So, despite the fact that I tend to watch my security regularly; I found myself in a mess last night. After I returned home from work, I found my system is getting a warning from my Norton Internet Security that it had stopped a Trojan from attacking my system. A few minutes later I was under attack by something else (I don't recall the name of it & it ended up being a very long night). As I investigated what was going on, I found a lot in my NIS history that I didn't like. Firewall changes being my prime concern at that moment. I have a theory as to how I came to be infected but I don't know for sure so I won't get into that.
I eventually started breaking out the usual tools, running Malware Bytes & Norton Internet Security both were giving me a clean bill of health. Regardless, every-time I did anything with Chrome I got the warning about the Trojan! I started going through the Bleeping Computer tool set. ADW,JRT, etc, etc (See the Malware removal guide on this blog if you are not familiar with these tools). These tools seemed to track down the problems but they didn't manage to remove them (much to my chagrin and surprise). Eventually I had expended every resource I was aware of at that time and I was still "under constant attack". At this point I had figured out that my Chrome and Opera were infected in some manner and there was a "fake add on" according to Norton.
On the side: I normally am a Kaspersky user but my new mother board came with a trial for Norton Internet Security, so I decided to give it a shot. After some research on the web about backdoor Trojan 39, I found out about a tool I actually had but was unaware of Norton's Power eraser. It's available at the link preceding this and it comes with a warning that it is a powerful tool and can do damage to your Operating system. I decided that that I would risk it (of course I would, this willing to take a risk is why I end up with these kind of infections!). It scanned very quickly and came up with a short list of "offenders" and its recommendations on what to do about them. It allowed me to click a link and go to the files in question which made it fairly easy to decide what had go. A quick click and it removed my problem files, followed with a system reboot and my system is clean again.
So, that was my adventure in internet security for last night.
Lesson learned Norton seems to be redeeming it self in the Anti Virus arena. I believe I will even sign up when my trial runs out in 30 days for the Internet Security suite. They also provide powerful tools to anybody who needs them and the best part is: It didn't include any PUPs (potentially unwanted programs)! Bleeping Computer and their tools are awesome and I believe they would have handled the situation as well if I could have run them in Safe Mode (this was my failure not the tool sets - Windows 8/8.1 don't come with a readily accessible way to start the PC in safe mode anymore).
**Note:**
You can re-enable Safe-Mode in Windows 8/8.1 by following this article over at Bleeping Computer.
No comments:
Post a Comment