On Sunday, my computer got infected by a bunch of Trojans from a drive-by-download. Everytime I tried to open a folder in Windows Explore, it came up with a fake system error message that kindly informed that critical system files were in danger of deletion and instructed me to go to a website to download free antivirus. Whether I clicked yes or no (I assume since I didn’t dare click “yes”) it fired up my browser and went to the website. It also redirected any attempts to contact the Windows Update server to the same website. Bit annoying, but I though nothing my security software couldn’t handle. Right?
I fired up AVG8 (free edition) and after a thorough scan, it found and deleted a dozen Trojans across the file system. Result! However, the annoying nag messages and the redirection remained. Comodo Personal Firewal has a built in malware scanner so I tried that. Didn’t find a thing. So I used System Restore and restored the system state to one a couple of days ago. No change. At this point the system was becoming more unstable and AVG was reporting that CPF had been infected with a Trojan. Arrggh!
Then I did a google search on the website URL and I found a small program (in several locations across the web) that was reported to specifically find and remove the malware. It Worked!!!!
Now, at this point I was pissed off at AVG and CPF for not detecting or combatting the threat. I unistalled CPF and replaced it with PC Tools Firewall and their PC Tools Spyware Remover and their Threatfire supplemental AV program. After I rebooted, I the computer refused to boot into Windows. It would get as far as showing the desktop wallpaper and taskbar but that was it. CPU usage dropped to 4% and Task Manager refused to launch any program.
It took me hours to solve the problem. In the end I had to go into safe mode, uninstall ALL the security software and reboot. Once the system was back up and running I installed Avast!, ZoneAlarm and AdAware 2008. In the middle of a virus scan by Avast and so far so good.
Never going to use and PC Tools software ever again.