New malware

anything I don't mind · 7 Nov 2014 at 22:38

I removed this malware from a work laptop today, it was malware protection 360.

It created a process that intercepted ssl certicates and swapped them out with a remote fiddler proxy. Fiddler is a http sniffer. Essentially hijacking all logins that occur during ssl sessions.

bigjonnyauk · 8 Nov 2014 at 10:56

how did you get rid of it and does the usual software like malware bytes detect it ?

purplesky · 8 Nov 2014 at 11:03

It sounds like a good one.
I collect viruses and malware. Could I have a copy for my collection please?

V F · 8 Nov 2014 at 12:05

purplesky said:
It sounds like a good one.
I collect viruses and malware. Could I have a copy for my collection please?

anything I don't mind · 8 Nov 2014 at 13:07

bigjonnyauk said:
how did you get rid of it and does the usual software like malware bytes detect it ?

Ran rkill then combofix. I ran adwcleaner first and that did not remove it. Sophos was installed.

opethdisciple · 8 Nov 2014 at 15:54

V F said:

gpuerrilla · 8 Nov 2014 at 16:47

Interesting, so sophos does not spot it then, or was it just not updated by the user and ran?