Tuesday, October 27, 2009

Bastard Virus Writers!

My kid's computer got a virus today that was nasty enough to delete the anti-virus program MalwareBytes from your computer. Even when you tried to re-install, the memory-resident virus would delete the new EXE from your computer in seconds.

This did not deter me. I put a batch file in the
MalwareBytes folder named r.bat that looked like the following:

ren mbam.exe tag.exe
goto 10

Then I ran the batch file. It looped endlessly, trying to rename the
MalwareBytes exe to "tag.exe". Then I re-installed MalwareBytes. My file-renamer got to the file before the virus file-deleter did, and I was left with a renamed MalwareBytes, which worked fine, and got rid of the virus.

Take that!

PS: the capped NL ring game I have been playing is a license to print money, at least at the micro-stakes I'm playing. So many bad players, and such an easy game to play. I am going to try and creep up in levels and see if the players up there are as bad as I've seen down at .10/.25.


Forrest Gump said...

Matt, prolly easier to restart in safe mode once you've identified what's loading into memory. Also, the major AV sites like McAfee have tools you can run to remove nasties from memory and clean up the infected files. I think the tool is called Stinger which is free and often does the job.

matt tag said...

the virus was disallowing safe mode from working!