Jump to content


Photo

MBAM won't find sedoparking exploit, why not?


  • Please log in to reply
1 reply to this topic

#1 bulrush

bulrush

    Member

  • Full Member
  • Pip
  • 44 posts

Posted 16 September 2012 - 11:41 AM

My system:
- win XP with Firefox 14.01, Java disabled, Javascript enabled (used by many, many sites)
- In the future I will be using Noscript with FF.
- AVAST free anti-virus

About 3 weeks ago I got infected by a virus which redirects FF to another parking site. If I watch the FF status bar carefully, sedoparking.com flashes by every time, then I'm taken to the fake site.

My doing some googling, I found this problem going back to 2006, perhaps earlier. Why can't MBAM or AVAST stop or even find this infection? I ran a full scan using MBAM and still found nothing. When I visited a web page, AVAST blocked the page with a message popup, but it still seems like I got an infection.

I've already posted the required logs in the other subforum, I'm just wondering why this particular exploit hasn't been stopped in 6 years?

#2 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,637 posts

Posted 16 September 2012 - 09:16 PM

It is possible that this infection has been identified and stopped multiple times, but it may be designed to morph each time it is blocked so that it can continue infecting people... We run an ongoing war of finding out what the infections are, learning how to kill them and turning them back only to have a new version released that the tools don't cover yet... It is also possible that it is not the type of infection targeted by the programs you referenced... MBAM is designed to track and kill a number of different types of malware, but not every single bit out there... Antivirus programs are designed to focus primarily on viruses and many of the infections that we see today are not viruses... There are lots of other reasons that could be true, if you wish to find a more specific answer, it is probably a good idea to ask in their forums...

In spite of these weaknesses, most anti-malware programs are very invested in fixing every infection they possibly can... Even the biggest protection program has a tiny budget compared to the money available to the criminals who create most of the malware out there today, so they just don't have the resources to catch every infection every day...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"




Member of UNITE
Support SpywareInfo Forum - click the button