| Author |
Message |
EMDY
Newbie
Joined: 18 Feb 2006
Posts: 43
|
 Posted: Thu Aug 31, 2006 4:26 pm Post subject: cant uninstall THEMIDA....help!! |
 |
|
| i dont know how did the THEMIDA security or something sofware got into my pc...the thing is that everytime i reboot it appears in a window, i cant find how to unistall from the add/remove programs menu.....any help??? i even got into the web site of the soft..but got no luck.... |
|
| Back to top |
|
 |
SirQUK
Webmaster
Joined: 20 Sep 2002
Posts: 2732
Location: Locked in the CDR-Zone basement
|
| Posted: Thu Aug 31, 2006 5:27 pm Post subject: |
|
|
| It looks like you have downlaoded a software protected by themida http://forums.torrentportal.com/fpost36505.html#36505 Will give you some clues. I would do as suggested and look for anything u have installed recently! |
|
| Back to top |
|
|
Arron
Newbie
Joined: 04 Sep 2006
Posts: 1
|
| Posted: Mon Sep 04, 2006 11:20 am Post subject: FOUND A WAY TO DELETE THE THEMIDA WELCOME SCREEN. |
|
|
| IN ORDER TO DELETE THE MESSAGE WHEN YOU LOG ON INTO WINDOWS XP, is to find the name. When logging on click the welcome splash of that Themida once to quit the first bit but dont click it twice(there are two splashs exactly the same). Press alt-control-del to open up that window and there should be a process named 'VMEDIA'. Close it to close the welcome screen. If it the welcome splash screen dissappears you know you've got the right one. Go to windows search by clicking the start button then search is to the right hand side and search 'VMEDIA'. It should detect about 7 files but 3 of them are the virus. They are embedded in system32 folder. Delete the files that have the exact letters 'VMEDIA' in that order, in them. One is an application, one is a file and one is some other crap. To test log off then log back in. This worked for me and I hope it does for you. |
|
| Back to top |
|
|
EMDY
Newbie
Joined: 18 Feb 2006
Posts: 43
|
| Posted: Mon Sep 04, 2006 6:33 pm Post subject: |
|
|
yes...ti did work.....thank you very much......  |
|
| Back to top |
|
|
guitarrocker
Newbie
Joined: 17 Sep 2006
Posts: 20
Location: England
|
| Posted: Sun Sep 17, 2006 10:33 pm Post subject: resolved same problem |
|
|
| as i googled uninstalling themida and got this, to help other people i will amend what was different for me. do the same as the other guy suggests but i believe it isn't called "VMEDIA" in fact its called "WMEDIA" i searched and searched but couldn't find VMEDIA and once running task manager when the splash came up, i discovered it was infact called WMEDIA and then persisted in searching for it and deleting the files. PLEASE NOTE: have half a brain and restart your system as soon as you wipe the WMEDIA files off your computer. hope that helps any confusion |
|
| Back to top |
|
|
SirQUK
Webmaster
Joined: 20 Sep 2002
Posts: 2732
Location: Locked in the CDR-Zone basement
|
| Posted: Mon Sep 18, 2006 12:09 am Post subject: |
|
|
| Thanks to all users for their suggestions in getting rid of this very annoying piece of c**p. |
|
| Back to top |
|
|
Cryfcad
Newbie
Joined: 17 Oct 2006
Posts: 1
|
| Posted: Tue Oct 17, 2006 5:48 am Post subject: |
|
|
| So for me it was called server.exe and it was located directly in :\Windows\ folder.. wish you all good luck removing this MF virus. |
|
| Back to top |
|
|
onlyjuhi
Newbie
Joined: 18 Oct 2006
Posts: 1
|
| Posted: Wed Oct 18, 2006 9:18 am Post subject: |
|
|
| hi got the same themida c..p on my computer for some reason i have 5 instances of it running and it disables alt+ctrl+del i tried loggin into safe mode but there do when i manage to get into task manager it does not show themida running and i tried searching for vmedia or wmedia still not able to find the infected file someone pls help ty |
|
| Back to top |
|
|
snozzer
Newbie
Joined: 28 Oct 2006
Posts: 1
|
| Posted: Sat Oct 28, 2006 11:52 am Post subject: |
|
|
| different again for me.. file was scvhost.exe in C:\Windows\ could only delete in safe mode, deleted file, rebooted and all is good. wot a bugger! |
|
| Back to top |
|
|
chicagoSteve
Newbie
Joined: 12 Jan 2007
Posts: 1
|
| Posted: Fri Jan 12, 2007 6:29 pm Post subject: |
|
|
| The name of the service was different for me as well - sys32hx.exe. Just delete the files and reboot. |
|
| Back to top |
|
|
SirQUK
Webmaster
Joined: 20 Sep 2002
Posts: 2732
Location: Locked in the CDR-Zone basement
|
| Posted: Fri Jan 12, 2007 8:47 pm Post subject: |
|
|
| I really hope all of this information in this thread can help users who have been infected. Please keep posting any alterations to this mf u find! |
|
| Back to top |
|
|
Wakefield
Newbie
Joined: 18 Feb 2007
Posts: 1
Location: virtually
|
|
| Back to top |
|
|
silkykameron
Newbie
Joined: 10 Sep 2007
Posts: 1
Location: Newbiggin by the sea, Northumberland
|
| Posted: Mon Sep 10, 2007 7:02 pm Post subject: update on this blested virus of sorts |
|
|
hi everybody just thought i would mention that i got this problem also when i tried to download some phone software. anyway not to babble.
when doing a search for names that this software may be under it also comes under the name of himma or hima.
thats all
SilkyKameron |
|
| Back to top |
|
|
CDR-Zone.COM
Advertisement Bot
 
|
 Posted: Post subject: Advertisement: |
|
|
|
|
|
| Back to top |
|
|
|
FAQ 
Search 
Memberlist 
Usergroups
Register
Profile 
Log in to check your private messages 
Log in 
