Back in January 2010, I wrote about the virus-warriors of Chennai — Microsoft’s Consumer Security Support team. Yesterday, I had occasion to call them again. They’re still awesome, though the phone access isn’t as good as last year.
(And they’re a refreshing counterpoint to the irritating call-center interruptions from Dish Network…)
I knew something was wrong when I went into my Yahoo email account a couple of days ago. The list of emails in my inbox looked fine, but when I clicked on one entitled “Meeting next week?” instead of the expected note from my friend, it was spam. I presumed it was a Yahoo glitch, and carried on.
But when I went to Google, it was clear this wasn’t just any little glitch. The same thing was happening with my Google searches. They were getting hijacked to evil sites like “Ta*zinga” and “add*edsuccess” (The asterisks are mine. Just to be safe.)
So I ran a full scan with Microsoft Security Essentials. A couple of hours later it came up with the culprit: a Trojan called Tracur.Gen!B — which it said it had removed.
It hadn’t. My Searches were still being hijacked, and another full scan gave me the exact same result: Trojan:JS/Tracur.Gen!B
TIME TO CALL MICROSOFT
This time, I knew to go directly to Microsoft’s Security people for help. (I couldn’t get to the forums in any case, with all my searches being redirected.) They’d been winners the last time, the young people in Chennai. I emailed, got my support case number and the phone number to call. The last time, I’d gotten through almost instantly. Not now. Instead, I got put on endless hold of music and commercial messages. I gave up. Night- time would be better.
Around 10 p.m. I got through much faster, to “Jason” who was possibly Jaisingh or Janak, I don’t know. (Or may even actually be Jason. ) I explained the problem, then told him that the last time, it had been Kaspersky’s tdsskiller that fixed the problem.
“This is more powerful than Kaspersky,” Jason told me. I visualized a videogame screen, Tracur and Kaspersky battling it out in armor with swords. My best bet, he thought, would be to run MRT (Microsoft’s Malware Removal Tool) and then call them back. It would take several hours, he said. So I ran it, and it took several hours, at the end of which it showed… nothing. But my searches were still being hijacked.
RAHUL TO THE RESCUE
I called them back, and this time Rahul answered the phone and took my case number. He cut to the chase, sharing my computer, running some searches for and with Bing (I have Google as my home page), and noting how those got redirected. Then he ran Kaspersky. It showed… nothing, again nothing. But searches were still being hijacked. So Jason was right. I pictured Tracur standing with a victorious foot on fallen Kaspersky’s chest.
“How come Microsoft Security Essentials didn’t block this?” I asked, annoyed. If this problem didn’t get fixed, this machine was doomed to spend its remaining days as an isolated super-typewriter with no internet access.
At this point, Rahul (who still controlled my computer) removed my existing Internet Explorer. “You’ll lose all your cookies and saved passwords and settings,” he said apologetically before he started.
“Go for it,” I said. Who cared about cookies when the searches were being stolen? “Is it a browser problem? I just got rid of Firefox because it seemed to be lodged there, but that didn’t fix it.”
“Sometimes,” he said, a bit doubtfully. Then he downloaded the latest version of Explorer.
Thanks, guys! Great job.
(Later, I ran another full scan with Microsoft Security Essentials. This time, it also showed nothing. I have my fingers crossed the machine stays clean.)
And yes, my tech-expert friends, I know I should be running Linux. I just find the learning curve a bit too steep…