I spent 4 hours the other night clearing off a sneaky trojan virus only to be infected again while reading DKOS tonight. As a blog ad loaded, adobe acrobat reader was opened and the thing installed itself and infected me again.
The reason I am certain it is from DKOS is that as I was clearing my main machine I was surfing on my backup. I went through 3 or 4 sites fine - then came here. 2 diaries in and adobe acrobat starts to open! I shut it down before it was finished. I will find out soon enough if it got this machine too.
The virus: Virtumonde
My symptoms were large pop up ads, error message pop ups regarding my intellipoint mouse on start up and my windows update ability was blocked.
I was running McAffee protection and had the latest windows security updates and the newest firefox.
Anyone else get this thing? Its seems much harder to get rid of this time and I cant go with DKOS for long - so thats not an option against further infection.
My fix:
Neither McAffee or Adware was able to detect it. I did find it with Spybot (free) but the thing was sneaky enough to disable the delete/quarantine feature of spybot after it reboots. I eventually used ComboFix and that cleared it off the first time.
This time around I removed acrobat reader, removed firefox and had to run ComboFix twice. I am now running spybot again to finish up.
Sheesh.
Any way to alert the Great Orange Overlord if this really came from the blog ads?