|
The
virus that could help a hacker succeed
online by taking advantage of you
- my true story -
Do
you know there’s a brand
new
computer virus that can get into your computer
without you knowing even
if you have AntiVirus and AntiSpyware installed?
And
when you try to get rid of it, it
totally wrecks your system?
I didn’t know until a few days ago. On Thursday, the 25th of November
(Thanksgiving),
my computer was infected by a virus that literally took
control of my web browser
and wrecked my machine when I tried to get rid of it.
Let me tell you what happened...
After
we were all done with our Thanksgiving dinner, I went online to do some
quick
research for my next article. But instead, I stayed up all
night battling a virus from
hell!
Shortly
after I got online, my Norton Antivirus and my adware/spyware removal
software Spyware Doctor, started going wild with notifications
of a virus presence
in my computer.
I
immediately stopped doing what I was doing and got Spyware Doctor to
scan my
hard drive. Before long, it gave me a report of about 196
infected files with Trojan
and some other types of adware/spyware virus residing on my hard drive!
I
was shocked when I saw that. Just the day before the computer was fine!
So
then, I
spent hours going through the whole procedure of removing the
virus from my hard drive … and soon it was clean. Or so I thought...
Here’s
what the virus was doing:
Everything looked normal. If you don’t know much about website
development, you
may never notice that something was wrong. And
that’s really dangerous, because
anything can happen once your system is infected!
As
I continued with my research, I noticed something very strange. Many of
the links
that I clicked on, led me to one particular website that was filled with
hundreds of
different affiliate programs and products.
Regardless of what website I would look at, every
single website had these links
placed on specific key words and phrases,
such as: money, internet marketing,
data, webhost, home based business, business opportunity, work, and
others. And all
of the links would take me to this website with the hundreds of
products. That was
very unusual.
But when I looked at my website, much to my surprise I saw the same
links on my
site!
I couldn’t believe it! The links did not exist in my html. But where
were these links
coming from?
It’s
my website. I wrote those webpages! I didn’t put those links there.
And yet
when I looked at the website the links were there.
I called my sister and I asked her if she was seeing the same thing on
her computer
as I was seeing on my computer. She looked at my website and told me
that she
wasn’t seeing any of those additional links, other than my usual
links.
That made me realize that something
was wrong with my computer.
I saved the
file that I was typing for my next article so I could devote my
attention to finding a
solution for this problem. A strange thing happened as soon as I hit the
save button.
The file reformatted itself. Hyperlinks were placed on all of the key
words (as I already
mentioned some) that were found in the file. But who placed those links?
When I clicked on the link, it took me to the same page with the
hundreds of
products. I
got very scared because I felt like I was losing control of my
computer.
From my previous experience (but not as extreme), I’ve learned that
the
virus always stays in touch with the hacker’s server, constantly
transferring
information about my activities gathered from the registry.
This
looked like a very serious virus.
So I immediately unplugged my Internet
connection. This way, the hacker was no longer going to be able to pull
information
from my registry, and I was going to face the virus without any
additional input by the
hacker.
But regardless. I lost the battle. For
THREE FULL DAYS I tried to remove the
virus, but without any luck..
The
Spyware Doctor narrowed it down to one trouble file, which was a type of
Trojan
that existed in my System32 directory. The
Trojan was renaming itself every few
seconds by randomly selected names.
Norton
Antivirus said that this type of Trojan gave no
visual indication that my
computer had been infected.
It was dropping a copy of itself with a randomly
named executable file.
Every time the Spyware Doctor would find the Trojan, it was unable to
locate it and it
couldn’t remove it. That’s
because the Trojan already had a different name.
Also,
what I found out was that I was never looking at my Internet Explorer
browser. I
thought I was, but I wasn’t.
I found a Java Script that was taking the source code
from any website that I would go to, reformat it by adding the links to
the selected key
words and then display the new code in another window that was being
generated by
a remote server.
My
original browser window was getting killed and I was looking at a cloned
window with inserted links.
That was happening with such speed that I didn’t even
notice it because of my fast Internet connection (cable modem).
After
I unplugged the Internet connection, my computer was no longer
functioning properly. I couldn’t access my “windows explorer”
window any
more, I couldn’t open my Internet Explorer window and I lost control
over
many other functions.
But
each time I would turn the Internet modem back on, my computer would
start to
work fine. Only, the Spyware Doctor would give me a notification that over
40
dangerous files were immediately being downloaded into my hard drive.
The
Trojan virus that I couldn’t remove because of its re-naming
capability was
probably staying in touch with the hacker’s server. So I switched the
Internet
connection off for the last time and I shut down the computer.
Right now as I’m writing this, I don’t have a computer at home
because I gave it to a
technician to
reformat the hard drive
and try to save as many files as possible. I’m
writing this from another computer and I'm really worried that none of
my files will be
saved... that
will mean months of work down the drain!
I
have since learned that my antivirus and anti-spyware software would
not
protect
me against the Trojan threat. I needed a firewall to protect me, and
make sure my
computer was invisible
online.
Please, don't let this happen to you! Install a firewall on your
computer so you can
make your IP address invisible to hackers.
As I'm finishing this article two weeks after the virus attack, my
Norton Firewall is
working at full force. Every time a hacker tries to send Trojan files to
my hard drive
behind my back, a window in the bottom right corner pops us notifying me
of the
dangerous executable files being blocked from entering my hard drive.
I lost over 90% of my files but I've learned my lesson the hard way.
Sincerely,
Steve Dimeck.
==============================================
© Steve Dimeck. Author and Publisher. To receive more quality
articles
such as the one you've just read, sign up for Steve's [TSM]
Bulletin at:
http://tsmbulletin.ogdteam.com - and receive a free ebook.
Your next issue of the [TSM] Bulletin is just one click away.
==============================================
|
Steve's
Website
The Success Maze
Please
notice that the paid software Steve had installed in his system did
not fix the problem. That's one of the reasons I wrote this
book Back |