Forgot your password?
typodupeerror
Security Software Windows Technology

New Malware Simulates Hard Drive Failure 294

Posted by timothy
from the just-a-healthy-reminder dept.
An anonymous reader writes "A nasty strain of malware goes beyond mere sensational alerts, it makes it seem the user's hard drive is failing. It moves files from All Users and the current Windows user's profile into a temporary location, making it appear as though problems with the hard drive are causing files to disappear. It also disables a user's ability to change wallpaper images and sets registry keys to hide certain icons — giving the impression that programs are going missing as well. Of course, it's all done in an attempt to get people to buy the software that will fix it."
This discussion has been archived. No new comments can be posted.

New Malware Simulates Hard Drive Failure

Comments Filter:
  • by adolf (21054) <flodadolf@gmail.com> on Friday May 20, 2011 @08:44PM (#36197930) Journal

    I just cleaned this off of a computer two days ago.

    It set some registry entries values meant for maximum fuckery, marked every file on the disk that it could access as being hidden (thus even "dir" from a command line would result in "File not found,") and nuked the contents of the start menu, and did some other mean stuff.

    Malwarebytes removed it but left the registry broken (which is arguably correct behavior). I changed the registry entries by hand, and I restored the start menu from an earlier copy.

    After that, things were happy...except for a lingering, and possibly unrelated, issue with links from Google being redirected to spam. This turned out to be an infected Windows DLL, which "sfc /scannow" couldn't/didn't bother to fix. I was just about to give up on the machine for a happy time of nuke/reinstall, and another half-dozen hours of putting the machine back how it was... but then I tried combofix and the redirect problem went away, too.

    All said: While I am a little richer having fixed these problems, money is poor compensation for this sort of pain.

    I welcome the day when an affordable online service* can do incremental backups that can be used for a simple, bare-metal restore. Bandwidth isn't the issue anymore, and spinning storage is cheap; where is it?

    *: Yes, online. If it's offline, that means that folks will have to think about it on a regular basis, and it won't be done.

  • by mrnobo1024 (464702) on Friday May 20, 2011 @09:10PM (#36198142)

    That's all well and good in a corporate environment, but do you really expect every home user to have his own personal IT department?

  • by MobileTatsu-NJG (946591) on Friday May 20, 2011 @09:16PM (#36198202)

    This is why the only solution is a GNU/Linux solution..

    I'd love to see your MRI scan while you tell people this.

Their idea of an offer you can't refuse is an offer... and you'd better not refuse.

Working...