Avast WEBforum

Other => Viruses and worms => Topic started by: jvsvieira on June 29, 2009, 03:42:18 AM

Title: Worm/Trojan http://www_getwindowinfo/
Post by: jvsvieira on June 29, 2009, 03:42:18 AM
When I finish my Internet Explorer, always open a new window with the adress http://www_getwindowinfo/ . What can I remove this problem?
Title: Re: Worm/Trojan http://www_getwindowinfo/
Post by: Spiritsongs on June 29, 2009, 04:04:45 AM
 :)  Hi :

 Would be wise for you to give us some Info about your computer, like the
 Name(s) of the security program(s), Name(s) of your browser(s), etc .
Title: Re: Worm/Trojan http://www_getwindowinfo/
Post by: jvsvieira on June 29, 2009, 04:17:52 AM
It's AMD Turion X2, Windows Vista, Internet Explorer 7. I use Avast Home Edition 4.8, Spyboot. Anymore?
Title: Re: Worm/Trojan http://www_getwindowinfo/
Post by: fireforce on June 29, 2009, 05:34:12 AM
Run a bootscan of Avast and run MalwareBytes AntiMalware. That should nail it to the wall for good.

This it? http://www.siteadvisor.com/sites/getwindowinfo.com
Title: Re: Worm/Trojan http://www_getwindowinfo/
Post by: jvsvieira on June 30, 2009, 01:55:21 AM
The process indicated don´t resolve. I found some thing about this.
I run that following steps:
The problem was here
C:\WINDOWS\system32\orgut.exe (Trojan.ORGUT.Process)

Run the commands:

cmd /c del /q /f /A C:\WINDOWS\system32\orgut.exe, press enter
cmd /c del /q /f /A /S C:\WINDOWS\temp\*.*  press enter
cmd /c del /q /f /A /S C:\WINDOWS\prefetch\*.* press enter

If it dont´t eliminate try run this in secure mode.
Title: Re: Worm/Trojan http://www_getwindowinfo/
Post by: Mr.Agent on June 30, 2009, 02:13:19 AM
Also upgrade your IE for the new one like the Internet Explorer 8 for its be more safe to browse the internet.
Title: Re: Worm/Trojan http://www_getwindowinfo/
Post by: Tarq57 on June 30, 2009, 02:25:27 AM
Any chance of seeing the MBAM scan report, please.

If MBAM found this file, (or if it does when you next scan), and you select "remove selected", it may ask for a reboot to remove the infected file. If so, please reboot promptly.