Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Just had to share this infected gem


13 Apr 2010   #1

Windows 7 64x
 
 
Just had to share this infected gem

I work for an ISP and deal with all sorts of issues when people run into internet connectivity issues. I run into malware issues quite often but ones like this machine shown below never cease to amaze me. This was a scan in progress with Superantispyware. Please keep in mind that this was not the first we have helped this individual clean their machine. This machine has Avast and Malwarebytes installed. This goes to prove that the most valuable security tool is the user.



Attached Images
 
My System SpecsSystem Spec
.

13 Apr 2010   #2

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium SP1, clean install, upgrade disc
 
 

TY for sharing and of course, I agree 100%. Just a little common sense goes a long way.
Stay away from the alluring sites, that we know have a virus for all visitors.
My System SpecsSystem Spec
13 Apr 2010   #3

Windows 7 Ultimate 32-bit Version 6.1 (build 7600.16385)
 
 

I believe that client regularly visit adult sites...
My System SpecsSystem Spec
.


13 Apr 2010   #4

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by alwinwinjoe View Post
I believe that client regularly visit adult sites...
Worse... Facebook. From just a glance without looking each one up I'd say it's Facebook and maybe some free games. I'm guessing they got a lot of those "Your infected install our A/V" type pop-ups. I doubt any of this was of any significant threat. I work tech support for an ISP myself and I've seen far worse.
My System SpecsSystem Spec
13 Apr 2010   #5

Windows 7 64x
 
 

Quote   Quote: Originally Posted by DigitalDeviant View Post
Quote   Quote: Originally Posted by alwinwinjoe View Post
I believe that client regularly visit adult sites...
Worse... Facebook. From just a glance without looking each one up I'd say it's Facebook and maybe some free games. I'm guessing they got a lot of those "Your infected install our A/V" type pop-ups. I doubt any of this was of any significant threat. I work tech support for an ISP myself and I've seen far worse.
You are right. I have seen machine much worse myself. There's nothing like logging into a machine to see that 50% of the browser window is covered with tool/search bars.
My System SpecsSystem Spec
14 Apr 2010   #6

Windows 7 & Windows Vista Ultimate
 
 

Setting the rogue showings aside and safe/unsafe surfing habits, with the Vundo variants in that image, I would look at Java to make sure the old, vulnerable versions are uninstalled. Even if the most current version is installed, if the old version remains on the computer, the computer is vulnerable to Virtumundo.
My System SpecsSystem Spec
14 Apr 2010   #7

Win7 Home Premium 64x
 
 

lol I have seen all these except the first one listed. I haven't seen Vundo in a while though. there is a specific program to get rid of Vundo called Vundofix. you can find it here. If the infection comes back use this: |MG| VundoFix 7.00 Download

Also, I have seen many replies on this forum that suggest MSE instead of Avast. that might help this character not be infected as much.
My System SpecsSystem Spec
14 Apr 2010   #8

Windows 7 64x
 
 

Quote   Quote: Originally Posted by Corrine View Post
Setting the rogue showings aside and safe/unsafe surfing habits, with the Vundo variants in that image, I would look at Java to make sure the old, vulnerable versions are uninstalled. Even if the most current version is installed, if the old version remains on the computer, the computer is vulnerable to Virtumundo.
That could be the issue now that you say that. I keep getting unrecognized windows command when I tried to use ping or ipconfig. The system path in Advanced Settings was hosed and the file path was pointing to the Java program folder. I had to change it back to c:\windows\system32 to so that commands would work.


Attached Images
 
My System SpecsSystem Spec
14 Apr 2010   #9

Windows 7 Ultimate 32 bit
 
 

That is an untrained, ignorant user.
My System SpecsSystem Spec
14 Apr 2010   #10

Windows 7 & Windows Vista Ultimate
 
 

Quote   Quote: Originally Posted by Thorsen View Post
lol I have seen all these except the first one listed. I haven't seen Vundo in a while though. there is a specific program to get rid of Vundo called Vundofix. you can find it here. If the infection comes back use this: |MG| VundoFix 7.00 Download
FYI, Atri hasn't updated Vundofix in a long time -- probably since he started working for Lavasoft, which he has since left to work for Prevx.

Best course of action is uninstalling all old versions of Java and installing the latest version (although it too has issues -- see Serious New Java Flaw Affects All Versions of Windows) and scanning with MBAM.
My System SpecsSystem Spec
Reply

 Just had to share this infected gem




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:42 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33