How to Remove Virtumonde Trojan

This VirtuMonde trojan uses java software to load install itself in your computer. Three exe files are installed into your computer. You may see WindowsUpd1.exe, WindowsUpd2.exe, or WindowsUpd4.exe in your task manager. Follow the instructions below to remove VirtuMonde trojan or use a strong anti-spyware program

Mode of Infection

The trojan has become commonplace due to its infection through fake antispyware and antivirus programs. The is usually a warning message pop-up window with a message indicating a black worm virus or other virus attack. Click the link leads to an installation of the trojan.

Step 1: Edit the Registry

  • Click Start
  • Click Run
  • Type regedit
  • Find this registry key:

    HKEY_LOCAL_MACHINE\\
    SOFTWARE\\
    Microsoft\\
    Windows\\
    CurrentVersion\\
    Run\\

  • Locate the value: “WindowsUpd1, WindowsUpd2 and WindowsUpd4”
  • DELETE them.

Delete Computer History

Step 2: Stop Automatic Restarts

In order to not have to remove the trojan again, you need to make sure it is not automatically loading up again in your startup. Check your startup configuration to ensure that the trojan exe files are not running

  • Open your Start menu.
  • Click Run
  • In the command screen type msconfig.exe
  • In the system configuration utility,click startup tab
  • Uncheck the process
    WindowsUpd1.exe
    WindowsUpd2.exe
    WindowsUpd4.exe
  • Click OK

Delete Computer History

Step 3: Delete VirtuMonde EXE files.

You may need to delete the exe files. The best way to do this is from the DOS directory and or Windows explorer.

  • Open Windows Explorer
  • Search for VirtuMonde processes
  • Delete the processes.

You may want to remove Virtumonde trojan files with a good anti-spyware programs.