Saturday, June 7, 2008

How to remove Vundo/Virtumonde trojan?

I got burned by this motherf**king (sorry for the language) trojan twice. The first time the explorer was quiting everytime I opened a folder and no antivirus was able to detect it. I tried Vundofix, VirtumondeBegone, HiJackThis etc. I even reinstalled the OS, but the trojan was persistent. After two days a message appeared offering a "help" (paid help of course), I ran Kaspersky then, and I got rid of it.
The second time I fried the motherfu**ing b**tard's as* (again, sorry for the bad english) much easier and faster.

THE SOLUTION

What you need is SpybotS&D (Search and Destroy). It's freeware made to get rid of adware. You can download it here. You can choose the beta version or a stable release which is recomended.

Install Spybot, and update it. Then run it and scan your computer. This will take a while. After it's finished look carefully if any of the results is actually something you need (which I doubt it, but if anyone is using cracked OS, the crack might be on the list). Select the Vundo or Virtumonde entry and click Fix Selected Items. Now Spybot will get rid of most Virtumonde/Vundo entries, but some will be unable to.
That's where Spybot will ask you if you want to run Spybot at startup. Choose Yes or OK, I don't remember which was it, and restart your computer.
After restarting only Spybot will run and start checking for problems again. (This is the waiting part which could be about 30 minutes. And again after finishing click Fix Selected Items, but this time since no other program is running Spybot will remove the Vundo/Virtumonde trojan.
Choose Exit from the menu bar and Windows will start.

And that is how it's done.

If any questions, comment. I'll try to help. if it works please do tell, again.

No comments: