Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Just had to share this infected gem

13 Apr 2010   #1
antharr

Windows 7 64x
 
 
Just had to share this infected gem

I work for an ISP and deal with all sorts of issues when people run into internet connectivity issues. I run into malware issues quite often but ones like this machine shown below never cease to amaze me. This was a scan in progress with Superantispyware. Please keep in mind that this was not the first we have helped this individual clean their machine. This machine has Avast and Malwarebytes installed. This goes to prove that the most valuable security tool is the user.




Attached Images
 
My System SpecsSystem Spec
.

13 Apr 2010   #2
richc46

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium SP1, clean install, upgrade disc
 
 

TY for sharing and of course, I agree 100%. Just a little common sense goes a long way.
Stay away from the alluring sites, that we know have a virus for all visitors.
My System SpecsSystem Spec
13 Apr 2010   #3
alwinwinjoe

Windows 7 Ultimate 32-bit Version 6.1 (build 7600.16385)
 
 

I believe that client regularly visit adult sites...
My System SpecsSystem Spec
.


13 Apr 2010   #4
DigitalDeviant

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by alwinwinjoe View Post
I believe that client regularly visit adult sites...
Worse... Facebook. From just a glance without looking each one up I'd say it's Facebook and maybe some free games. I'm guessing they got a lot of those "Your infected install our A/V" type pop-ups. I doubt any of this was of any significant threat. I work tech support for an ISP myself and I've seen far worse.
My System SpecsSystem Spec
13 Apr 2010   #5
antharr

Windows 7 64x
 
 

Quote   Quote: Originally Posted by DigitalDeviant View Post
Quote   Quote: Originally Posted by alwinwinjoe View Post
I believe that client regularly visit adult sites...
Worse... Facebook. From just a glance without looking each one up I'd say it's Facebook and maybe some free games. I'm guessing they got a lot of those "Your infected install our A/V" type pop-ups. I doubt any of this was of any significant threat. I work tech support for an ISP myself and I've seen far worse.
You are right. I have seen machine much worse myself. There's nothing like logging into a machine to see that 50% of the browser window is covered with tool/search bars.
My System SpecsSystem Spec
14 Apr 2010   #6
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Setting the rogue showings aside and safe/unsafe surfing habits, with the Vundo variants in that image, I would look at Java to make sure the old, vulnerable versions are uninstalled. Even if the most current version is installed, if the old version remains on the computer, the computer is vulnerable to Virtumundo.
My System SpecsSystem Spec
14 Apr 2010   #7
Thorsen

Win7 Home Premium 64x
 
 

lol I have seen all these except the first one listed. I haven't seen Vundo in a while though. there is a specific program to get rid of Vundo called Vundofix. you can find it here. If the infection comes back use this: |MG| VundoFix 7.00 Download

Also, I have seen many replies on this forum that suggest MSE instead of Avast. that might help this character not be infected as much.
My System SpecsSystem Spec
14 Apr 2010   #8
antharr

Windows 7 64x
 
 

Quote   Quote: Originally Posted by Corrine View Post
Setting the rogue showings aside and safe/unsafe surfing habits, with the Vundo variants in that image, I would look at Java to make sure the old, vulnerable versions are uninstalled. Even if the most current version is installed, if the old version remains on the computer, the computer is vulnerable to Virtumundo.
That could be the issue now that you say that. I keep getting unrecognized windows command when I tried to use ping or ipconfig. The system path in Advanced Settings was hosed and the file path was pointing to the Java program folder. I had to change it back to c:\windows\system32 to so that commands would work.


Attached Images
 
My System SpecsSystem Spec
14 Apr 2010   #9
CarlTR6

Windows 7 Ultimate 32 bit
 
 

That is an untrained, ignorant user.
My System SpecsSystem Spec
14 Apr 2010   #10
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Quote   Quote: Originally Posted by Thorsen View Post
lol I have seen all these except the first one listed. I haven't seen Vundo in a while though. there is a specific program to get rid of Vundo called Vundofix. you can find it here. If the infection comes back use this: |MG| VundoFix 7.00 Download
FYI, Atri hasn't updated Vundofix in a long time -- probably since he started working for Lavasoft, which he has since left to work for Prevx.

Best course of action is uninstalling all old versions of Java and installing the latest version (although it too has issues -- see Serious New Java Flaw Affects All Versions of Windows) and scanning with MBAM.
My System SpecsSystem Spec
Reply

 Just had to share this infected gem




Thread Tools





Similar help and support threads
Thread Forum
My PC is infected!
:(I've tried to find these things and delete them. But I have at least two I can't get rid of. One of them is a "PC CLeaner" Another is some problem in ITunes saying its not for my new W-7....but it always was good till this other thing came along. The PC is doing something else when I...
System Security
Samba Share Networkmounting as X,Y,Z works, \\Share\mount not
Dear admins, power users etc. The last 36h hours i spend googling my problem but couldn't get any help to solve this issue. I have multiple Windows 7 machines (32bit and 64 bit) at home. One machine shows my samba share in the network environment and i can access it via double click...
Network & Sharing
Infected?
I'm wondering if I got a virus. I got the death blue screen once, but only once. Things boot fine now. Anyway, later, when I try to run various applications, I get errors for some of them, like this: "The application was unable to start correctly (0x0000005). Click OK to close the application."...
System Security
how do i share a folder on a workgroup without home share?
i've enabled homeshare and now can't seem to turn it off. All users on the workgroup can see all folders in homeshare. Which isn't what i want i just want to share the documents folder and that's it. ive turned off omeshare and they are all sill showing up. I've also right clicked on the documents...
Network & Sharing
Windows Gains Market Share, Mac Loses Market Share.....
Source - Windows Gains Market Share, Mac Loses Market Share, Coincidence? | Windows 7 News
News
Does this look infected? LOL but seriously..
I just did a netstat and saw a few foreign things but I am not sure what windows uses. Proto Local Address Foreign Address State TCP 127.0.0.1:49272 Tino-Laptop:49271 TIME_WAIT TCP 192.168.1.6:445 Tino-Media-PC:50399 ESTABLISHED TCP ...
Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:53.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App