Remove VirtuMundo, removal instructions

Comments from visitors:

1. by Guest. 2006-09-03 11:09:15

yes please remove v4guitar@aol.com from all mailing ...........

2. by Guest. 2006-08-08 10:08:10

I have requested that the host of this website stop emails to me. Whom ever is using you as host is annoying and sending unwanted information to me. Virtumondo, I wish that you unscribe me for the last time. Also remove my email from the other engines that you are affilliated with.

janbillb2@aol.com

3. by Guest. 2006-06-25 21:06:42

Wouldn't want to post anything "harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially or ethnically objectionable." God Forbid. Can I mention God? Anyway, here's my totally uncensored comment about VirtuMundo: They're obviously a group of very nice, church-going young men who have been wrongly accused of heinous activity. Can I say the word "heinous"?

4. by Guest. 2006-06-04 09:06:27

remove me from future mailings shannasgm@aol.com

5. by Guest. 2006-05-27 12:05:15

6. Joseph by Guest. 2004-11-29 13:11:06

I have Windows XP and I am not sure how to remove access to the file. Also, which users should deny access to and which should have access?
Thanks in advance

7. Problems following #4 by Guest. 2004-11-28 18:11:02

Hi! I am trying to remove the dvdfax.exe off of my computer... I have been using the procedure listed in #4. I have gotten to the point where I need to change the users on the file.. but, I don't have a security tab under properties and cannot find anywhere to change the users on the file... I am running XP - any suggestions?

8. I had one error in my post #4 by Guest. 2004-11-23 10:11:59

I read post number 5 and realized I left one line out of the key to search for.
HKLMsoftwarewindowscurrentversion
should actually read:
HKLMsoftwaremicrosoftwindowscurrentversion

Sorry for any confusion there.
P.S. It took me the better part of a day to find out how to get rid of this thing. I should never have needed to but my AV company Computer Associates (e-trust) refuses to call this a virus. They bought an anti-spyware comapny in August '04 and now want you to buy that product to get rid of it.

Go figure!

9. Hello, to the author of post #4.... by Guest. 2004-11-22 14:11:14

I'm running XP home and as I run down the registry location you mention, I find:
HKEY_LOCAL_MACHINE
SOFTWARE

But no registry file under those two simply called "windows". I have "windows 3.1 migration status" but that's not it. No other files called or starting with windows under HKLM/SOFTWARE.

Any thoughts? Thanks!

10. "Follow Post #4 you must." - Yoda by Guest. 2004-11-20 22:11:29

My wife just spent an ENTIRE WEEKEND on the phone with the useless fools at Symantec (Yes, the Norton people), trying to get rid of this hellish, infernal Adware.Virtumonde trojan horse. She literally talked to 5 different "technicians" at Symantec, including a "specialist" from the "VirusRemoval Team" and none of them had a clue--they kept telling her to do things that were redundant or treating other problems, but not the Virutumonde. Our CPU usage was at 100% and it was nearly impossible to do anything. We had nearly resigned ourselves to re-formatting our hard drive of which I am pathologically terrified), when my wife found the instructions in Post 4 above. She tried it, and it actually worked. Thank you, oh, thank you, whoever posted Post 4. What are you, anyway, a PhD in Computer Science? A PC Jedi Master? Whatever you are, whereever you are, we are both very grateful.

11. Bravo Number 4 Post by Guest. 2004-11-20 12:11:03

This really works!! U don't have to take your PC to a professional to do the job.'

I've been bothered by VirtuMonde for some time, tried many things, Norton can't delete it, Ad-Aware can't delete it, almost going to reinstall my PC. Luckily I found this post, and followed the instruction here, and it works.

Even though the files were not listed here, but i want to say "Thank You Very Much" to you, number 4 post.

12. Virtumonde variant by Guest. 2004-11-18 14:11:03

Here is how to remove it (long post sorry)
I read a comment made by another user that the files name was not windowsupd or the variations listed.

It may or may not be Virtumonde but it is a nasty bugger to get rid of.

Do the following exactly or it will come back to haunt you.

Open regetit and backup the registry (just in case)
Go to HKLMsoftwarewindowscurrent versionrunonce

There will be an entry starting with an asterisk *
The data section will point to a file on your system.
Find that file, right click, Properties, security.
Remove all access to the file. The users list needs to be blank or it won't work. If you have inherited permissions uncheck that and when you are asked to copy or remove just click remove.

Now save these changes by clicking OK all the way out.

Reboot.

Ok the virus is now inactive so you have to do the cleanup.

Open regedit go back to HKLMsoftwarewindowscurrent version and look under all the RUN keys (run, runonce, runex, etc) delete all entries that start with an *.

Now go back to the original file you removed access to and add yourself to the access list with full control.
Save changes and then delete file and empty recycle bin.

You should now be clean of the virus.

13. Different File by Guest. 2004-11-15 23:11:29

I seem to have this spy-ware on my system but I have dvdfax.exe running as the process not one of those windowsudp or sysudp files...

14. i can't seem to open.. by Guest. 2004-10-27 08:10:32

I can't seem to open "Run". I was able to do everything else. What else can I do?

15. re ....how do i find by Guest. 2004-10-25 19:10:59

if you have to ask how to find a registry key then you have no business even dealing with it ... take it to a professional ....
certified pc technician

Remove VirtuMundo. Description and removal instructions

Automatic VirtuMundo removal:

VirtuMundo manual removal:

Other programs to remove VirtuMundo:

Additional resources related to VirtuMundo:

Post Comment: