Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

win32/Virtumonde.Adware


  • Please log in to reply
1 reply to this topic

#1 Borko5

Borko5

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:13 PM

Posted 15 January 2009 - 05:28 AM

First of all to say hi :thumbsup:

I've accidentally came across your site in order to find out what is happening with my PC. I've seen you guys really helped some of the people, I decided to register and ask for your opinion.

Yesterday I reinstalled my Windows XP SP2 cause after downloading an update from Microsoft I got error user32.dll not found, tried fixing it and stuff like that. Didn't work... Oh well, I reinstalled XP, and I swear to you guys it didn't pass like 20 minutes, I got those pop up to install AV 2009 -.- Bummer :/ And I only went to check mail on IE and download Firefox and Opera...Bah, what a bummer. I'm introduced with that rogue AV software, so of course I didn't install it. But the problem that occurred is that my nod32 founded D:\WINDOWS\system32\geBstsSi.dll is infected with win32/Virtumonde.Adware application... Ok I tried manually removing it no luck, went in safe mode, no luck too. It has occupied winlogon.exe :/

S&D Spybot, found like 10 registry entries and I selected fix and it required for me to restart my PC and run scan again, which I did, but same errors occur. So basically it's in my operating memory, I can't delete id manually, tried with S&D, Nod32 (which keeps sending me pop-ups that file is in infected), my IE sometimes redirects me to that AV 2009 site. What really make me angry is that, I had my last system for like year and a half, without any viruses, and all of a sudden I have some adware making mess out of my computer :/

So what can I do?

Thanks in advance,
Borko

EDIT

First steps I've taken:
Combofix
Hijackthis (no success removing entries)
Malware byte( Helped me 100% with a problem)

But one more question, can someone take a look at my HT log? There is something in there that is bugging me...

Edited by Borko5, 15 January 2009 - 05:46 AM.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:13 PM

Posted 15 January 2009 - 05:24 PM

Please update Malwarebytes, run a Quick Scan and post the log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users