Vundo Highjackthis Traces

« « Advanced Trojan Removal Guide  |  Remove Virtumonde K » »

Vundo Highjackthis Traces

Tuesday, February 26th, 2008    Subscribe To Our Feed

This page is dedicated to finding vundo and virtumonde traces that are found in the highjackthis page. Please add any traces you find. This will help thousands of people remove the virtumonde virus.

traces we know of already:

O2-BHO:(noname)-{EFCB1D95-FFF6-47BB-B6C9-61A523F04322} C:\WINDOWS\system32\vturr.dll
awtqn.dll
awtsr.dll
jkhfe.dll
vzbb.dll
O20 - Winlogon Notify: vturr - C:\WINDOWS\system32\vturr.dll

Get Social, Bookmark Us!!:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • blinkbits
  • BlinkList
  • blogmarks
  • co.mments
  • del.icio.us
  • digg
  • Fark
  • Furl
  • Ma.gnolia
  • NewsVine
  • Reddit
  • Smarking
  • Spurl

Posted in Virtumonde | Trackback | del.icio.us | Top Of Page



Site Search Tags: , ,
Technorati Tags: , ,
Related Tags: No Tags


Possible Related Posts

4 Responses to “Vundo Highjackthis Traces”

  1. Ben Garcia Says:
    May 31st, 2008 at 6:32 am

    Registry Key for Vitumonde
    hklm\software\microsoft\removerp\

    Windows file for Virtumonde
    Winlogon.exe
    C:\windows\system32\_c00C9FCE.data

  2. ceda Says:
    June 20th, 2008 at 9:29 am

    Hi!

    Alsou found this one:

    hggyawmm.dll attached to winlogon.exe

    i guess it it changing from time to time.

  3. esko Says:
    July 8th, 2008 at 5:21 am

    C:\WINDOWS\system32\wvUoOHxu.dll and
    C:\WINDOWS\system32\ljJAPIbb.dll

  4. Virtumonde Removal Says:
    July 8th, 2008 at 6:35 am

    uhjqfcqr.dll
    any file that has a .dll,b
    mljyatld.dll

    Smitfraud trace we found that is common
    wgalogan in the C:\Windows\ folder

Leave a Reply