(Added later: This method is good for removing all kinds of spyware not just Vundo.)
I’ve been fixing a few Vundo-infected computers this week among all the Windows XP Antivirus 2008/2009 infections. Vundo was not hard to remove, at least not as difficult as Windows XP Antivirus, but I had to do it in Safe Mode. In the normal mode, the malware kept me from going online. Well, actually, it let me go online but while online wouldn’t let me download any antispyware or tools to fight the malware. And if I tried to start (click on) an antivirus or antispyware, it just didn’t open.
To go into Safe Mode, restart your computer.
As the computer reboots, tap the F8 key repeatedly. A bunch of start up options will appear; pick “Safe Mode with Networking.” A long list of drivers will scroll down your screen in black and white. You’ll be asked if you want to go into Safe Mode, Y or N? Y is for Safe Mode or N is for System Restore. You want Y.
If you don’t tap F8 at just the right time, you’ll end up in normal Windows. Just reboot and try again.
Once in Safe Mode, go online, and once online, come back to this blog https://www.ducktoes.com/blog (or just bookmark this page) and click here to download Malwarebytes Antispyware.
After it’s installed, update and run Malwarebytes Antispyware. Remove the spyware and malware.
Now reboot and download SD Fix. If your computer is still too infected to download anything, boot into Safe Mode with Networking and download SD Fix from there. Either way, click on the icon and run it.
If you aren’t in Safe Mode already, reboot into Safe Mode.
Click on My Computer, then on the C drive. At the top of the C drive, look for a folder that says SD Fix. Open it. Inside the folder you’ll see a file that says RunThis.bat. Click on it. It will run a program to clean up the Trojans. Type Y to begin. SD Fix will delete all the spyware or trojans it comes across. Then you’ll be asked to type any key to restart the computer. Do it, type a key.
Your computer will reboot. As it does, it will finish cleaning up the malware it has found.
After this, your computer should behave much better.
Doh! I was domain searching at namecheap.
com and went to type in the domain name: http://ducktoes.
com/blog/individual-spywares/how-to-fix-trojanvundo-in-safe-mode/ and guess who already acquired it?
You did! lol j/k. I was about to buy this domain name but noticed it
had been taken so I figured I’d come check it out. Good blog!
Comments are closed.