Computers are dropping like flies. I’ve seen too many dead and dying computers taken down by malware in the last few weeks.
Almost all of the bad stuff lately is a variation on the same theme. You haven’t been paying attention and your computer does not have security updates for Windows or Flash or Java. You’re led to a web site that exploits some security issue and installs software on your computer. Frequently it’s able to do that without any action by you at all; sometimes it fools you into clicking OK on some button.
Suddenly an unexpected screen opens that resembles the security center in Windows, claiming that you have viruses and it’s going to do a scan. A thermometer moves across the screen; a list of bad-looking stuff fills in. Balloons start popping up by the clock about what a dangerous position you’re in. Perhaps your wallpaper disappears and is replaced by an ominous warning.
It’s all phony. The thermometer and list are a piece of artwork crafted by criminals. If you’re lucky, all they want is a credit card number. They’ll claim that you’re buying antivirus software to “remove the infection.” They’re not. They’re taking your money and your credit card number. If you give it to them, you’re probably about to have some very unpleasant conversations with your bank.
There are dozens of names that you might see onscreen – Antivirus 2009, Spyware Protect 2009, many more. Here’s an analysis of one of them from last year.
Once malware gets on your computer, it can be very difficult or impossible to remove it. Your security software may not be able to remove it (it didn’t stop it in the first place, right?), and the effectiveness of the free online scans is wildly variable.
Recently I’ve begun using free software from MalwareBytes to scan systems that have gotten something on them. It has been remarkably successful! I’ve been able to clean systems that had resisted other cleanup attempts. I knew MalwareBytes had a good reputation on many of the forums trading security information, and now it’s going to be the first thing I reach for when I deal with infected computers. I haven’t tried the paid version and I don’t have any plans to install it as the primary security software on client computers, but I’m impressed with what it can do to remove bad stuff once it gets on.
So here’s what I can’t figure out.
Why? Why is MalwareBytes significantly more successful at cleaning malware than other products right now?
I’m going to be watching for something that answers that question, because right now I’m baffled. The security companies are engaged in fierce battles to be recognized as the most effective, with lots of smart people working constantly to improve their products.
Why is MalwareBytes so much more effective at the moment? What am I missing?
OBLIGATORY WARNING: Please read my tips for safe computing and don’t get malware on your system! Stay up to date, and be careful out there!
I also have had great success with MalwareBytes… Another one that seems to work for me just as well (better?) is SUPERAntiSpyware. Give it a try sometime!
If neither of the above two solve my immediate problems, running ComboFix first and then one or both of those did the trick.