Click on screenshot to zoom
Danger level 10
Type: Trojans
Common infection symptoms:
  • Changes background
  • Connects to the internet without permission
  • Shows commercial adverts
  • Normal system programs crash immediatelly
  • Strange toolbar installed without Your permission
  • Slow internet connection
  • System crashes
  • Cant change my homepage
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Vundo

Vundo is a big family of Trojans which are designed to deliver ‘out of context’ pop-up advertisements. They are also able to download and execute arbitrary files. It is possible to get infected with Vundo via peer-to-peer file sharing, spam email; drive-by downloads and so on. This presupposes that the user must be cautious of what kind of files he or she downloads or saves into personal computer, because the Trojan can be hiding anywhere.

As far as the functions of Vundo are concerned, not only does it display annoying pop-up advertisements on the affected computer, it can also inject commercial ads into the search results. Vundo shows all kinds of pop-ups which include these fake scan results, bleeping in order to scare the user to think that the computer has been compromised and then click on the “further information” button. Needless to say, that the advertisements generated by Vundo promote websites which offer usually malicious programs, which promise erase non-existent viruses from the computer. And of course, in order to use these programs, one would have to buy it.

So it is obvious that Vundo is a part of the rogue antispyware distribution and promotion system. Not to mention that it also advertises adult web sites and services. Therefore Vundo must be deleted from the system, because it is an annoying parasite which can lead to an even more serious infection. This Trojan tries hard to remain the affected computer by lowering security settings and preventing the user to access certain sites. It also disables certain system software, and in some cases it can go as far as trying to disable antivirus programs.

Due to the fact that Vundo is good at hiding itself and resisting the interrogation of security products, the average user might find it very hard to remove Vundo on his own. In such case the user can download an up-to-date malware removal program, which will intercept and delete Vundo efficiently for him.

Download Spyware Removal Tool to Remove* Vundo
  • Quick & tested solution for Vundo removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Vundo

Files associated with Vundo infection:

wvUOGYoL.dll
vtUmKAQg.dll
ljJYPfdD.dll
bawtygwr.dll
vthykqmd.dll
mcdgwo.dll
geBtQgEx.dll
mlJArppO.dll
xzsayk.dll
nxljosse.dll
gawkjesp.dll
nciruh.dll
nvwjphjb.dll
hxbdht.dll
yjhwqywj.dll
khfFuVoN.dll
byXOgeBt.dll
vtUkjJAS.dll
fcccyVPi.dll
vgifofek.dll
qoMdCuSI.dll
ljJAQKeC.dll
iifdddEX.dll
ljJCrPIB.dll
ddcARhhG.dll
bbqcfsxm.dll
abvwmbgb.dll
usjmyb.dll
cjdfyh.dll
ddcYsRhh.dll
xfedlxrj.dll
vtUlJyWn.dll
tuvUOGvs.dll
byXroNET.dll
qoMfeedC.dll
iifgDVNG.dll
geBtQihF.dll
ljJBrOFV.dll
lfuhuuwf.dll
ckds16.dll
geBtQkLE.dll
wvUoppPh.dll
qqkdgkie.dll
cbXRHbab.dll
efcDVmLb.dll
mws29854.dll
yjrhhukn.dll
hgGYoPGx.dll
tuvSihIy.dll
xxyvuuro.dll
uvwvjvgk.dll
rlawcyxm.dll
khfFyVPj.dll
efcCspPg.dll
file[2].exe
opnKecCv.dll
geBuUMef.dll
khfghhIA.dll
iifgfCsP.dll
tuVPgdDW.dll
qoMfEusT.dll
qvmzxdoc.dll
10002.exe
mqmnhhrd.dll
xh-codec.v.1.189[1].exe
jkkIBTNE.dll
iifecbYo.dll
rqRiGyvw.dll
wvUlkHaX.dll
cqaihphf.dll
hgGaATJa.dll
mlJYOeby.dll
update.1.014[1].exe
file[1].exe
ljJARjii.dll
awtussPi.dll
geBtUoLd.dll
sywagp.dll
dsnrhz.dll
scan[1].exe
1696513598.exe
ssqnmNhI.dll
ljJYRJDw.dll
jkkIyYSi.dll
egesewvs.dll
cbXqpoMF.dll
srqss.ini2
srqss.ini
srqss.bak2
srqss.bak1
yayyyxw.dll
yayxwxx.dll
yayvtsp.dll
xxyywxw.dll
xxyaywu.dll
xxyawvw.dll
xleshega.dll
wvuvvut.dll
wvusqrr.dll
wvusqqq.dll
wvusqqn.dll
wvurrro.dll
vtuutrq.dll
urqqpom.dll
urqpoom.dll
urqopqn.dll
urqnoml.dll
urqnklj.dll
tuvttsq.dll
tuvtsqq.dll
tuvssss.dll
tuvsspp.dll
ssqrs.dll
ssqrrqr.dll
ssqrpno.dll
ssqqrop.dll
ssqpppm.dll
ssqomkj.dll
ssqnnmn.dll
rqrolkk.dll
qomlljh.dll
qomlkjj.dll
qomkjkj.dll
pmnljgg.dll
pmnkhgf.dll
opnomll.dll
opnklif.dll
nnnonnk.dll
nnnmjig.dll
nnnllji.dll
nnnklml.dll
mljkiji.dll
mljghfe.dll
mljgedd.dll
ljjkigd.dll
ljjjhge.dll
ljjhhig.dll
khffcdd.dll
khfefed.dll
khfdaab.dll
jkklmli.dll
jkkkigf.dll
jkkhheb.dll
iifddec.dll
iifddaw.dll
iifccbc.dll
hgghfda.dll
hggggfc.dll
hggeeff.dll
hggebxw.dll
hggdbyw.dll
gebxxxx.dll
gebbbby.dll
fccaxyy.dll
efcyvss.dll
efccbxv.dll
efcbcyy.dll
efcayvs.dll
ddcyvvw.dll
cbxvvww.dll
cbxvsrp.dll
byxxwtq.dll
byxvvsp.dll
bqtsmphi.dll
awturop.dll
awttrpo.dll
awtstqn.dll
aocreofm.dll
agtcesdo.exe
vtsqo.dll

