Tuesday, March 9, 2010

malware removal tools

The fakealert malware viruses are everywhere. I've managed to rid most of them with just two tools:

rkill - to terminate the running processes
Malwarebytes - to remove the infections

For just about every fakealert virus, I put rkill.com and mbam.exe (links above) on a flash drive and then run rkill.com on the infected computer. Then I run Malwarebytes full scan and then remove whatever it suggests.


The other day, I came across a machine with different symptoms - just in time debugging kept coming up over and over again. I fixed it with combofix, but here's also another suggested tool that I didn't have to use:

Dr. Web CureIt

So far, I've fixed every infection I've found using some combination of these tools. I wonder when the antivirus vendors will ever get a hold on this. It's been over a year that these types of viruses have been in the wild.

No comments: