Trojan.vundo Removal Tip

I've been infected with Trojan.Vundo from a Antispyware site. I have BiDefender 10 on my computer. I tryed VundoFix but it couldnt find the virus. My tech man tryed several programs to get the dll's out but was still coming back. The result of the Trojan action was blocking all my RAM and send messages of virus attack to Bitdefender with several dll information ex: c/windows/system32/ddccy.dll or c/windows/system32/xxyawvt.dll as infected files. Bitdefender couldnt desinfect or remove!!!.


I removed the trojan by mistake (I am not a computer tech just a Word user so please dublecheck my discovery) and here is my story:


- Opened up Windows Task Manager


- Went to Processes


- Found bdss.exe taking 55 mega of RAM


- Ended bdss.exe


- Run Vundofix


- Found and removed 3 virus files including c/windows/system32/ddccy.dll


- restarted my computer. ALL FINE


- I also have spyboot to block bad internet access


I hope that this will help you because it was my only solution to the problem. my tech wanted to reinstall windows and I gave him a break ;)

Comments

  • farbar
    farbar
    edited February 2008

    Your tech gave you a bad advice and you proved it. But the Trojan vundo may be (partially) deleted by Vundo but how do know you sure your computer is clean. There are may people who think they have cleaned their system (read the topics in this forum on this) only to find out a few days later the popups start coming.


    One of the ways you may know is to make a hijackthis log and show it to someone who can read it.

  • I could not edit the post:


    Besides the popups check also your Internet privacy setting, it should be medium (default) if your system is infected by Vundo every time you reboot again it would be lowered by Vundo.


    Anyway it is great sharing your experience.

  • dmitrica
    edited February 2008

    Hi,


    its me again, the author of this thread.


    I let you guys know that my computer works as fine as never. I haven't done anything else since.


    SO IT WORKED.


    To the virus researchers please take this serriously because I'm for real. Looks like this Trojan worked with BitDifender files. Somehow infected your program. The removal was inventive and really easy for me after numerous traditional trials.


    Again. My comp is cleaner than never.


    Best regards,


    Dumitru