Monday, January 18, 2010

Malware removal

I have had the pleasure of removing malware from a few friends computers lately (Windows XP). In the two most recent cases, they were heavily infected with phony antivirus software and alerts. They probably clicked the "you are infected" popups and it escalated from there.

In both cases, I used MalwareBytes to remove the offensive stuff. The free version can do a full scan in a few hours and seems to a solid job of sniffing stuff out and removing it.

 I have found that you have to run the scans several times, both as the administrator and as the actual user to find everything. I just scanned and rebooted repeatedly until I could see no trace of the stuff left.

I think that XP was more prone to these kinds of things than later versions (or than Linux or Mac) because of the permissions. We'll see if the rollout of Windows 7 reduces my friends infections. (I am running Linux, so all I have to worry about is making my system so complicated I can't use it anymore.)

No comments:

Post a Comment