You are here: Home > malware removal
Tag Archives | malware removal

Antivirus Removal Videos for 2012

It’s the middle of the Antivirus 2012 calendar.  2012 AV apps have been out for about 6 months now and have had their rounds of bugfixes and service packs.  It’s time to see if their detection and removal capabilities have improved  for 2012.

I’m setting up my infected VM right now.  It’s got all kinds of goodies on it  :twisted:  

The scenario of these tests:

  • The “imaginary” owner of this computer has an expired antivirus
  • The owner may or may not be fully patched with windows updates
  • The owner let’s another person use their computer for a few days
  • The owner of the PC finds the PC almost unusable (since it’s so infected) after their PC was used by another person.
  • The owner goes to their local store, buys an anti-virus application to remove the infections and try’s to get their pc running like it was prior to infection.
  • …this is pretty much the story I get at least once a week from a client.

Goals:

  • Get the PC running to a usable state and as malware free as possible using only the antivirus the “customer bought”.

Malware Installed:

  • Zeus v2 Trojan
  • Sinowal Trojan
  • Cridex Trojan
  • Fake AV
  • Banker Trojan
  • Rootkit Zero-Access
  • ….excessive much…well…yes

Verification:

  • Combofix – (look at files created in the last X days)
  • Bootable Scans - (did they find anything)
  • Malwarebytes – (did it find anything)

I’m sure I’ve got more to add…I’ll do it tomorrow…



Read full story · Comments { 2 }

AVG Free 2011 Removal Video Is Up Now

Hi Guys!  I just uploaded the AVG Free 2011 Removal test video.  This particular video was made over 3 separate days and centers around a PC that’s so infected it was barely usable (constant 100% CPU usage from trojans).  My current goal with these removal videos is to see if the product being reviewed can return the PC to a functional state, meaning that

  • The PC can boot
  • CPU usage is low (between 5-10%)
  • CPU usage consists of non-malicious processes
  • Able to load Internet Explorer and browse without getting redirected

Did AVG Free 2011 accomplish these goals?  Yes.

Was it perfect?  No, it left behind some malware (I’ll add the log later today).

My conclusion is that while AVG Free 2011 will not detect every bit of malware on an infected PC it can get you back to a functional state so that you can pursue other forms of scanning and removal (like Malwarebytes for example).


Please keep in mind that the only way to make sure you’re PC is ever completely malware free after an infection is to format the hard drive and write a new MBR.

Read full story · Comments { 10 }

Remove-Malware Traffic Stats