Friday, July 25, 2008

Malwarebytes Anti Malware

I fell foul of this particular bit of malware yesterday - Joe called me to say that a download (a new map for Gary's Mod) had scanned fine (by AVG) when it arrived but on running the installer it became evident that it had arrived with a trojan! AVG detected it but was unable to sanitise it. My other favorite antivirus (the open-source ClamAV) was the same. Panda Antivirus (which we're meant to use at work) couldn't even detect it (yet alone stop the infection).
Malewarebytes Anti-Malware was the only thing to touch it.
The Internet today is full of scam sites, otherwise known as phishing sites that try to sell you products. These products can be potentially harmful to your computer. They install malware, provide false feedback about your computer, and can slow down the computer drastically. These products are known as rogue applications and come in a variety of forms - from anti-malware applications to registry cleaners and even hard drive utilities.

However - once removed the machine had been left pretty impotent.
  • In an attempt to stop you running the Microsoft Malicious software removal tool it overwrites the ActiveX engine - try and run any Software Updates without that!
  • It overwrites all of the previous System Restore points. Damn!
  • It drops browser helper objects into both IE and Firefox to ensure that you're seeing their websites forever!
These people are very clever - I'm off to re-pave a WindowsXP machine!

No comments: