My PC got owned by a Trojan
Posted 11th June 2013 at 04:05 AM by azmanar
Hi,
Let me share a bit about an alarming situation I went through after visiting a Web Site For Sale advertised on Flippa.
After leaving the site, I instantly got Pop-up Messages telling me to buy an "Antivirus". A while after, my PC suddenly shuts down by itself. At this moment, I'm very certain that something bad is about to happen.
After rebooting, a lot of folders and files were missing from my desktop. Then the same warning popped up again insisting me to buy the "anti-virus". My PC shut down by itself again after a few minutes. Again, after rebooting, more folders and files became missing from the desktop.
The persistent warning messages, the missing files and automatic shut downs were making me panicky that I took out my credit card to buy the "anti-virus".
Before making the payment, I paused. I wanted to re-evaluate my action. I did a short search using my standby laptop and found many similar cases out there. I realized that my work PC had just been hijacked by a malicious code belonging to some conmen who are trying to steal money from me by deception.
Time to get myself out of this quandary.
Should I reformat my Hardrive to solve it?
Nope. There are tonnes of work templates and work-in-progress inside my PC that I don't want to lose. Furthermore, the scores of software I have installed are originals. It will be hard work to re-install and re-validate them online all over again. Luckily the majority of work done were backed up in external drives.
How did I save my PC without reformatting?
The window of opportunity to save my infected PC were only a few minutes every time I boot up. I must prepare ahead, so whatever countermeasures can done quickly during that short intervals.
Using my standby laptop, I downloaded 2 recommended software, i.e. MalwareBytes Anti Malware and Trojan Remover. Transferred both installers to my flash drive.
I made sure the Internet access to the infected PC is disabled. This step prevents the "fake anti-virus" from communicating with it's remote server, if any.
Then, I booted up the PC and quickly installed MalwareBytes AntiMalware from the flash drive, before the PC eventually shuts down by itself. I rebooted the PC and ran Malwarebytes immediately. It did bought me more time, so I quickly installed Trojan Remover from the flash drive and ran it. This time, my PC stopped shutting down by itself. YES !!!
Both software completely cleaned my PC from the "fake anti-virus" and all other malicious codes I didn't know were residing silently in my PC.
But my files and folders were still missing. Rummaging through my existing folders, I discovered that the missing folders and files were actually hidden. The Trojan had actually changed the folder and file properties. So I un-hid them one-by-one or in clusters, manually.
So what happened?
The malicious web site streamed and installed the bad code super quickly on my PC even before my antivirus could detect or do anything. It happened so fast. This might be the case with you too.
So don't rush for your RECOVERY TOOLS or listen to the technician who is eager to REFORMAT YOUR HARD DRIVE, until you are pretty sure of your situation.
Some Safety & Security Pointers
=> When you're in a predicament, always do a search before you take any action. There are tonnes of info out there that people share to help others. The more info you sieve through diligently, the more quality info you'll gather that suits you best.
=> Backing up files is an extremely important function if working on computers is your livelihood. Even without any external attacks, PC hardware and hard drives can fail.
=> If you're working online anywhere, always have strong protection against unknown intruders. I dropped all branded anti-virus and I now am using Web Root Anti-Virus. It is super small, super fast and super powerful. I can even protect, monitor and detect my other PCs or Mobile Devices from an online interface.
=> Always have these 2 handy software installed on your PC - MalwareBytes AntiMalware and Trojan Remover. Even branded Anti-virus couldn't detect what they can. They are very lightweight, install very quickly, will not clash with other anti-viruses and will not cause systems slowdown.
=> When you're accessing the Internet via WiFis provided by Cafes, Public Hotspots, Hotels, Campuses or Office Networks, always use a Virtual Private Network ( VPN ) that encrypts your data transmissions. There are data sniffers hiding everywhere on Public Networks that it poses a risk for not using VPN. My favourites are : HideMyAss and VPN4ALL.
=> Keep your usernames and passwords written in a book and safely keep it in a locked drawer at home. Update them because you need to change passwords every 2 or 3 months.
=> Always have a back-up laptop on standby, just in case your work PC breaks down. It has been a life-saver for me in many cases, including the harrowing incident I'm relating here.
I have 2 other basic guides in my WF Blog :
=> Why The Hell Do I Need A VPN? - for very mobile people
=> Better Safe Than Sorry - for WP users to prevent hacking or recover from it
Hope this article helps.
