As bizarre as this title sounds I haven’t taken up knitting as a hobby. Recently I was called by my friend whose Windows Vista computer had shut down on her and refused to restart. Being slightly curious I paid her a visit to be greeted with a computer that had gone into hyper hibernation mode. A simple long press of the power button turned it off and boy what was I greeted with when I restarted it.
When it first loaded Windows, it appeared OK then I saw a couple of command prompt windows which started and soon went off. Having seen this before on my computer it could have been harmless but I thought I would check it out.
My first port of call was to check the Program Files folder in the main hard drive, usually C: I noticed that there were some programs that had been installed a few days before. I asked my friend if she had installed anything and she replied that she had downloaded some knitting patterns.
I checked out her downloads folder to find the culprit crazyforcrafts.exe. Unfortunately she had installed it thinking it was a knitting pattern generator of some sort. When it was installed on her computer it disabled her firewall and security center so she didn’t know she had no firewall as there was no warnings as a result. The program ran as a system service so every time she started her computer it ran, probably installing other bad stuff along the way.
Safe Mode to the Rescue
Without any hesitation I booted it into safe mode by pressing and holding F8 on reboot. Did a full system scan with Malwarebytes which found 2000+ items of trojans, malware and potentially unwanted programs (PUP) on her system. Also ran a scan with Spybot and Microsoft Security essentials, which despite being a Microsoft App, had actually caught some of it.
I guess the moral of the story is never trust what you are downloading, unless it’s from an official website or a reputable company. Not everything is what it says it is!