Vundo DLL's to remove:

wvUOGYoL.dll
ljJYPfdD.dll
bawtygwr.dll
vthykqmd.dll
mcdgwo.dll
geBtQgEx.dll
mlJArppO.dll
xzsayk.dll
nxljosse.dll
gawkjesp.dll
nciruh.dll
nvwjphjb.dll
hxbdht.dll
yjhwqywj.dll
khfFuVoN.dll
byXOgeBt.dll
vtUkjJAS.dll
fcccyVPi.dll
vgifofek.dll
qoMdCuSI.dll
ljJAQKeC.dll
abvwmbgb.dll
usjmyb.dll
cjdfyh.dll
ddcYsRhh.dll
xfedlxrj.dll
vtUlJyWn.dll
tuvUOGvs.dll
byXroNET.dll
qoMfeedC.dll
iifgDVNG.dll
geBtQihF.dll
ljJBrOFV.dll
lfuhuuwf.dll
ckds16.dll
geBtQkLE.dll
wvUoppPh.dll
qqkdgkie.dll
cbXRHbab.dll
efcDVmLb.dll
mws29854.dll
yjrhhukn.dll
hgGYoPGx.dll
tuvSihIy.dll
xxyvuuro.dll
uvwvjvgk.dll
rlawcyxm.dll
khfFyVPj.dll
efcCspPg.dll
opnKecCv.dll
geBuUMef.dll
khfghhIA.dll
iifgfCsP.dll
tuVPgdDW.dll
qoMfEusT.dll
qvmzxdoc.dll
mqmnhhrd.dll
jkkIBTNE.dll
iifecbYo.dll
rqRiGyvw.dll
wvUlkHaX.dll
cqaihphf.dll
hgGaATJa.dll
mlJYOeby.dll
ljJARjii.dll
awtussPi.dll
geBtUoLd.dll
sywagp.dll
dsnrhz.dll
ssqnmNhI.dll
ljJYRJDw.dll
jkkIyYSi.dll
egesewvs.dll
cbXqpoMF.dll
yayyyxw.dll
yayxwxx.dll
yayvtsp.dll
xxyywxw.dll
xxyaywu.dll
xxyawvw.dll
xleshega.dll
wvuvvut.dll
wvusqrr.dll
wvusqqq.dll
wvusqqn.dll
wvurrro.dll
vtuutrq.dll
urqqpom.dll
urqpoom.dll
urqopqn.dll
urqnoml.dll
urqnklj.dll
tuvttsq.dll
tuvtsqq.dll
tuvssss.dll
tuvsspp.dll
ssqrs.dll
ssqrrqr.dll
ssqrpno.dll
ssqqrop.dll
ssqpppm.dll
ssqomkj.dll
ssqnnmn.dll
rqrolkk.dll
qomlljh.dll
qomlkjj.dll
qomkjkj.dll
pmnljgg.dll
pmnkhgf.dll
opnomll.dll
opnklif.dll
nnnonnk.dll
nnnmjig.dll
nnnllji.dll
nnnklml.dll
mljkiji.dll
mljghfe.dll
mljgedd.dll
ljjkigd.dll
ljjjhge.dll
ljjhhig.dll
khffcdd.dll
khfefed.dll
khfdaab.dll
jkklmli.dll
jkkkigf.dll
jkkhheb.dll
iifddec.dll
iifddaw.dll
iifccbc.dll
hgghfda.dll
hggggfc.dll
hggeeff.dll
hggebxw.dll
hggdbyw.dll
gebxxxx.dll
gebbbby.dll
fccaxyy.dll
efcyvss.dll
efccbxv.dll
efcbcyy.dll
efcayvs.dll
ddcyvvw.dll
cbxvvww.dll
cbxvsrp.dll
byxxwtq.dll
byxvvsp.dll
bqtsmphi.dll
awturop.dll
awttrpo.dll
awtstqn.dll
aocreofm.dll
vtsqo.dll
vtUmKAQg.dll

Vundo processes to kill:

file[2].exe
10002.exe
xh-codec.v.1.189[1].exe
update.1.014[1].exe
file[1].exe
scan[1].exe
1696513598.exe
agtcesdo.exe

Remove Vundo registry entries:

HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows NT CurrentVersionWinlogonNotify[filename]
HKEY_LOCAL_MACHINE SOFTWAREClassesCLSID{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows CurrentVersionExplorerBrowser Helper Objects{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsNTCurrentVersionWinlogonNotify[filename]
44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects {869B20A6-AADA-477D-BE23-68A966B1183D}
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ddcYsRhh
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db5a474a-12a0-4d26-a1fc-a7ea8ef94edc}
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73259091-9574-4ED8-A40F-7F65AFC28634}
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32A75D52-5C2C-4D52-8107-1239F8F791E0}
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5F015D8-AC73-4AB8-A99F-503479159097}
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.