PC virus alert

John Graham Saturday, 1 August 2009 19:54

F*cking f*ck!! I got infected by a virus 6 hours ago and it's taken me all day to clear it. The first I knew was Windows XP security centre (or was it?) puts up a message saying the pc had detected a virus then the cpu maxed out and I lost control of the thing. I couldn't close down firefox or even see what the problem was (all windows wouldn't refresh, or task swicth). After a few minutes (should have been quicker) I yanked the network cable and then tried some more to close things down before giving up and powered down.

That was the start of the problems. When I powered back up in safe mode the firewall window came up and identified a load of trojans. It wouldn't clean them and complained I wasn't registered (which was weird, I have a registered antivirus). Turns out this was a AVCare, a fake antivirus programme that has the same look and feel (and icons) as XP Security, but itself plants trojans/backdoors.

After some net searching with another safe lappy I traced the 3 other trojan processes it had planted. Killed them off, cleaned out, now running a genuine virus scan. If that's clean I'll get the courage to reconnect it to the net.

The thing is, for the 5 or more minutes the processes were running (avcare.exe, b.exe, msa.exe, msb.exe) it was frantically collecting data and sending it home somewhere. Later on after the cable was pulled and I gradually discovered the processes, they were still generating encrypted log files. No doubt they would have been fed back to the bastards.

I've had to ring my bank, check no damage, change PIN and security data, and cancel any internet transactions on my account. They're sending me a new card with a card reader which I'll need to scan with to generate a security number for any future net transfers (Co-op Smile, they're rolling it out over the next year or so). Same thing for my credit card, although the only way to be safe was for them to cancel it and sending me a new one.

Major fucking hassle and I've no idea if any personal financial information would have been harvested, but better safe than sorry. In the last week or so I've paid bills on-line and just this week bought some stuff from Amazon. No idea if any of my typing ended up in my browser cache. I've now cleared all browser data but of course that's stable door & horse bolted territory.

What caused it? Not sure, maybe I visited a web page I shouldn't have, but just before then I was trying to upload a photo to flickr and it complained that my version of the uploader was out of date. I clicked to update and it did, then I got a pop-up from XP firewall saying Flickr uoloader was trying to access the internet, to which I clicked yes to grant it. It could be that my virus was spoofing Flickr's uploader, who knows.

I'm annoyed, that's the first time I've been caught.

Be warned, and be careful with your bank and card data.

I so need a beer....

tg

PC virus alert, Flickr (Brand), Trojan, credit card