Malware Fun!

U

user098123

Active member
Decided to delete my whole desktop. Technically the folder is still there, but completely inaccessible and I can't do anything on the black part at all...

Rest of the taskbar and start menu work though, time to dig in to the registry. Anyone have any ideas on a solution?

malwarefun.jpg
 
2 points:

Point 1: Clicking on the internet and logging onto ns, or googleing stuff is about all i know how to do when it comes to computers, as malware is a computer related term i techinically had no idea what the hell it was. so to me the title may have read something like " I deleted my desktop, lets have some Malware type fun and help restore it"!

Point 2: my bad
 
System restore doesn't work, it errors.

Buying a mac is a pointless argument. Just wait, a couple more years and all of these problems will be on macs too. Stupid fanboys that don't know what they are talking about. Look up hacking contests, macs almost always fail first because they are so pathetically insecure...

Anyway, enough ranting. I run two windows 7 partitions and an Unbuntu partition, I'm not too worried if one goes down. Mostly just curious as to how it happened.

Task manager is back up and running, that's a plus at least!
 
Well before you do any of this restore shit, click start and get all the important shit you have on that HDD to another hard drive.

Second, if it won't boot into safe mode, and you can't open the internet or any of the security software you should have installed, your only option is to reinstall and not DL spyware.

 
yeah some of the people seemed to know what's up..try to reboot in safe mode if possible and as soon as you get on, go to internet and download a program called RKill to your desktop, run this program and it quickly finds the malware and closes all of its resources / processes. once this is done, download the program MalwareBytes - it is freeware and you can trust it, just get it right off the website..both these are easy to find from legit sources. Do a full scan with MWBYTES and then quarantine/delete the files that it finds infected (it will do this for you). Once this is done, reboot computer and hope this solves the problem. If this doesn't solve the problem, there could possibly be some changed register errors, but usually MWBYTES will find these and correct these for you..

hope this helps! :)
 
MWBytes didn't fix it. I could boot in to safe mode.

I ended up fixing it by running startup repair after significantly editing the registry. I removed most of the traces manually, but some of the still persisted. I was able to get in to the task manager again, which helped, but even after a full scan with multiple programs it wasn't being detected.

It was actually a pretty interesting piece of malware. I have no idea where I downloaded it from. It made it through my firewall(and I use a good one) at about 9:15 pm, and then it waited in my temp for about an hour before striking, so that it could cover the file it was from.

It also used a two randomly generated .exe files, so that it can be less likely to be picked up by programs like MWBytes and things like that. With the random naming on the .exe files, it's harder to categorize.

I ended up being able to run a system restore through the start up repair. Like I said I wasn't overly worried, I still had full access to the drive from my other Windows partition as well as access to everything from my Linux partition too.
 
Why? If you know anything about computers you always have the option of wiping everything and starting from scratch. No reason to buy a new one at all.
 
Completely unrelated, but fun.

screenshot desktop, save as wallpaper. Delete all icons. Laugh at people profit. It's been a while, but I'm sure it's still fun
 
If you have any icons on the desktop that are actually document files and shortcuts, make sure you don't clear out the recycle bin or else you could be seriously screwed.

And to people who say buy a new computer, you must be seriously lacking in computer skills. Catch up to the rest of the world!
 
You must log in or register to reply here.
Back
Top