Ask your problem


How to Remove Virtumonde Trojan

Posted by Harish Kumar

This VirtuMonde trojan uses java software to load install itself in your computer. Three exe files are installed into your computer. You may see WindowsUpd1.exe, WindowsUpd2.exe, or WindowsUpd4.exe in your task manager. Follow the instructions below to remove VirtuMonde trojan or use a strong anti-spyware program

Mode of Infection

The trojan has become commonplace due to its infection through fake antispyware and antivirus programs. The is usually a warning message pop-up window with a message indicating a black worm virus or other virus attack. Click the link leads to an installation of the trojan.

Step 1: Edit the Registry

1. Click Start
2. Click Run
3. Type regedit
4. Find this registry key:

HKEY_LOCAL_MACHINE\\
SOFTWARE\\
Microsoft\\
Windows\\
CurrentVersion\\
Run\\

5. Locate the value: "WindowsUpd1, WindowsUpd2 and WindowsUpd4"
6. DELETE them.

Step 2: Stop Automatic Restarts

In order to not have to remove the trojan again, you need to make sure it is not automatically loading up again in your startup. Check your startup configuration to ensure that the trojan exe files are not running

1. Open your Start menu.
2. Click Run
3. In the command screen type msconfig.exe
4. In the system configuration utility,click startup tab
5. Uncheck the process
WindowsUpd1.exe
WindowsUpd2.exe
WindowsUpd4.exe
6. Click OK

Step 3: Delete VirtuMonde EXE files.

You may need to delete the exe files. The best way to do this is from the DOS directory and or Windows explorer.

1. Open Windows Explorer
2. Search for VirtuMonde processes
3. Delete the processes.

 

Labels:

0 Comments:

Post a Comment



Subscribe to: Post Comments (Atom)