My computer currently has a Trojan.Virtumonde. How do I get rid of it??

First, I’d like to cover what?exactly a?Trojan?Virtumonde?is or can look like for some of our viewers who might not be so familiar with it.? A virtumonde by definition is adware that modifies the Windows Internet connection mechanism and display various pop-up advertisements.? It holds an elevated level of danger to your PC security (around a 4 out of 5 star rating!)

The virtumonde attaches itself to critical system processes so its tough to do a “seek-and-destroy” type of removal.? It gets its power from?exploiting weakness of Sun Java, so its commonly seen more in Internet Explorer then some sister browsers of Firefox and Opera (but neither are scot free).

Some common forms the Virtumonde operates under range from any of these:

  • Spyware/Virtumonde
  • Downloader.Virtumonde.G
  • Trojan.Downloader.Virtumonde.F
  • Trojan.Virtumod
  • Trojan.Downloader.Virmo-3
  • Trojan:Win32/Vundo.A

^each generating random .dll’s once they are ran and starts its infection process.? Do to the fact it attaches itself to system processes and can add registry keys to the auto-start, this special bugger can execute itself every time Windows is rebooted.? As you can tell, this is definitely a more serious type of trojan and should not be taken lightly.

Symptoms: If you see your PC with any of these systems, please post on the forum and try the fix as they are all signs pointing to a serious Virtumonde infection.

  • Numerous pop-ups upon browser start up
  • Changed desktop backgrounds
  • Blue Screensavers (not chosen by default)
  • Disabled Windows Security Center
  • Computer offers a fix for the problem it seems to have

How to remove the infection:

1. Download VundoFix.exe to your desktop

2. Run the .exe and click Scan for Vundo

3. After the scan, use the Remove Vundo button (click yes on the prompt asking if you would like to remove the file)

4. Let the process run, don’t be alarmed when the desktop goes blank or discolored while removing the file. Reboot the computer when prompted again.

5. If the Fix claims it cannot remove all of the files, it will run again once the system has rebooted, just follow the above directions, starting with the Scan for Vundo.

This should remove your problem!? If you feel the infection is still?there, save the contents of C:\vundofix.txt and post it on the forums along with a HijackThis Log and a specialist will be around to help.

Good Luck!