Nilpo.com » Windows Administration, Windows Security, Windows Vista, Windows XP » Blog article: Removing VirtuMonde Virus

Removing VirtuMonde Virus

August 26th, 2007
Email This Post Email This Post Print This Post Print This Post
1 Star2 Stars3 Stars4 Stars5 Stars (7 votes, average: 4.86 out of 5)
Loading ... Loading ...

Hello, I have this VirtuMonde virus on my computer. I ran Spybot, Ad-aware and McAfee virus scan to see if I can clear it. I get certain things from Spybot but they usually reappear after I thought I deleted them. If you can help me get rid of this VirtuMonde plague I would be eternally grateful for not having to reformat my computer.- Andrew D.

Well, Andrew, you’ve come to the right place. The Windows Guru is at your service.

The VirtuMonde virus is classified as adware. It functions similarly to a keylogger to record information about your browser usage. It transmits this information to a central web site and then downloads targeted popup ads.

The VirtuMonde virus is most easily identified by most common anti-virus and spyware programs. However, you can also use SpyHunter’s Free VirtuMonde Scanner.

While it’s not a highly advanced infection, removing this pesky bug is difficult by nature because it uses several randomly named process files. It also adds many different registry keys entries that must also be removed.

So, while the VirtuMonde infection can be removed manually by deleting it’s viral processes and unregistering its other components, it’s much easier and far more effective to use a pre-built removal tool like that one provided by Symantec.

Symantec VirtuMonde Removal Tool

Remember to create a System Restore point before and after removal of the infection and don’t forget to backup any sensitive data before attempting any system changes.

Hope this helps!

Note:

Thank you to Dim, one of our readers for suggesting ComboFix. Download links and a great tutorial can be found at the following link:

A guide and tutorial on using ComboFix

Please use the trackback link when linking to this post.

Related Posts:

Add to Technorati Favorites

This entry was posted on Sunday, August 26th, 2007 at 9:19 pm and is filed under Windows Administration, Windows Security, Windows Vista, Windows XP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Removing VirtuMonde Virus”

  1. Sig Says:
    March 19th, 2008 at 7:56 am

    Thank you!!!!!!!!!!!! What a pesky bug this is. Ran McAfee, Ad-Aware, and Spyware Doctor and STILL couldn’t get rid of it.

  2. Dim Says:
    April 23rd, 2008 at 8:19 am

    I have tried Symantec Virtumonde removal tool, Vundufix and they found nothing while Spybot was alerting for Virtumonde and virtumonde.dll. When I tried with Combofix it cleaned it out. The infected files were in system32. I strongly recommend Combofix.

  3. Nilpo Says:
    April 23rd, 2008 at 9:39 pm

    Thank you very much for your suggestion. ComboFix is a very powerful tool and should be used with caution. Download links and a great tutorial can be found on Bleeping Computer.

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  4. Virtumonde Removal Says:
    April 24th, 2008 at 2:20 pm

    combofix is good stuff. I use it all the time in the field. For Virtumonde and the Vundo threat I like to do a system restore first if the computer was recently infected. Then after the restore run spybot, ad-aware, vundofix, highjackthis and then combofix if needed.

Leave a Reply

Nilpo.com » Windows Administration, Windows Security, Windows Vista, Windows XP » Blog article: Removing VirtuMonde Virus