For last few days something strange was happening on my system, Firefox to be exact. Once in a while when I open Firefox, it was prompting me for a flash player update. Even though this was unusual I didnt find it odd as it looks so similar to Firefox update page that comes whenever Firefox gets updated. Opening of that page matched exactly like a Firefox update page and hence I took it as normal.

I even clicked that  update link but thanks to Kaspersky Internet security, The URL was getting blocked. Even then I was unable to find what was the source of the URL which was getting blocked by KIS 2011. I tried to find out whats going on but it took me 2-3 whole days to find the culprit. When I saw the URL of that Flsh/Firefox update page, then I knew my system is infected.

As you can see, anyone will hardly suspect anything wrong here. If your Antivirus is not able to block it and you install that so called update, a rough  Antivirus as shown below will be installed.

Even though Kaspersky was able to block it, it was not able to remove it from the system. Hence, I had to check for other options and the best one that comes in my mind was Malwarebytes Antimalware. I ran a scan of full system and voilla, it found the infection which was causing the trouble. The infected was removed my Malwarebytes after a reboot.

Image Credits: F-Secure