followed topic=35407, still have Virtumundo

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by digitalbuddha, Nov 22, 2004.

  1. digitalbuddha

    digitalbuddha Private E-2

    You guys have a great site here, recommended by the Star Wars Galaxies gaming community. I've followed everything in the Spyware, Trojan and Virus removal thread (t=35407) and am stuck with 2 instances of Virtumundo in my Registry that will not go away and is preventing me from logging into the game.

    I've run HJT and cleaned up obvious funky stuff, but how do I actually knock out this thing?

    I am running in safe mode and will not reboot if you need me to send the log file.

    Any help appreciated!
     
    digitalbuddha, Nov 22, 2004
    #1
  2. Tribulattifather

    Tribulattifather Private E-2

    Tribulattifather, Nov 22, 2004
    #2
  3. PhilliePhan

    PhilliePhan Guest

    Digitalbuddha,

    Please go ahead and send us a HijackThis Log. Make sure to follow the instructions below:

    Note that your HijackThis should be up-to-date (v1.98.2) and MUST be extracted to its own safe folder - C:\Program Files\HijackThis!

    If you need a Fresh Download of HJT, get it HERE: HijackThis 1.98.2

    Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and items in the system tray.

    Please save your HJT Log as a .txt file and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

    Send us a log and we'll go from there ;) I'll try to take a look Monday night if I get a chance.

    You should also see this thread: READ ME: Virtumundo Problems/Resolution Threads

    Best :)
    PP
     
    PhilliePhan, Nov 22, 2004
    #3
  4. digitalbuddha

    digitalbuddha Private E-2

    Hi PhilliePhan

    Thanks for your reply. I've attached the HJT file I ran in safe mode. I read one of your posts regarding the delete on reboot option with HJT but I think I did something wrong. :(
    Virtumundo spawned from 2 instances in my registry to 7! augh!!

    It looks like it renamed itself too.
     

    Attached Files:

    digitalbuddha, Nov 22, 2004
    #4
  5. digitalbuddha

    digitalbuddha Private E-2

    YES!!

    I decided to bite the bullet on this one. Too much frustration before coming to your site. I must say You've got the answers!!!

    The key was HJT's delete on reboot. I caught the little bugger trying to respawn when I got into safe mode the second time.

    I am cured! WooHoo!1ONE1!!!onE!!! :p
     
    digitalbuddha, Nov 22, 2004
    #5
  6. PhilliePhan

    PhilliePhan Guest

    Happy to hear it :) If you'd still like us to doublecheck your log, let us know.

    PP
     
    PhilliePhan, Nov 22, 2004
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds