Virtumondo – virus hunt - SmartData Collective

Removing virtumondo.

The other day I got an unsuspected pop up window using Internet Explorer. Strange, I thought, this kind of problems must be extinct years ago, I surely did something wrong…?

The problem was pervasive.

I use a virus killer and a firewall , and I don’t install software I’m not supposed to, except maybe Opera and Java.

I tried spyware killers of Google and Microsoft. It worked. One day later, the problem reappeared… and in addition they reported (and did not fix) a virus named “Virtumondo”!

The net is full of fixes and people telling stories of hours of work without result. Except the obvious, two “low hanging fruits” emerged:

1. Blocking Virtumondo.com and all popping up sites in %windir%\system32\drivers\etc\hosts

2. Removing write-access to “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify”

I then restarted into safe mode with command prompt, ran anti virus, and removed all (three) reg keys under “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify” starting with “__”.

That’s it, I don’t feel certain I removed the malware, but this is all I have time for, if the thing reappears I guess I’ll ask for a new ma…

Removing virtumondo.

The other day I got an unsuspected pop up window using Internet Explorer. Strange, I thought, this kind of problems must be extinct years ago, I surely did something wrong…?

The problem was pervasive.

I use a virus killer and a firewall , and I don’t install software I’m not supposed to, except maybe Opera and Java.

I tried spyware killers of Google and Microsoft. It worked. One day later, the problem reappeared… and in addition they reported (and did not fix) a virus named “Virtumondo”!

The net is full of fixes and people telling stories of hours of work without result. Except the obvious, two “low hanging fruits” emerged:

1. Blocking Virtumondo.com and all popping up sites in %windir%\system32\drivers\etc\hosts

2. Removing write-access to “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify”

That’s it, I don’t feel certain I removed the malware, but this is all I have time for, if the thing reappears I guess I’ll ask for a new machine or full reinstall.

Tomorrow will be better.

How Data Science Is Revolutionising Our Social Visibility

Is Data-Driven App Development a Viable Business Model During the Pandemic?

Forbes Council’s Big Data Marketing Notes Ring True During COVID-19

Spanish Researchers Illustrate Importance Of Data Solutions In Customer Management

The Exceedingly Prominent Role of Big Data Today

How Data Science Is Revolutionising Our Social Visibility

Is Data-Driven App Development a Viable Business Model During the Pandemic?

Forbes Council’s Big Data Marketing Notes Ring True During COVID-19

Spanish Researchers Illustrate Importance Of Data Solutions In Customer Management

The Exceedingly Prominent Role of Big Data Today

Virtumondo – virus hunt

How Data Science Is Revolutionising Our Social Visibility

7 Advantages of Using Encryption Technology for Data Protection

5 Things to Consider When Choosing the Right Cloud Storage

How AI is Changing the Future of Web Design

How to Analyze the True Effectiveness of Your Website

Call Center Improvement Strategies that Work: 4 Ways to use Data And Win