geronimo Posted November 21, 2011 ID:496741 Share Posted November 21, 2011 I recently contracted a fake malware that hi-jacked my PC. The wallpaper turned black and all my desktop program icons were missing, except for my personal folder, computer, and recycle bin. There was a rapid fire fanfold of placards on the screen which I failed to read, since I immediately shutdown my PC. I restarted in safe mode and ran a Malwarebytes scan through "Computer", sine all my program start folders were empty. Malwarebytes removed the fake trojan and my pc restarted normally. I had to "unhide" my program folders thru folder properties, but my destop and quick launch icons were still missing and start menu folders were still empty. Reading other posts on this forum, I suspect that that the hi-jacker stored the missing item folders in a temp folder. Unfortunately, I have cleaner program that deletes temp files, empties caches, and orphaned files. I had to re-format. If I were to contract this type of file hiding hi-jacker again, how would I restore the missing items without reformatting? I'm running windows 7. Link to post Share on other sites More sharing options...
Staff screen317 Posted November 27, 2011 Staff ID:498463 Share Posted November 27, 2011 Hi and welcome to Malwarebytes.If you clean your temp files after the folders are moved, then you wont be able to recover them. Better to protect against the trojan in general.I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:Green to go Yellow for caution Red to stop WOT has an addon available for both Firefox and IE.5) Be sure to update your Antivirus and Antispyware programs often!Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?Safe surfing,-screen317 Link to post Share on other sites More sharing options...
geronimo Posted December 6, 2011 Author ID:501733 Share Posted December 6, 2011 I have both Malwarebytes' Anti-malware Pro and Microsoft Security Essentials activated. All exe. and sys. files have been added to the exclusion modules. So far, I haven't experienced any system ill effects, and most important, all system crippling rogues have been blocked or quarrantined. Link to post Share on other sites More sharing options...
Staff screen317 Posted December 13, 2011 Staff ID:504314 Share Posted December 13, 2011 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts