Virus Attack From Hell

Or At Least One Of It's Suburbs!

Let me preface this by saying I am not a computer novice and am pretty savvy to the wiles of the cyberspace bad guys. I have good anti-virus protection and a very effective firewall. I have been online for over ten years and in all that time have only seen my computer infected on one occasion and that was as a complete novice not realizing the importance of surfing without an anti-virus program running.

That said, this past Saturday while checking out a variety of news sites I had a Trojan from Hell move into my computer faster than lightspeed, and I still have no idea which site it came from.

One moment I was reading a news story and the next moment I got a pop up telling me that a virus scan had discovered all sorts of virus on my computer. I knew instantly what was going on and disconnected. The name of the program was AntiMalware Doctor and it invited me to visit their website so I could buy their software which would save my computer from all these infections they had found.

For a moment I dared believe that it was not truly Malware but a semi-legit software company with a very agressive method of selling their product.

I went to my programs list, and sure enough it was there along with an 'uninstall' option which I used. That 'seemed' to remove the offending software as it appeared to have been completely removed from my computer. A virus scan of my whole computer indicated that everything was clean but I also scanned again with three different programs just to be sure. Everything seemed to be alright and after an hour or so, I resumed regular computer use, which included once again connecting to the Internet.

All seemed well and everything ran as normal for a couple of hours. The first problem was a System 32 error message, which did not seem to affect any operations, but immediately raised the red flag. I continued until I realized that my speakers were no longer working and when I went to adjust the volume, got another error message from the volume control. Now I KNEW I had a problem and immediately went to several sites that do online scans which are usually very up to date particularly saying they could remove AntiMalware Doctor from my PC. It required two downloads, and I followed all instructions and was told my computer was free from AntiMalware Doctor. This program and several others, claimed to have identified and removed 4 - 6 Trojan files found on my computer, so once again, I felt I had gotten rid of the offenders, and my computer seemed to once again work fine. For a while!

At this point I should say, there is NOTHING on my computer that is of ANY use to ANY bad guys, so I was not concerned about information being stolen, but did know the possibilities of having a real mess if this Trojan had planted several 'bombs' while I was fooling around with it.

To make a long story much shorter, this particular little Trojan was very effective in that it was able to take control of both Firefox and Internet Explorer browsers, and re-direct me to pages that suited it rather than where I thought I was going. It finally was able to interfere when I wanted  to go to an anti virus site, which I felt could identify it. Very clever this little bug!

At the end of the day I finally just upgraded to Windows 7 and wiped my computer clean, so now I have a super fast, squeaky clean new operating system.

I presume it was really designed to just sit reasonably quiet and control your surfing via the browser control, as there were several hours I 'thought' I had finally gotten the best of it. Just when I was breathing a sigh of relief, bingo, it would take control again. I presume some people with less experience could have put up with it's antics and would not have paid much attention to what it was really doing and just considered the occasional 'redirect' as a little glitch.

In the end I had used AVG, MacAfee, Panda, Malwarebytes, Spybot, AdAware,Trend Micro and several others I have forgotten. They all claimed to have found something, and they all gave a clean bill of health also. They could have been right as I suspect this particular Trojan was very effective at hiding and rewriting itself particularily if you use Sytem Restore as one rogue file was buried there.

In any case, it has been an interesting two days, and I am glad that I have always kept my data in several different places so nothing important was affected. I do however, now have the fun or re-installing all my favourite programs and moving address books, emails and bookmarks to the new operating system.