Leader Webmaster
Number of posts : 77 Warning : Points : 2 Registration date : 2008-12-17
| Subject: Guide to Removal of Virtumonde! Sat Mar 07, 2009 11:51 pm | |
| Virtumonde is adware that displays pop-up advertisements. Some advertisements are for rogue antispyware applications such as Winfixer. Pop-ups are not marked as having originated from Virtumonde. Virtumonde runs hidden from the user. It installs itself as a Winlogon notification package and locks its own module. The module has a random 5 character name and is installed to the windows\system32 folder. Virtumonde infects Windows XP and 2000. Follow these removal steps to remove this adware from your computer:
- Click Start > Run, type 'regedit', and click Ok to open the Registry eidtor.
- Navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run.
In the right pane find and delete the entries with the value 'WindowsUpd' or ' SysUpd ' .
- Navigate to and delete the following registry keys:
HKEY_CURRENT_USER\Software\Microsoft\WindowsUpd HKEY_CURRENT_USER\Software\Microsoft\SysUpd
- Exit Registry Editor.
- Open a DOS command prompt window ( Start > Run , type 'cmd' (on Windows NT/2000/XP ) or 'command' (on Windows 95/98/Me)) and enter the following command:
regsvr32 /u %WinDir%\system32\cidrules.dll
- Reboot the computer.
- Search for and delete the following files from System directory ( by default this is C:\Windows\System32 ):
windowsupd2.exe cidrules.dll
| |
|
Sonicjesusfreak Tech Staff
Number of posts : 6 Age : 34 Warning : Points : 0 Registration date : 2009-03-09
| Subject: Re: Guide to Removal of Virtumonde! Mon Mar 09, 2009 2:18 pm | |
| Just a warning never mess with your computer's registry with out creating a backup first!!!!! You could damage your system if you delete the wrong stuff from the registry! | |
|