You are here: Home > Photo’s From The Field – Rootkits, Trojans and Virut … Fun Fun.

Photo’s From The Field – Rootkits, Trojans and Virut … Fun Fun.

Tonight I went to visit a new client (a referral…love those :) ) who seamed to have every piece of horrible malware known to man yet the laptop was fairly functional!  Anyway I thought I’d treat everyone to a few pictures.

Oh…did I clean this laptop?  I will, and it’ll be fun!

rootkits-and-trojans
SuperAntiSpyware Doing It’s Job Well
virut
Dr. Web Antivirus Finding and Cleaning Virut

The Typical View - Me and the Malware
The Typical View – Me and the Malware


, , , ,

  • Johan

    HAHAHA “!WoW!” to say at least!

    That wasen’t little malware that person got on that laptop.

    Just wondering > diden’t the person run ANY antimalware product on that laptop at all?

    And thanks for posting this Matt, do this more often please it’s quite interesting !-)

  • alexandrojv

    wow, you really should do this more often, what was the total found? You should keep a record of the most malware found on a computer before it crashes.

  • http://starboykb.blogspot.com Starboykb

    Hello, this is my first visit to this site and glad someone is also encounter such virut virus. im not sure what kind of Virut you encounter. Once you connect to the internet, the virus will eventually come back to life and continue the same infection.

    i have no idea how to solved this and i use different type of cleaning to tried fixed it. still not luck these days and in the end i have to do reformatting.

  • http://starboykb.blogspot.com Starboykb

    I forget, I also used free Dr web Cure and it did not fix the issue and i believe your customer will still get infection once it connect to the internet and starts download the Virut back.

    i believe the virut change the network setting because i also check the incoming download is directly from Russia and Germany which is the Virut origin.

  • Jimmy James

    Lemme guess, he (or she) had AVG

  • Jimmy James

    The main problem with malware nowadays I think is zero-day rootkits. You get infected although your AV says your clean, and then all your security aps are disabled, so everything else bad on the net gets downloaded…

  • http://evgeny1996catwin.spaces.live.com/default.aspx evgeny

    hey Matt nice laptop

  • ryan

    sas ftw it will catch any thing! if you knwo how to send the reports to the superantispyware lab on there web site!

  • atanos

    Nice :D

    Well, good luck with Virut, I just hope that “cured” exe’s will work correctly after that :)

    But yeah, it would be nice to see these kind of pictures & stories more often, these are quite interresting to watch ;)

  • http://www.youtube.com/computerhelpguy1 ComputerHelpGuy1

    Nice! I need to make a new infected VM…

  • ryan

    i had to clean a rouge security software off my friends computer system security updated it self and now when you try to open your anti virus it will click out of it so you have no acses to any thing! it shuts down your internet conections and will it will not let you touch any thing that will remove the software.! very bad to have on your computer if you cant even open your anti virus!

  • alexandrojv

    @ryan you might want to use a bootable cd in order to remove the infections

  • ryan

    acutally the rouge for got to load some how and i was able to remove with superantispyware!

  • malwaredestroyer

    OMG. What did he done. He did not have any antivirus or firewall and went to xxx sites every hour :D !!!

  • malwarekilla

    @everyone – Thanks guys! It seams like everyone loves this type of stuff (including me). I upload more photos tonight.

  • http://www.youtube.com/Darkspy946 Darkspy73

    omg 0_o…
    Virut, Vundo, Agents and Downloaders?

    eeeeeekkkkkk…

  • elliotcroft

    @Matt There is more!?

  • eu

    Seem from your pictures like you are not cleaning the computer by booting it into safe mode. I allway do. Any reason for not bother with safe mode?

  • Custer

    Dang, you guys can’t afford a proper screen capture utility?
    You have to resort to taking pictures of the screen?

    PFFFFFFTT!

  • Jimmy James

    @eu:

    Even in Safe Mode virut infections cannot be removed/cured, the only way to do it is when none of the executables on the infected system are running, so either use a boot cd like Matt, or if you have one you can hook the hard drive up to another pc and scan it from there.

  • eu – Norway

    Thanks! I have never come accross virut – I’ll keep it in mind.


Remove-Malware Traffic Stats