Remove-Malware.com

Tag Archives | anti-virus software

Malware Status for Summer 09 – Notes To Self

My malware removal business has exploded this month. More and more people are getting infected with Rogue anti-virus software and components that prevent you from removing the rogue anti-virus applications.

Infections vary from trivial, easy to remove malware all the way up to sophisticated infections that demand a bootdisc (or an OS re-install).

Computers that are easiest to clean are 64 bit versions of Vista. Why? Rootkits cannot patch the Vista x64 kernal and therefore do not work. This makes applications like antivirus and antimalware extremely effective against malware.

Computers that are the hardest to clean are Windows XP and Vista 32. Why? Rootkits disable the current antivirus and download copious amounts of other malware. Most of the time combofix will remove these rootkits (UAC Rootkits and Skynet Rootkits) however sometimes a bootable anti-malware disc is the only way to clean their PC onsite.

If an appointment starts to run over an hour I’ll take the computer with me for extensive, automatic cleaning or in some extreme cases I’ll have to reinstall the OS.

USB Malware: INF/autorun prevention and removal

INF/autorun is USB malware (aka – a USB virus) that is automatically installed to your PC via an autorun.inf file. Since USB drives are so popular these days most of the new malware released also copies itself to the USB flash drive and waits to travel to a new PC.

The USB malware threat is somewhat overblown. Most antivirus programs can easily detect and clean USB flash drive viruses as long as the anti-virus software is up to date, however as we all know, not everyone runs anti-virus or keeps it up to date.

For more prevention, consider running a Host Intrusion Detection program along with your anti-virus (like Threatfire). HIT programs can easily prevent USB viruses from auto-installing and HIT doesn’t need to be updated as much as anti-virus software.

I personally have come into contact with a USB virus (from my wife ) and it was easily killed via Kaspersky.