files and trying the above seems to have done the trick.
I'm now going to check and then update the Java engine as I read somewhere that it exploited a bug in this to cause the initial infection.
Good luck!I probably have the same virus, how can I detect the problem dll? Please advise, because it seems the dll name for the virus is different for each computer. Thanks in advance.0 -
I probably have the same virus, how can I detect the problem dll? Please advise, because it seems the dll name for the virus is different for each computer. Thanks in advance.
If you can, run an online Housecall system scan and it'll give you the 8-digit .dll's and .exe's you need to eliminate.0 -
If you can, run an online Housecall system scan and it'll give you the 8-digit .dll's and .exe's you need to eliminate.
I need help also...tried the instructions above and can't cut and paste my file to the desktop, says that the file is in use and can't be moved.....suggestions on what to do
thanks0 -
I need help also...tried the instructions above and can't cut and paste my file to the desktop, says that the file is in use and can't be moved.....suggestions on what to do
thanks
Same is happening for me
tried deleting the virus with bitdefender, avast, adaware, hijackthis, symantec, nothing works!! computer seems to get slower and slower each time i turn it on. and the internet keeps trying to connect even when i dont want it to . please help!
" /> 
" />0
