Lord only knows how it happened, but somehow a nasty bit of malware called “AllCheapPrice” installed itself on my computer despite having Avast installed.
Just finding the source of my computer problems was a chore because the program was well hidden. Not even “HiJackThis” or “Spybot” detected it from either “Normal” nor “Safe” Mode. Even with “Show Hidden & Protected Files” unchecked, there was still nothing to see. I only found it when I tried to uninstall a mystery browser plugin only to be told I couldn’t because a program called “AAlilCheappPuReiicee” was “still running” (deliberately cryptic to complicaticate its removal.) Initial attempts to remove the malware resulted in the loss of my internet connection and the disabling of Avast. (I ran “msconfig” and rechecked the boxes for Avast, both Services & App, and the boxes would clear when clicking Apply.)
I’ve uninstalled both the program and the mystery broswer plugin, which resulted in the program deleting my Internet connection, forcing me to do a System Restore. I then went through the Registry and deleted anything connected to “AllCheapPrice” or “AAlilCheappPuReiicee”, and also had to delete all the “extensions.*” files in my Firefox profile. Things seem okay now, but I can’t be 100% sure since it was so hard to detect in the first place, and there could be an infected legitimate program on my computer that could put it back. (I am currently typing this from my Linux install.)
The first sign of infection was that my audio would suddenly go out soon after booting and Flash would crash (probably media related), I also noticed that the Win7 login (after typing my password) was taking ~50% longer than necessary, and a 1/2 second pause before my wallpaper loaded where the malware was probably loading & hiding.
I’m more than a bit annoyed Avast didn’t catch this nasty (and apparently well-known) bit of malware and allowed it to make so many changes to my PC (including redirecting all search links to “4shared.com”.) I’m in need of software just to confirm it is truly gone now.
(Note: I’m a PC tech of 25+ years experience, and probably the only reason I was able to recover from this was my skill in PC maintenance.)