problem in removing win32/adware.vitumonde.NBH (maybe)

Hello,
I encounter a problem and need help. My system infected with some trojans and I tried to remove them with nod32, but it didn't!!

next I use eset sysinspector and located two dll files and a egistry key: opnnn.dll and jkkjabca.dll (they seem to be from Win32/Adware.Virtumonde.NBH ). They could not be deleted within windows because they were used by processes. Then I entered ubuntu and delete these two DLLs and after returring to windows I delete the registry key.

I worked with it some minutes to see if there is any error message and signs of virus and other things and actually there was no problem with system.

After I restart my computer I noticed that all user accounts and built-in administrator now require passwords!!!

I am still challenging with it and can not enter any user account.

Is this problem because of deleting these two files?

Any idea?

 

You should be able to remove them using Undll.

 

Actually I couldn't login to windows because all accounts have now password . So I decided to reformat again (a very straight solution) .

I found on another computer the same virus and trojan behaviour . So before manualy deleting files I first run sysinspector and found these files:
ljjDtuSR.dll
mljDsspf.dll
neaotkjd.dll
HDBHO.dll

then I run undll that you linked and this program remove them and clean the registry. after restart there was (and now is) problem.

Thanks for your help.

 

In the Netherlands they produced a new removal tool called Spicy Leboratory

Spicy Lemon = NOD32 Netherlands, you can use it to remove your virus.

(You must enter your name + e-mail adress, NOD32 the Netherlands wont spam you with ads. they want your email adress to add it to the "whitelist".)