You are here: Home > Announcements
Archive | Announcements RSS feed for this section

Antivirus Removal Videos for 2012

It’s the middle of the Antivirus 2012 calendar.  2012 AV apps have been out for about 6 months now and have had their rounds of bugfixes and service packs.  It’s time to see if their detection and removal capabilities have improved  for 2012.

I’m setting up my infected VM right now.  It’s got all kinds of goodies on it  :twisted:  

The scenario of these tests:

  • The “imaginary” owner of this computer has an expired antivirus
  • The owner may or may not be fully patched with windows updates
  • The owner let’s another person use their computer for a few days
  • The owner of the PC finds the PC almost unusable (since it’s so infected) after their PC was used by another person.
  • The owner goes to their local store, buys an anti-virus application to remove the infections and try’s to get their pc running like it was prior to infection.
  • …this is pretty much the story I get at least once a week from a client.

Goals:

  • Get the PC running to a usable state and as malware free as possible using only the antivirus the “customer bought”.

Malware Installed:

  • Zeus v2 Trojan
  • Sinowal Trojan
  • Cridex Trojan
  • Fake AV
  • Banker Trojan
  • Rootkit Zero-Access
  • ….excessive much…well…yes

Verification:

  • Combofix – (look at files created in the last X days)
  • Bootable Scans - (did they find anything)
  • Malwarebytes – (did it find anything)

I’m sure I’ve got more to add…I’ll do it tomorrow…



Read full story · Comments { 2 }

Forum Work Completed

Thanks!  The forum changes I needed to make are completed.  Enjoy!

Read full story · Comments { 1 }

Remove-Malware Traffic Stats