If you are looking for expert help then we encourage you to ask the pros over at http://www.pcninja.com for help. These guys remove all viruses and spyware guaranteed or you don’t pay a dime. Be sure to mention this site as a referral and get a free tune-up with removal of Virtumonde. An S 89.99 dollar value FREE

If you are looking to remove Virtumonde yourself then you do have your work cut out for you. It’s not easy but with a good Virus and Spyware removal software suit like Spyware Doctor with Antivirus you can get the job done much faster.

Read on for other methods to Remove Virtumonde

This guide will help you fully remove Virtumonde. It is not for the weak willed our unskilled computer user. You have been warned. Because this guide involves using free software we can not be held accountable for any actions you take. All data loss or system failure is on you. PLEASE READ THIS ENTIRE GUIDE FIRST BEFORE STARTING. That way you know what you are up against.

The first thing you should do is bookmark this page because we will be re-booting several times.

We are going to be downloading several free programs but before we do that we are going to do a system restore. This step is very easy to do. Select Start > All Programs > Accessories > System Tools > System Restore. This starts the program to do a system restore. You do not loose data or recent work done. This will affect any software installed since the restore point you select. This includes Viruses and spyware. If you were just infected last week then go back at least 2 weeks prior. If you have no restore points just skip this step and move on. Once the restore is done your computer will boot back up. Shut your computer down and boot into “Safe Mode With Networking” Just start pressing the F8 button as your computer starts to boot. Keep pressing the F8 key every other second and you will see several options. Pick “Safe Mode With Networking”.

Once you have booted log into your user account and then click the following links to download the below software. Do not install them yet just save them to your Desktop.

Spyware Doctor with Antivirus: 30 day trail. The trial does not remove threats but the trial stops you from getting re-infected as we use other free tools to remove Virtumonde. If this guide is too advanced for your computer skill level then consider just purchasing this product or using this Computer Repair site to remove Virtumonde for you.

Spybot Search and Destroy: Free spyware removal tool.

Smitfraudfix: Free removal tool to help remove and re-set settings

Winsockfix: Helps rebuild your internet connection.

If you can not get onto the web make sure you are in SAFE MODE WITH NETWORKING and not just safe mode. Also if the virus is blocking Internet explorer you can use the old browser. This is a bit of a hat trick but check this guide out (Coming Soon). If you have an internet connection then don’t worry about it.

First we will install Spyware Doctor with Antivirus. Just follow the on screen prompts. Be sure to update the product. Also if you DO NOT plan on purchasing this product (Shame ) then be sure to cancel the auto starting scan because it will do you no good just yet. I personal swear by this product but if you can’t afford it then just move on to the next step. The trial is needed to stop threats from re-installing.

Now onto the main removal process. This is the meat of this article. The first thing to do is run Smitfraudfix.exe. This tool is very easy to use and for what we are doing you only need to hit a few keys. Double click on the Smitfraudfix.exe icon. The program will start. Now select option (2) by hitting the number 2 key and pressing enter. Once the cleaning is done the Windows Clean-up tool will auto start. Just hit cancel as we will address the junk files later on and the built in Windows tool does not do a good enough cleaning. Now you will be asked to clean the registry hit the (y) key for yes and then enter. That is it. You will see a .txt file open and will also be asked if you want to continue loading windows normal. Just select yes and quit the program.

Now onto Spybot search and Destroy. Perhaps the best free program tool ever created. This software does not give live protection but often times can remove many threats that even paid clients like Norton and Mcafee can not remove. Double click the install file and follow the on screen prompts. I normally un-check the TEA TIMER box when installing as it will block other free clients we will be using. the Spyware Doctor with Antivirus trial will block the threats already. When asked to create a registry backup select yes. When asked do the search for updates. Update the software as instructed and then immunize the computer when asked. Then do a scan. Remove any threats detected that are bad. You may be asked to have Spybot run on the next start up. Go ahead and allow it.

Unplug your network cable and reboot your computer. Once your computer boots up you may see Spybot run. Let it run if it wants to. If not when you log in you will see a few dos like screens pop-up. This is Spybot removing some left over traces from the first scan.