Let me share a bit about an alarming situation I went through after visiting a Web Site For Sale advertised on Flippa.
After leaving the site, I instantly got Pop-up Messages telling me to buy an "Antivirus". A while after, my PC suddenly shuts down by itself. At this moment, I'm very certain that something bad is about to happen.
After rebooting, a lot of folders and files were missing from my desktop. Then the same warning popped up again insisting me to buy the "anti-virus". My PC shut down by itself again after a few minutes. Again, after rebooting, more folders and files became missing from the desktop.
The persistent warning messages, the missing files and automatic shut downs were making me panicky that I took out my credit card to buy the "anti-virus".
Before making the payment, I paused. I wanted to re-evaluate my action. I did a short search using my standby laptop and found many similar cases out there. I realized that my work PC had just been hijacked by a malicious code belonging to some conmen who are trying to steal money from me by deception.
Time to get myself out of this quandary.
Should I reformat my Hardrive to solve it?
Nope. There are tonnes of work templates and work-in-progress inside my PC that I don't want to lose. Furthermore, the scores of software I have installed are originals. It will be hard work to re-install and re-validate them online all over again. Luckily the majority of work done were backed up in external drives.
How did I save my PC without reformatting?
The window of opportunity to save my infected PC were only a few minutes every time I boot up. I must prepare ahead, so whatever countermeasures can done quickly during that short intervals.
Using my standby laptop, I downloaded 2 recommended software, i.e. MalwareBytes Anti Malware and Trojan Remover. Transferred both installers to my flash drive.
I made sure the Internet access to the infected PC is disabled. This step prevents the "fake anti-virus" from communicating with it's remote server, if any.
Then, I booted up the PC and quickly installed MalwareBytes AntiMalware from the flash drive, before the PC eventually shuts down by itself. I rebooted the PC and ran Malwarebytes immediately. It did bought me more time, so I quickly installed Trojan Remover from the flash drive and ran it. This time, my PC stopped shutting down by itself. YES !!!
Both software completely cleaned my PC from the "fake anti-virus" and all other malicious codes I didn't know were residing silently in my PC.
But my files and folders were still missing. Rummaging through my existing folders, I discovered that the missing folders and files were actually hidden. The Trojan had actually changed the folder and file properties. So I un-hid them one-by-one or in clusters, manually.
So what happened?
The malicious web site streamed and installed the bad code super quickly on my PC even before my antivirus could detect or do anything. It happened so fast. This might be the case with you too.
So don't rush for your RECOVERY TOOLS or listen to the technician who is eager to REFORMAT YOUR HARD DRIVE, until you are pretty sure of your situation.
Some Safety & Security Pointers
=> When you're in a predicament, always do a search before you take any action. There are tonnes of info out there that people share to help others. The more info you sieve through diligently, the more quality info you'll gather that suits you best.
=> Backing up files is an extremely important function if working on computers is your livelihood. Even without any external attacks, PC hardware and hard drives can fail.
=> If you're working online anywhere, always have strong protection against unknown intruders. I dropped all branded anti-virus and I now am using Web Root Anti-Virus. It is super small, super fast and super powerful. I can even protect, monitor and detect my other PCs or Mobile Devices from an online interface.
=> Always have these 2 handy software installed on your PC - MalwareBytes AntiMalware and Trojan Remover. Even branded Anti-virus couldn't detect what they can. They are very lightweight, install very quickly, will not clash with other anti-viruses and will not cause systems slowdown.
=> When you're accessing the Internet via WiFis provided by Cafes, Public Hotspots, Hotels, Campuses or Office Networks, always use a Virtual Private Network ( VPN ) that encrypts your data transmissions. There are data sniffers hiding everywhere on Public Networks that it poses a risk for not using VPN. My favourites are : HideMyAss and VPN4ALL.
=> Keep your usernames and passwords written in a book and safely keep it in a locked drawer at home. Update them because you need to change passwords every 2 or 3 months.
=> Always have a back-up laptop on standby, just in case your work PC breaks down. It has been a life-saver for me in many cases, including the harrowing incident I'm relating here.
I have 2 other basic guides in my WF Blog :
=> Why The Hell Do I Need A VPN? - for very mobile people
=> Better Safe Than Sorry - for WP users to prevent hacking or recover from it
Hope this article helps.
Total Comments 0
