How does Antimalware Doctor infect computers?

I didn't do anything stupid like run random .exe or visit questionable websites, but as I was just Googling I get infected by Antimalware Doctor.

At that point I just shutdown my computer and reformatted, so I didn't check if I had the latest version of Flash or Firefox.

Is it possible to get infected just because I didn't have my Flash newer than 10.1 and some random flash ad infected me?

There doesn't seem to be any information on how Antimalware Doctor works asides from how to remove it.


Solution 1:

10.1 is the latest flash version, but there may be an update for that version as jer.salamon suggested "10.1.5.64". You need to keep you browser and plugins like flash updated, most are supposed to do it automatically, but it never hurts to check them occasionally, also your Operating System needs to be set for automatic updates. There are always new vulnerabilities emerging on the internet that can exploit even the newest updates, it is a cat and mouse game to keep up.

Below is one of the latest Windows exploits that has not been patched yet, and is said to exploit favicons on websites causing a "drive by" infection similar to yours, this may not be the cause of your infection, just an example of what is out there on any given day.

http://threatpost.com/new-malware-emerges-exploit-windows-lnk-flaw-072310/74251

.

.

There is a protection tool available for this LNK vulnerability , it can be used until Microsoft issues a patch for the vulnerability, Note: this tool may not protect you from the drive by favicon exploit which is part of the wider LNK exploit in Windows PCs.

http://www.sophos.com/blogs/gc/g/2010/07/26/shortcut-exploit-free-tool/

.

Solution 2:

Yes there are exploits for old versions of flash that allow remote control/remote execution of files just by visiting a site.

edit: Newest versions for each operating system http://www.adobe.com/software/flash/about/

If you dont have it I suggest you update.