Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Malware Simulates Hard Drive Failure

Posted by timothy on from the just-a-healthy-reminder dept.

An anonymous reader writes "A nasty strain of malware goes beyond mere sensational alerts, it makes it seem the user's hard drive is failing. It moves files from All Users and the current Windows user's profile into a temporary location, making it appear as though problems with the hard drive are causing files to disappear. It also disables a user's ability to change wallpaper images and sets registry keys to hide certain icons — giving the impression that programs are going missing as well. Of course, it's all done in an attempt to get people to buy the software that will fix it."

8 of 294 comments (clear)

  1. Hey buddy! by MrEricSir · · Score: 4, Funny

    Nice computer you got there. Would be a shame if anything were to happen to it. My buddy Vinny here, he sells "protection" against these kinds of problems. You pay every week, and there ain't gonna be no problems, capiche?

    --
    There's no -1 for "I don't get it."
    1. Re:Hey buddy! by ozmanjusri · · Score: 5, Funny

      what do you mean "Windows"?

      "Windows" is a computer operating system used by many people, most often without the owner's permission.

      --
      "I've got more toys than Teruhisa Kitahara."
  2. The Game of Catchup by MightyMartian · · Score: 4, Insightful

    Had this one get on one the computers I administer. Managed to poison the profile and for a brief while I thought the files had been deleted. Of course, I got the inevitable "isn't your AV and anti-malware software up to date", to which I responded "As much as can be, the user is relied upon not to be a simpering moron who clicks on every possible link."

    Oh, and by the way, Microsoft, your fucking browser still sucks and is still atrociously insecure. Shape up, Redmond.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
    1. Re:The Game of Catchup by Bacon+Bits · · Score: 4, Funny

      My relatives certainly seem to think they do.

      --
      The road to tyranny has always been paved with claims of necessity.
    2. Re:The Game of Catchup by hairyfeet · · Score: 4, Insightful

      You forgot the third part...spend endless hours on the forums cursing because "update foo broke my (insert device) drivers!". Seriously someone needs to hunt down Torvalds and give that sucker a good ass kicking.

      It is 2011 and he still acts like it is 1992 and the kernel is his personal playtoy. Every single decent OS, OSX, Windows, Solaris, BSD, hell even OS/2, has had driver level ABIs for a decade or more, yet Torvalds still refuses to allow this simple fix to keep from borking everything when he gets an itch to fuck with shit.

      So I'm sorry but as a retailer that step three makes it so I'm unable to sell machines with your OS, or support your OS after the sale. The annual forum hunts just suck too much of my already limited time. Fix that and the whole "software tied to which kernel your using" mess and then I'll be happy to help your OS grow in numbers, but as it is now it is better to stick with Windows, even if the occasional user stupidity manages to get through the AV (usually because they tell the AV to allow it because the malware promises them some reward for doing so) than to have the guaranteed breakdown every six damned months for the life of the machine thanks to Torvalds and his kernel fucking.

      --
      ACs don't waste your time replying, your posts are never seen by me.
  3. Re:Sounds Like System/Windows Recovery by adolf · · Score: 4, Informative

    I just cleaned this off of a computer two days ago.

    It set some registry entries values meant for maximum fuckery, marked every file on the disk that it could access as being hidden (thus even "dir" from a command line would result in "File not found,") and nuked the contents of the start menu, and did some other mean stuff.

    Malwarebytes removed it but left the registry broken (which is arguably correct behavior). I changed the registry entries by hand, and I restored the start menu from an earlier copy.

    After that, things were happy...except for a lingering, and possibly unrelated, issue with links from Google being redirected to spam. This turned out to be an infected Windows DLL, which "sfc /scannow" couldn't/didn't bother to fix. I was just about to give up on the machine for a happy time of nuke/reinstall, and another half-dozen hours of putting the machine back how it was... but then I tried combofix and the redirect problem went away, too.

    All said: While I am a little richer having fixed these problems, money is poor compensation for this sort of pain.

    I welcome the day when an affordable online service* can do incremental backups that can be used for a simple, bare-metal restore. Bandwidth isn't the issue anymore, and spinning storage is cheap; where is it?

    *: Yes, online. If it's offline, that means that folks will have to think about it on a regular basis, and it won't be done.

    --
    Kid-proof tablet..
  4. Re:False alert by LurkerXXX · · Score: 4, Insightful

    AND BACKUPS! *AND BACKUPS*!!!

    RAID is *NOT* a substitution for backups. Delete a file on the RAID and it's gone. Someone takes the machine, and it's gone.

    Backup your computer to offline media, and make sure to keep a (hopefully encrypted) copy of it at some remote location (like a family members house, work, wherever)

    RAID IS NOT A SUBSTITUTION FOR BACKUPS!

  5. Re:My end users say it was coming from MSNBC.com by Mashiki · · Score: 4, Insightful

    And sites complain when people block ads. This is of course why anyone with a brain blocks ads.

    --
    Om, nomnomnom...