Fix Virtumonde.dll Virus on Windows Vista
A friend of mine, brought his computer home because his machine
needed a repair.
After installing
Spybot
S&D and checking the machine for SpyWare.
The program found like 26 spyware / adware infections. After fixing
them,
I decided to run once again the program just to assure myself that
the infections has been properly removed.
After scanning his hard drive a second time with SpyBot S&D,
just one infection
was found though I have to admit a really tough one!
The questionable spyware found was called
virtumonde.dll
I followed instructions from
fixvirtumondedll.com
to remove the cursed spyware.
Here are the instructions removing virtumonde.dll in a
"quick" way.
1. Buy or find cracked version of Spyware Doctor
and check the system with SpyWare Doctor under Safe Mode
2. Use SuperAntiSpyware
After installing and running SuperAntiSpyware a test on the Windows
Vista system,
in Safe mode, the software happily found and removed a dozen of
malicious spyware.
However I decided to check the system afterwards with Spyware
Doctor
cause I wanted to be certain that all the Spyware on the system is
removed.
Once again checking the Fujistu Siemens notebook with Spyware
Doctor
it rendered that some more 40 pieces of spyware was left
undetected
by SuperAntiSpyware.
3.
Download and install VundoFix
In my case VindoFix found nothing.
However removing.
Again I launched SpyBot to check the system for spyware, cause I
wanted to be sure all that Virtumonde is removed.
Not so surprisingly the cursed Virtumonde was still there
SpyBot reported to be hiding in a in
C:\Windows\System32\KBDLV9.DLL
I endeavoured a manual removal attempt using the
attrib commannd.
This is how I tried to remove all (system, hidden, read only,
archive) attributes of the file
cd
attrib -s -h -r -a C:\Windows\System32\KBDLV9.DLL
Anyways all was futile, the file was already loaded by a program so
I was not able to touch it
Everything I tried failed.
Since the described automatic procedures failed, I started thinking
about manually removing
Virtumonde.dll, though after reading some instructions and
realizing it would take me at least
a day I decided to give a try to a tool called SmitFraudFix
Many people reported this small tool fixes definitely the problems
with the damned Virtumonde.
It's required that SmitFraud be executed in Safe mode, the program
is text based which make
me even more feel at home.
Fortunately at last this program was able to remove the final few
last remains from VirtuMonde!
Ghhh What a Windows Nightmare
After removing the security threads lastly with Spyware Doctor, now
the
system is perfectly clear.