Iframe virus wininit.exe suspected

By nismo91
Jul 17, 2009
  1. well all, since my previous post were not popular. i did reformat my comp and it is still appearing. although i sent all my data to ext hdd and cleanup everything.

    i suspect my backup data was infected but i couldnt find any of it. im so frustrated any html file i face will be infected with jl.chura.pl sh*t

    so i decided to do tips and tricks, found out that usually, after vista UAC asking, allow or cancel, the virus will come out in C:\windows\temp as a .tmp.mdmp file

    my avast will detect and delete it but i dont know where is the source

    so i decided to turn on process monitor from the damn sysinternals and found out, after some tricks, the .mdmp did not comes out (omg its so clever) and the another virus comes instead. it was created by wininit.exe

    further trying, no luck. cant seem to get the root of the .tmp.mdmp file.. anyone please? im tired after deleting some of my data and reformat but its still here. HELP!
  2. nismo91

    nismo91 TS Evangelist Topic Starter Posts: 930   +33

    okay guys and after i shutdown i got virus in logonui.exe i cannot boot after it auto deleted by avast.

    i did system restore and virus comes again.. this time i check in process monitor, its the werfault that write those file with .tmp , .tmp.hdmp, and .tmp.mdmp files that are infected with iframe... anyone????
  3. nismo91

    nismo91 TS Evangelist Topic Starter Posts: 930   +33

    also i forget... it always comes with com surrogate has stopped working.. i think the virus is working on it itself.. or maybe it isnt a virus... (cause my mozilla no longer infected) but still, avast detect it as a virus (database 17./07/09)
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...