Warning! Win32/Adware.VirtumondeThe shown message is as follows: “WARNING! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer. Warning! Win32/Adware.Virtumonde "Warning! Win32/privacyremover.M64".” The biggest threat to a user, is that Win32/Adware.Virtumonde scares him, and forces him to buy AntivirusXP2008 (or Antivirus XP 2008, AntiVirXP08, AntivirusXP 2008, Antivirus2008XP) which costs $39.95-$79.95. Dont be fooled with this fake warning message, because Win32/Adware.Virtumonde is only a text or a image, which promotes AntivirusXP2008 (or Antivirus XP 2008, AntiVirXP08, AntivirusXP 2008, Antivirus2008XP) fake AntiSpyware. We advice to remove Win32/Adware.Virtumonde fake message as soon as possible! | ||||||||
| ||||||||
|
|
Danger level: 
9
9
Type: Trojan
Common infection symptoms:
Other mutations known as:
- Changes background
- Connects to the internet without permision
- Shows commercial adverts
- Strange toolbar installed without Your permission
- Slow internet connection
- System crashes
- Annoying pop-up's
- Slow Computer
How to manually remove Warning! Win32/Adware.Virtumonde
Remove Warning! Win32/Adware.Virtumonde registry entries:
Warning!Win32/Adware.Virtumonde
Win32 Adware Virtumonde
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser HelperObjects\{519AD75B-6F4F-4E48-B7C9-3793CE64B509}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser HelperObjects\{D1ABCDFC-3CB1-406D-873B-E61567F561E7}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opnkkhe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqrsst
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljjkhge
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyvwxx
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkjigh
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturrqo
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturp
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggffef
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\byxyaby
RUNNING PROGRAM\explorer.exe
RUNNING PROGRAM\lsass.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\vtUkiGxX
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{BE0FF150-C7FC-4E37-8F92-4E9AF1389238}
Win32 Adware Virtumonde
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser HelperObjects\{519AD75B-6F4F-4E48-B7C9-3793CE64B509}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser HelperObjects\{D1ABCDFC-3CB1-406D-873B-E61567F561E7}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opnkkhe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqrsst
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljjkhge
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyvwxx
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkjigh
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturrqo
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturp
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggffef
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\byxyaby
RUNNING PROGRAM\explorer.exe
RUNNING PROGRAM\lsass.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\vtUkiGxX
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{BE0FF150-C7FC-4E37-8F92-4E9AF1389238}
Comments
godd