I cant find any information on virtumond.a Ive looked for hours....does anyone know anything? Thanks for your time. Oh yea ....I just had sasser too...but i killed its ass haha....my girlfriend gets my comp a virus about once a month. peace
Your right Google comes up empty and Google ain't sloppy when it comes to finding stuff .Searches in the AVG and Symantec databases come up with nothing .
Hi Rusty, I am as desperate as you are - It's been 4 months that I am trying to get rid of _update.dat virus in temp files. In fact, that's the old name for Virtumond that my Winantivirus detected today.
The way to get rid of the old one was to go into the task manager and delete the sysupd.exe and you had a few seconds to delete this one to finally delete_update.dat. Why? because this _update.dat was hidden with sysupd.exe... but now it doesnt work anymore and I still have this crap in my computer and I AM DESPERATE ABOUT FINDING A SOLUTION. If you find anything please PLLLLLLLLease let me know
Hi Rusty again sorry second message- the name of the old virus for virtumond.A was called Trojan.Proxy.Agent.L- be careful if you type down the virtumond.A in google the all process slows down. It looks like it's going worse............. anyway I'm sick of this stuff I am going to sleep now- 2 AM!!!! struggling with this virus... if you have anything please let me know
What you need to do is find the exe that is creating the _update.* in the temp file.. I found on mine that it was sysupdt.exe which was being referred to in the registry under Hklm\software\microsoft\windows\run Which pointed out to the location for the _update.* file you speak of. What you can use is process explorer by sysinternals.com Kill the explorer shell and delete the exe that is rebuilding the _update.* in temp. The process explorer can also help with other spyware using dll's that attach to microsoft processes. Give me some more info on your system and I bet we can get rid of that booger.. I used scan spyware to find out what dll's were hosing my system and just went to the locations manually and deleted them.. If they were in use I used the process explorer to search for the dll then kill the process it was attached to and killed the dll file.. along with the registry entries that kept recreating it. Also AVG is great for this to, and its free virus detection software... email me or something and i can work with you to get it off your system.
Currently it is Friday, November 21, 2008 12:49 PM (GMT +1) There are a total of 63.985 posts in 15.829 threads. In the last 3 days there were 34 new threads and 167 reply posts. View Active Threads
Who's Online
This forum has 27186 registered members. Please welcome our newest member, Kerrloveswilly. 50 Guest(s), 0 Registered Member(s) are currently online. Details
|