McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Trojan.Vundo Manual Removal

by Sarah on May 20, 2008


Trojan.Vundo Manual Removal Instructions

WARNING:
This Trojan.Vundo manual removal process requires good computer skills, manipulations with Windows registry may cause system crash.
Don’t forget to make system and registry backup before this operations.
We cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. We decline any responsabilaty, Use this manual removal at your own risk.

We highly recommend you to download our Recommended Automatic Spyware Remover.



To manually remove Trojan.Vundo, follow the steps below:

  • 1. Find and Remove the following Trojan.Vundo Processes:

    		 How to Stop malicious Processes

  • 2. Find and Remove the following Trojan.Vundo files and folders:

    • Vundo uses randomly named files. The parasite creates infected executable files with random names. These files can be found in different folders inside C:\Windows or C:\Winnt directory.

    		 How to find and delete harmful files

  • 3. Find and Remove the following Trojan.Vundo files and folders:

    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\ {02F96FB7-8AF6-439B-B7BA-2F952F9E4800}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Explorer\ Browser Helper Objects\{02F96FB7-8AF6-439B-B7BA-2F952F9E4800}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\ {2353FCBC-012D-487B-8BF3-865C0929FBEB}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ATLDistrib.ATLDistrib\CLSID\
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ATLDistrib.ATLDistrib.1\CLSID\
    • HKEY_USERS\S-1-5-21-2068663838-1736639611-1443527720-500\ Software\Microsoft\Windows \CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\ {22E85F2A-4A67-4835-B2C3-C575FE4EC322}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ADOUsefulNet.ADOUsefulNet
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ADOUsefulNet.ADOUsefulNet.1
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\Browser Helper Objects\{22E85F2A-4A67-4835-B2C3-C575FE4EC322}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60}
    • HKEY_CLASSES_ROOT\CLSID\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60}
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ DPCUpdater.DPCUpdater
    • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ DPCUpdater.DPCUpdater.1

    		 How to find and remove malicious Registry entries

    Recommendation:

    Wrong manual removing process can cause irreparable and serious damage to your computer operating system. You may need the use of a powerful anti-spyware utility such as our Recommended Automatic Spyware Remover to get rid of Trojan.Vundo, to completely clean your computer of any invasive threat and to keep it protected from future spyware infections.

    Spread the Word
    • Digg
    • del.icio.us
    • Facebook
    • Reddit
    • StumbleUpon
    • Google Bookmarks
    • Yahoo! Buzz
    • Live
    • LinkedIn
    • MySpace
    • Propeller
    • Twitter
    • Technorati
    • Add to favorites

    Leave a Comment