Can Anti-Malware Software Be Corrupted By Malware?

Discussion in 'malware problems & news' started by RCGuy, Aug 3, 2015.

  1. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Does anyone know if malware can corrupt/change/mutate anti-malware software and then cause it to disable a person's computer?

    I have a friend whose computer was really slow, therefore, I installed a few tried and true programs such as Malwarebytes free edition and/or SuperAntiSpyware free edition and/or Emsisoft Emergency Kit and/or Symantec's Trojan Vundo Removal Tool.(I can't remember exactly which ones which is why I say "and/or.") I also, installed Sandboxie for future use after disinfection. However, my friend really didn't have time to use these programs, also, their computer continued to get worse. Additionally, my friend believed that the anti-malware programs were causing their computer to get worse and tried to uninstall the programs, however, their computer eventually completely stopped working and wouldn't even boot up.

    Well, my friend eventually took it to a repair man who fixed their computer, however, the repair man told them that the anti-malware programs were probably used by and corrupted by malware to further infect their computer. However, I have never heard of such a thing and was wondering if anyone could give me some feedback on this.
     
    Last edited: Aug 3, 2015
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    It certainly is possible, especially if the anti-malware is popular. Since the malware was installed on the system first, it has the advantage. That's why I tend to use a LiveCD first (such as Avira's) when disinfecting a computer.
     
  3. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Oh, wow. Thanks. Also, I'll have to look into those LiveCDs.
     
  4. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    Malware writers have often sought to disable anti-malware protection if possible. It can definitely happen. However, modern anti-malware suites have their own ways of countering it.
     
  5. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    Yes, I've read about that:
    https://askleo.com/how_do_i_remove_a_virus_if_it_prevents_me_from_download_or_installing_anything/
    But I was inquiring more so about malware that not only disabled anti-malware programs, but also corrupted/changed/mutated them into weapons against one's computer.
    Well, that's good to know.
     
  6. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    No, I don't think that can happen for a number of reasons.

    The first reason is that it would be ridiculously difficult from a practical perspective. The malware would have to automatically and perfectly decompile the anti-malware, make its changes, then recompile it... this is stuff that might be possible in a thousand years when we have artificial intelligence, but it's certainly beyond anyone's capabilities to do this right now.

    A less intensive solution would be to disable the anti-malware and replace it completely with your malicious code, but why? If you can execute programs on the target machine, there's no benefit to doing this. You've already won.
     
Loading...