1

While running anti-virus, my PC has detected the virus Trojan.VB.wvy.bgkl and failed to clean it.

Can anyone please suggest, why the system failed to clean and how it can be removed ?

Improve this question
3
  • probably best for superuser.com
    – Nope
    Commented Oct 30, 2009 at 15:58
  • 1
    To be honest, if you get a virus just format and reinstall. Those utilities are not reliable enough and even if one trojan out of a 100 was not cleaned, it is a backdoor for a lot more to come back.
    – BobbyShaftoe
    Commented Oct 30, 2009 at 15:59
  • 1
    Are you sure you got the name right? Google shows very few hits for that name.
    – Arjan
    Commented Oct 30, 2009 at 19:28

8 Answers 8

Reset to default
2

Don't reinstall Windows yet. That's an extremely drastic solution, and I hate how that's often the first thing people suggest here when someone says they have a malware infection.

I can think of at least four antivirus solutions you can install and run for free:

It's not uncommon for one AV engine to be better than another one at detecting or removing a particular threat. Try all of these in series, making sure to uninstall one before installing another. All of these except ClamWin have license agreements that prohibit use in commercial settings. If that's you, and you feel bad about it, try the Kaspersky Online Scanner (currently down, sorry) and the Windows Live OneCare Safety Scanner instead.

If none of these work, try the trial versions of other reputable AV solutions, like F-Secure and Kaspersky.

If those don't work either, see if there's any way to get rid of it manually, as other answers have suggested.

By now you should have bombed this trojan back to the Stone Age. If it's somehow still there, look at what your AV product has to say about it. If it seems reasonably benign, and doesn't enroll your computer in a botnet or something like that, consider leaving it there. Seriously. You have to weigh the value of the time it takes you to back up your data, reinstall and reactivate Windows, reinstall and reactivate your other applications, restore your data, and configure your OS and apps the way you like them. Meanwhile, it's possible that one or more of the AV vendors will improve their ability to remove this particular threat.

If you think about all that and decide it's still worth it, then, and only then, should you consider reinstalling Windows.

Improve this answer
3
  • 1
    I totally agree with the "Don't reinstall Windows yet." part, I don't understand why is everyone suggesting that! It's as if viruses were black magic, removable only by fire and prayers.
    – sYnfo
    Commented Oct 30, 2009 at 21:49
  • 1
    I can think of two reasons to blow it away right off: time and a false sense of security. Just running AV software on a computer with a virus may or may not remove it. Not good enough for me. As for time, how much of it do you want to spend on this? If it takes more than two hours to "fix" the issue, then you'd probably have been better off wiping and starting from scratch; that's about how long it should take to get back up and running from a formatted HD.
    – Michael Todd
    Commented Nov 14, 2009 at 21:15
  • While I can agree with the "Don't nuke it as a first resort" sentiment it is only useful if it's not a serious infection and can be cleaned up quickly. I have to agree with Michael Todd that if you've spent more than two hours fighting with various antivirus and antimalware tools then that time could have been better spent reinstalling the machine. On the plus side you get a nice brand spanking new computer that was as fast as the day you first bought it and without all the chaff that gets left behind after installing and uninstalling programs.
    – Mokubai
    Commented Mar 16, 2010 at 18:27
0

Because Antiviruses aren't infallible. Virus makers are constantly making new things, and all the antivirus makers can do is react to it. If you can't get rid of the virus yourself, just back up your stuff and reformat, your PC'll likely run faster for it anyway :)

Improve this answer
0

Anti-viruses often fail to clean things up. Many things are just too embedded into your system to do a simple delete on.

You haven't specified what anti-virus you attempted to use. You could attempt installing other anti-viruses and running them. You could try AVG Free and Microsoft Security Essentials, although I recommend only having a single Anti-virus running at a time, to prevent conflicts.

It's also possible your anti-virus threw a false positive, and you may not have too much to worry about if these other applications come back clean.

In these situations, though, it's sometimes better to just back up your data and reformat. Back-up just the data you need to keep, and reinstall Windows. This will wipe out the trojan, and hopefully you do not back up what gave you the trojan in the first place.

Improve this answer
0

Try to delete the infected executable by yourself. If you can't, try to find process of the executable in TaskManager and kill it, then try to delete the file again. If this won't work use KillBox or similar tool.

Improve this answer
0

Can you add a screenshot of the message you are getting?

As far as I can see, there isn't any virus named Trojan.VB.wvy.bgkl, so it's pretty interesting to know which software has come up with the message. It's quite possible that you have installed a false antivirus that's giving you false messages.

My advice is:

  1. If the message is produced by a real antivirus, find out which files it claims are infected with this virus and post the list here (do not delete manually).
  2. Use Internet Explorer and run a couple of antivirus online scans. Some that I like are Trend Micro House Call and Kaspersky Labs Free Virus Scan. If they find nothing, this is probably a false positive.
  3. Run some anti-adware software scans, such as: ad-aware and spybot.
Improve this answer
0

I've used Malwarebytes and has worked great, try it for free.

I's sugest installing it, then updating the definitions and lastly boot in Safe mode and run a full scan.

Hope this helps.

Improve this answer
0

Can anyone please suggest, why the system failed to clean

Because today's anti-virus software is, not to put to fine a point on it, total rubbish.

Even if it claimed to have ‘cleaned’ an infection, I wouldn't trust it to have removed everything. AV at the moment simply cannot keep up with the flood of horrors emerging from the (extremely profitable) trojan-writing world.

and how it can be removed ?

Nuke it from orbit (reinstall the OS). It's the only way to be sure.

However, don't do that until you know it really was a virus that really infected you. Most resident anti-virus tools will whinge away at web browser exploits they find saved in the browser's internet cache. This is especially likely to be what happened when they tell you some useless generic name like ‘Trojan.VB.wvy.bgkl’, which is the anti-virus way to say “er, it's some kind of malware, we're not sure what it does because we don't have time to analyse every little trojan of the millions out there any more”.

It is, however, entirely unproductive for the AV to tell you this, as hopefully your browser wasn't vulnerable to that particular exploit and you were never at risk. Alternatively, if you were vulnerable, the malware will already have executed by the time the AV found it in the cache, so even if it claimed to have cleaned it successfully, you probably still got infected. Joy.

Improve this answer
0

you need to run these programs in the Safe-Mode also. That Trojan uses the system 32 folder.

Live-Care or Malwarebytes should clean it when in safe mode

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .