Malware Customer Call - Notes from a real appointment
If you’re new here, you may want to subscribe to my RSS feed. Thanks for visiting!Ms Hager: “Hi Matt, my computer is giving me a little fit…I don’t know what my husband has been doing”
Matt: “What’cha got going on?”
Ms Hager: “Well, when I turn the computer on I either get a blank desktop or a [...]
SAS Version: 4.22.1014 - Released
SuperAntiSpyware 4.22 was released this week and I’ll be testing the pro version against some new threats (threats found in the wild as of this week).
Malwarebytes Full - Review Coming This Weekend
I’d like to thank Marcin over at Malwarebytes.org for giving me a copy of Malwarebytes Full for my test this weekend. I’m currently loading it right now and should have a review out by tomorrow (not sure what time).
Speaking of Malwarebytes…I’m going to do another review of Malwarebytes Full and SuperAntiSpyware Pro running at the [...]
SuperAntiSpyware Pro Revisted - A MiniTest
I’m always testing and retesting every month to make sure my method of malware removal is “100% solid”. I thought I’d record this months test of SuperAntiSpyware Pro and share it with everyone. The test goes like this:
Install SAS Pro.
Update It
Reboot Into safemode
Run a full scan
Remove anything found
Reboot
Install MBAM
Update MBAM
Run a full MBAM scan
Remove anything [...]
Comodo Internet Security SAS Log
Here is what Comodo Internet Security 3.5 missed (according to SuperAntiSpyware).
Download the CIS-SAS Log
The only particular item that caught my immediate attention was that
Trojan.Mezzia/Resident
C:\WINDOWS\SYSTEM32\WINGVD32.DLL
C:\WINDOWS\SYSTEM32\WINGVD32.DLL
was still resident and active…although you’d never know it really. The PC ran perfectly normal and continues to do so.
My Current Malware Removal And Detection Techniques
I thought I’d share my current malware detection and removal techiques for my infected St. Louis clients.
0 - 10 minutes:
1. Delete Temp Files with EzPCFix (drastically decreases my scan time).
10 - 30 minutes:
1. Reboot PC in safe mode with networking.
2. Run GMER and disable any rootkits found.
3. Reboot in safe mode with networking
4. Install MalwareBytes. [...]
A-Squared SAS and HiJackThis Logs
Yo Dudes (and A-Squared) here are the SAS and HiJackThis Logs after running an A-Squared Deep Scan and setting runtime protection to maximum
rootkit.tdsserv/fake - A Very Annoying RootKit
I had a really nasty experience last night with a rootkit only because I forgot my bootable antimalware disc. Root.TDSSERV/FAKE (as identified by SuperAntiSpyware) performs 100% search engine query redirection to go.google which then serves up malvertised websites (like info.com).
Once I used my bootable SAS (i had too run home and get my disc) [...]
