Wednesday, December 10, 2008

Malware headache

Malware: Short for malicious software, a program or file that is designed to specifically damage or disrupt a system, such as a virus, worm, or a Trojan horse.

At some point on the weekend, my son installed malware on his PC. It seems to have come from one of those fake pop up "your infected" ads, advising the user that they need to install a virus scanner update or registry cleaner.

I run the free version of AVG Free Anti-virus on all our PCs and, for the most part, they've been protected well enough. This sucker got past it.

A few of the symptoms were:
  • being redirected, at random, to other sites while surfing the web
  • pop-ups advising you that there's a problem you need to address with an update
  • general sluggishness of the PC
AVG did identify the trojan as the "Vundo.bz trojan" and attempted to clean it. Yet, after rebooting, it would reappear. I'd scan it again, clean it again, reboot... and it would be back every time.

After 4 hours of trying to clean it using AVG and manually deleting what didn't seem like it belonged, I did a search on one of the pop-ups. One that told me to install "Registry Defender".

I came across a forum posting where someone had a similar problem, and the suggestions were to install a freeware program called Malwarebytes Anti-Malware.

I gave it a try. Although it probably wasn't necessary, I decided to reboot into Safemode first before running it. It found 36 infected areas. Files and registry entries.

I let it do its thing and rebooted. Then I scanned it again. It found 4 more entries. Again, cleaned, rebooted. Another 4 found. Repeat. 2 more. Repeat. Clean. Reboot. Still clean.

Don't put all your trust in your anti-virus software.
Reblog this post [with Zemanta]

No comments:

Post a Comment