Beware of Malware

General_Header_620x164

Guys, man. Rough ride last night. I usually don’t think about Malware and such stuff, have a virus scanner installed and too much today to worry about such things. BUT last night I got hit by the wonderful Malware “Windows Diagnostics”.

I guess it’s because I clicked on a fake twitter notification mail a few days ago. Be careful with that shit! Let me tell you what happened, and as I do so, imagine how a total PC beginner would have felt!! (I on the other hand use computers since 1984 and have worked 10 years in IT, and even I was stunned).

It started with popups that my hard disk is damaged. Reboot necessary. I found that highly suspicious. Why a reboot if my hard disk is broken? Makes no sense. If you ever get any of those, google the message BEFORE you do anything. I did. I found, that a series of Malwares use those error messages. What they in my case are trying to do is scare you into buying a software.  If you click away any of those messages, a fake software called “Windows Diagnostics” comes up, looking really convincing I must add:

Very well done fake!

 

Your PC is burning. Please fill water into your disk tray.

Here is the thread about it I found at BleepingComputer.com. Those guys are excellent. Complete step by step solution.

Anyway, “Windows Diagnostics” malware already started to take action. Opening of programs was blocked. More random windows errors. So I hit CTRL ALT DELETE and… the task manager was gone too! At that point I started to get nervous. My virus scanner was gone too (without any fight by the way). The malware also fakes problems with your folders’ contents, removes entries from your start menu… What the…

I followed the commands of the thread. Rkill closed the malware, my task manager was accessible again and my breathing returned to normal. 🙂 Now as the link mentioned I downloaded the awesome software Malwarebytes Anti-Malware.. It checked my hard disk for 3 hours, then removed every trace of the Malware. I want to marry it.

If you are still unimpressed, there is another scare for you. I don’t have to tell you how many deaths a novice user would have died already – harddisk crash, PC acts weird, I can’t open programs anymore, some start menu entries missing…

Now after the reboot, I find desktop empty, start menu almost empty and my hard disks containing 0 files. Good scare, beats 10 cups of coffee. But I was clever enough to realise that this was still the “virus” speaking. That fucker has set my entire hard disk’s content to hidden.

Again Google helped me out. After some wild goose chases (I thought ownership trouble, wrong account or permissions etc.) I simply used a DOS prompt and the command Attrib to set all files to not hidden.

Again: BleepingComputer.com helped me 100% for free, privided RKill for free, and I could completely remove everything for free with MalwareBytes Anti-Malware. I am happy that other companies work the karmic way I do, so I followed through and bought their software for under 20 Bucks. Now I am Malware protected.

I USED to give a fuck’s damn about spyware and shit. My last spyware killer messed up my 80€ Norton Antivirus (now on my never-buy-again-list) in a way that it never worked again. My mails to support have not been answered, but it has only been a few years since then. But then I saw her face, now I’m a believer! So PLEASE install MalwareBytes Anti-Malware now for free or <$20. With all the spam and fake and shit on Twitter and Facebook we can all use it.

And NEVER click on those fake emails “you have 3 facebook notifications” or so. If you get one, always go to FAcebook or Twitter directly, don’t click the link. I have spend 2 secs on that scam page! And as far as I know, that was all I have done recently to deserve this.

Don’t know how I can pay back BleepingComputer for their help in need. But I will figure something out. Maybe a thankful blog post?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s