Not Matt Harding this time :)
So, somehow, my system finally got infected. I’ve done very little on my box at home recently, which narrows it down to a few very limited possible causes.
- Couldn’t access my own blog from my home machine, nor google;
- Pop-up windows warning me my computer wasn’t secure (“Win Antivirus Pro” infection);
- Opening/Closing control panel very slow and produces pop-ups (“Trojan/IHook” infection);
- Trying to run the Microsoft Malicious Software Removal Tool … fails (something actually kills the app);
- Unable to install or run Windows Live One Care (task manager shows “winlogon.exe” taking up 12% cpu, when I finally kill winlogo.exe Windows Live One Care seems to advance but still fails);
- Lots of rundll32.exe’s that weren’t there before, one of which continually restarts when killed;
- Several new svchost.exe’s;
- “GoogleUpdate” which won’t uninstall from control panel or otherwise go away aside from removing the folder;
- Nod32 quarantined a whole bunch of trojan files but seemed to miss the main infections;
I still have a Norton license, so I installed and scanned with that … Didn’t even discover the files Nod had quarantined. I tried the AVG free trial, it discovered one of the quarantined files.
Ok – so Windows Live One Care? Oh, the infection doesn’t like that, it won’t even download.