You are near the home front now but we want to make sure we have removed all traces and threats. Open up my computer and select the Tools tab then Folder Option. Select the view tab and then check the radio box next to show hidden files and folders and then press the OK button. Browse to C:\WINDOWS\Downloaded Program Files and remove everything in there. Yes some of it is not harmful but it does not really matter. Anything there you need can be re-installed anyway’s for free and it’s better not to take chances. Next delete everything in the C:\WINDOWS\Downloaded Installations\ folder. Now delete everything in the C:\WINDOWS\Prefetch folder.

You may also notice that your home page is still highjacked. That is not totally un normal. Simply open IE (Remember the network cable is still unplugged ) select the Tools then Internet Options and change the home page back to whatever you want.

Now check your system clock in the bottom right of your computer. Is it in Military time? If so you can change it back now that the infection is gone. select Start > Control Panel, Then open up the Regional and Language Options. Select the Customize option next to the word ENGLISH. Now select the time tab and change the Time format option to h:mm:ss tt . Now hit ok and close down all the boxes. Your clock is now set back to normal.

Chances are your computer is now clean. To make sure you should run a full scan using Spyware Doctor with Antivirus. Make sure you downloaded the antivirus version. Run the Deep Scan option and sit back and wait for the results. If only cookies were found then you are good to go. If this tool found any viruses or other threats still installed I really can’t help you any further with out you helping yourself first. Consider purchasing this product as it will protect your computer and remove any other traces left over.

It is safe to plug in your network cable again. Grab a beer sit back and start surfing the web. Don’t forget to brag to your friends about how you slayed the Virtumonde virus. If you are having issue connecting to the internet then run the Winsockfix to you downloaded earlier. This tool is only for XP. Vista has it’s own built in diagnostic tool.

After thoughts: You know how hard it was to remove this Virtumonde threat. It is not easy and you do not want it to happen again. I do not recommend relying on free clients to protect your computer. Almost all free clients AVG, spybot, ad aware and the like do not offer live protection. It’s only after you get infected that they catch things. That is why you need to consider purchasing real protection so this never happens again. I don’t care if you go with something other the Spyware Doctor with Anti-virus but at least stay away from Norton and Mcafee. I just don’t like them.

If after all this you are still infected and DON’T want to spend any money for whatever your reasons then you can download another tool that lives on the edge. Download Combofix.exe. This is a really nice tool but you should learn how to use it first. Also it carries risks to your computer. Most likely you can just double click it and run the thing and be fine but in some cases it causes major OS damage so backup your data first.

Here is a listing of other 100% free software you can use as well.

Vundo Removal Tool: Love it!! Run in safe mode for best results. Works great at removing most traces of Virtumonde and vundo allong with other variants of this strain like Winfix and winfixer. You still need an active internet security suit as this will do nothing to protect your computer just remove that one strain.

Norton’s virtumonde removal tool: Much like the above but from Norton.

VundoBeGone: Another tool that can be used but try the ones above first as this one takes little more care to use.

HighjackThis: This tool is used to eliminate and remove start up and running processes. This tool is more for advanced users but is great in helping other people find out what is wrong and what you are infected with.

Spybot S&D : Spybot has been around for years and is known as one of the best free programs on the web. Consider donating to them as this is really good stuff for being free. They now have something called Tea Timer that installs with Spybot. This gives you real time protection against threats. It does not auto scan but will block potential threats. Run the program in safe mode for best results

Malwarebytes : The free version is very good at detecting rootkits and the like.  It will help in the Virtumonde removal process but like everything on this page that is free you will still need multiple free clients to remove this fully.

Ad-aware : this program annoies me because it consistently asks you to buy the full version and runs automatically when your computer boots up even thoe it does nothing for you unless you buy the full version. However they do give you a great Scan and removal that is 100% free. I would install, update and run in safe mode and then remove the program so it’s not running anymore. It does catch things that Spybot will miss.
Avg Anti virus : This is from AVG and this is the free anti-virus product. It does a good job but all in all does not give you enough protection. Still it’s better then nothing. I find it does a poor job of Removing Vundo but you can always try it if you want

Avast : Another Free Anti virus program that is equal to AVG

PC Tools Anti-Virus : Perhaps one of the better Anti- Virus programs out there that are free. PC tools just one an award from PC Magazine for the Spyware Doctor with Anti-Virus program. This is not the same protection but appears to use the same base for the virus scan.

Share and Enjoy:
  • Print this article!
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks