01-20-2011 09:39 PM
Hi, a while back I decided to play the old CoD4 (Modern Warfare 1) on my PS3.
Please note that this is LONG. This is not meant to be a story, but an idea of what happened so it will be easier to sort out what was wrong.
I noticed a clan tag: [PLA] that was used by multiple different people. Sometimes, right before the round would start, it would just say: 'DRAW' Host ended game. And if you looked at the little scrolling text area, it would be rapidly moving saying the exact same thing: "[PLA]<player id> Unknow Command..."
You're probably wondering what this has to do with anything, but let me assure you, it all comes together.
When I went to check my Facebook on my computer later that day, I noticed something odd. There was a shortcut to a program I don't remeber installing called "On-Lock" or something similar. In the task bar, a little notification bubble kept appearing saying (in an unusual windows text):
"WARNING!!! YOUR COMPUTER HAS MULTIPLE VIRUSES!!! PLEASE CLICK THIS FOR MORE INFORMATION!!!"
I'm not an expert, but I know a fake pop-up when I see one. So instead, I pushed the 'X'. A window instantly popped up, apparently scanning my computer, and then telling me that I needed to buy this product to continue safety. And, of course... They only took Credit cards.
I struggled to get the pop-up to go away, but once I did, my ENTIRE BACKGROUND changed into what looked like the 'blue screen of death' however, all my icons were still up as well as the task bar. I tried to run Windows Defender, but another pop-up appeared claiming that the process has to be executed because some file was infected.
Of course, I know a few things about computers.
I hold the power button until it turns off, and then turn it back on, this time running safe mode.
I decided to search around my files. In My Documents I found some folders named by a large sum of numbers. Opening the file, I find a .dll file and an empty folder. I continued to search, until I found the root. On my C:/WINDOWS there were so many folders named similar to the other ones, with the exact same contents (named differently).
I also found some fake Windows programs, one of the many was called Windows Agent, and had a poor looking 8-bit image of what looked like a Drug Dealer/Spy. I right clicked it, and pressed Delete. "You do not have permission to perform this operation."
Please note that I was the only user of this computer, meaning that an 'admin' could not have parental controls.
However, I did manage to delete the oddly named folders.
And then, I found a folder that almost made me want to die. It was in C:/WINDOWS.
The folder was named 'PLA'. I opened it to find a LOT of .dll and .bat files, as well as even more fake windows apps.
When I restarted my computer again, I went to the actual OS. I had no pop-ups. I went back to Windows Defender to double check that everything was okay, so I performed a scan. Every once and a while, the name of the folders that it would be currently scanning would change for a split second to an odd code, then go back to normal. I knew it was an over-ride.
I ended up having to completely reset my computer, with all my documents and music going with it.
Thank you if you made it this far!
Can anybody help me out with this? I know I already fixed it, but is there any way to prevent it?
Any info on this would be gladly appreciated: Past experiences, research, etc.
I actually google'd PLA and found out that it was a group of foriegn hackers that were accused of hacking the Pentagon...
This clearly isn't them, but they must've named themselves after.
01-20-2011 10:08 PM
Have you tried getting hold of either Norton Antivirus or another AV to scan your computer?
Boot up into Safe Mode to do this, and disconnect your LAN cable if it is connected to a router/modem.
01-21-2011 12:35 AM
What kind of browser you use?
If you are using Mozilla Firefox, click on Tools > Add-on > Extension tab
Disable or uninstall applications you think suspicious.
If Internet Explorer, click on Tools > Manage Add-on at the "toolbars and extension tab",
Disable or uninstall applications you think susupicious.
To avoid, next time, anything that prompts on your screen everytime you use internet browser, just ignore everything. Never ever click on sign or fill-up anything that might compromise not only your computer but might also your identity and personal information.
01-21-2011 10:43 AM
Using Windows Defender alone may not be enough. You need to run a full feature AV product like Norton Internet Security or Norton 360. These products offer many technologies to protect you from today's modern threats.
Norton includes Antispam, so most malicious emails are flagged for your protection. One thing about Facebook emails, I never click the links, I go to my Facebook account through my bookmarked link only. Too many bogus emails are out there to trick you.
Another great tool is Nortons Safe Web Lite. Safe web can warn you of dangerous sites in your search results before visiting the site.
One other to check out is the Norton DNS service, it provides faster and more reliable web browsing with basic security.
Check out the features included in the Norton Products -
I hope this info is helpful to you.