Need Help With Virtumundo and other problems.

I've done my homework and have tried for days/weeks to get rid of my computer problems. I had a lot of them. Virtumundo has been one I can't seem to get rid of. I've done everything in this thread: http://forums.majorgeeks.com/showthread.php?t=35407 and I followed this thread to see if the problems are similar to mine: http://forums.majorgeeks.com/showthread.php?p=470166#post470166.

My regedit and my task manager windows also don't stay open, which I believe is another issue all together. They work in safe mode though.

I have a HJT log ready for someone to look at. I think I did it correctly.
Any help is appreciated as I've run out of ideas.
Thanks.

 

Download Adaware SE: http://www.majorgeeks.com/download506.html
Get this Malware Plugin: http://www.majorgeeks.com/download4283.html
Install
Restart your computer in SAFEMODE WITH NETWORKING
Use your AntiVirus software next...
If this does not work, reply to this thread...

 

Before using your antivirus software use the adaware full system scan, sorry about the double reply

 

Thanks for the reply on my other post Tribulattifather. I've run adaware with the VX2 plugin, and I get Virtumundo appearing in the critical folder. when I delete and reboot, and rescan, it's there again. Is there a way to just get into my Registry and delete these buggers? Any help appreciated!

 

I have been using AdAware, which is how I know it is Virtumundo. The files come up everytime I run it. I've tried deleting them via AdAware and by hand. They keep coming back. I just tried it again and they are still there after running AdAware.

 

To tell you the truth, I had this same problem... So here is what I used in SAFE MODE:

1st: CWShredder
2nd: Hijack This
3rd: Spy Hunter
then, My Norton AntiVirus 2003 Professional Edition
and Lastly, Adaware SE 1.05 Personal w/ VX2 cleaner

I always have a program called Prevx Home running (which is a Spyware & Adaware, Malware, Trojan and Worm prevention utility....The reason why I got the Virtumundo worm was because I had it off when I was downloading a 7 GB file while looking up things on the web that one should know not to look up without "protection."

Now, tell me... what antivirus software do you use....

 

A better question would be which one haven't I used.

I have AdAware, AVG, Spyware Blaster, Trojan Remover, Spybot, HijackThis and I've used the two online scans mentioned in the Before you post thread. There may be others, but those are the ones I recall. I've been battling these problems on and off for months.

 

Well the only thing we can ask of you is for your Log File....You say that you have been fighting this thing for months...well that means that it has mutated so many times that it is a pretty ground in stain by now....Listen.....I am going to give you my email.... Tribulattifather@yahoo.com Email me and I will give you something to stop this.....but first tell me what Antivirus software do you use.....

 

I've e-mailed you yesterday via my Mac. I don't have e-mail set up on my PC, so here's my log file. Hopefully it's been done correctly.

 

ill email you which ones to fix, but, please remember to do this in safe mode with system restore off.....

Also see this thread for more options to run in safe mode...
http://forums.majorgeeks.com/showthread.php?t=47984

 

Ok, did what you told me. Here's the new log file. When I went to restart, I got a warning saying antips.exe was not responding and it was going to end the task.

Also, my AVG would not start up because of a missing dll file.

 

Which service pack do you have....The avg you can reinstall, the AVG itself had become attacked....

 

Service Pack 4

 

regarding Spy Hunter

you can find a list of Rogue/Suspect Anti-Spyware Products & Web Sites
here:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

just a note

recommended

can be found in the sticky, READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
here
http://forums.majorgeeks.com/showthread.php?t=35407