Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware.virtumonde....blah Blah Blah


  • Please log in to reply
3 replies to this topic

#1 inkybuz

inkybuz

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:01 AM

Posted 11 August 2007 - 05:09 AM

Hello.

Let me start out by saying, I clicked on the thing that says, " Do you have popups or other malware infecting your computer? If so, Start Here!" with the X next to it. Well anyways, when I went to do the Ad-Aware thingy my computer froze. I clicked on the link a total of 4 times and it keeps freezing. As my computer does with some other Anti-Spyware sites.

And I am sorry, but I havn't the slightest clue about computers and stuff.

Anyways, to my problem:

I bought this laptop from someone. So I don't know if this is why they sold it to me cheap.

I have Microsoft Windows XP on my laptop.

I have Norton 360. I ran a scan and it told me that there is Adware.VirtuMonde in it. Noton says I have to manually get rid of it, and it doesn't tell me how. (I added Norton 360 when I recieved it and when then realized the computer was being strange. It did not have any virus protection when I first recieved it.)
----------------------------------

Some files that are in the Adware.VirtuMonde is as follows:
AFFECTED AREAS:
69 Registry Entries (they all start with these 3 things)
--HKEY_USERS
--HKEY_CLASSES ROOT
--HKEY_LOCAL_MACHINE
2 files
--c:\WINDOWS\system32\vtuuusq
--C:\Documents and Settings\Kim\Local Settings\Temp\sporder.dll
1 Browser Cache
--doesn't mention anything.

(To let you know, I have no clue what this means)
-----------------------------------------------------------------------

I went to the Control Panel and to Add/Remove programs to see if anything unusual was in there. Nothing was.
I went to Search and types vtuuusq. I clicked on it and the computer said,
"You are trying to open a file of type 'Application Extention' (.dll)
These files are used by the operating system and used by various programs. Editing or modifying them could damage your system..."
Thing is, I have no clue what that means. Should I delete it or leave it? What does it have to do with the Adware? If I delete it, will it wreck my computer?
----------------------------

Now, I also have these pop-ups:
ErrorProtector--tells me I have System Errors and to download their product.
PCSecuritySheild-tells me I have System Errors and to download their product.
WINantivirus--Tells me I have System Errors and to download their product.Will Redirect my current page if I exit the pop-up.
Ameana.com Internet Security Center--Another WINAantivirus thing. Will Redirect my current page if I exit the pop-up.
Advertisers Reward Network--A bleepty advertiser.
Drivecleaner--free download to delete sensitive files.
Broadcaster.com--some video site.
a1.interclick (www.layouthits)--a site to buy things.
affiliates.copeac--advertiser.
login.tracking101--advertiser.
Megapromotionsgroup--advertiser.
nbjup.com--advertiser.
sb.phc--advertiser.
just to name a few...

I assume these are part of the Adware.VirtuMonde.
-------------------------------------------------------------

Since Norton 360 didn't tell me how to rid of this Adware, I need help.
I feel I may be computer illiterate.
The only thing I know how to do is to press the SCAN button on Norton 360, haha.
-----------------------------------------------------------------

So anyways, to some other questions:

How do I get rid of this Adware.VirtuMonde?
Is it the thing that is giving me all these strange pop-ups?
Is it also making my computer freeze when I visit some anti-spyware sites?
Will my laptop be fine?
Is this something that will be easy to rid of? And if so, how?

----------------------------------------

Thank you for your time, and I am sorry if I am too computer illiterate to figure this out.
I am also sorry if it was a long read. I tried to explain everything the best I could.
Thank you for your time, and I hope I get some responds soon.

--Ink

Edited by inkybuz, 11 August 2007 - 05:10 AM.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:01 PM

Posted 11 August 2007 - 05:22 AM

Here is a good place to start:

How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo.

Also, you say you haven't the slightest clue about computers. I suggest that you learn the basics about computer security. It's not as difficult as you might think and will probably save you a lot of headaches in the future.

How did I get infected?, With steps so it does not happen again!
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:01 AM

Posted 11 August 2007 - 05:54 AM

After using the Vundo tools that Budapest suggested, follow the instructions below.
Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 inkybuz

inkybuz
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:01 AM

Posted 11 August 2007 - 11:20 PM

Hey,
Thanks alot. That helped me out a bunch. Sorry for my computer illiteracy. haha. Thank you again for your help. It worked! :thumbsup:

--Ink




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users