[Info] System control panel - Threatware

By AlbertLionheart
Nov 1, 2011
  1. I can't believe I am thr first to find this but searches have found no other references to it.
    A dialogue box titled System Control Panel opens after boot and displays an error message reporting the following:
    Critical errors on hard drive
    Hard drive Clusters damaged
    Critical errors in RAM
    Critical errors in system
    RAM overheating (85 deg C)
    RAM resources reported as very low
    and denies access to the desktop until you run the diagnostic report tool which, in my case, cound 4 HDD errors, 4 RAM errors and 3 system errors.
    It then opens a dialogue report for each error - in my case 11 reports.
    All the various dialogue boxes can be closed - but they will reappear as soon as there is any attempt to open a program.
    The threatware alko does the following:
    Denies access to task manager and regedit. msconfig will run.
    Clears all items from the menu lists
    Clears all icons and images from the desktop
    Changes all file attributes to system and hidden, including the contents of the user's library folders (documents, pictures, etc etc)

    I found the offending program file - random character filename - in the program data file once I had identified it in msconfig as the latest addition. Once the msconfig reference was removed and the file deleted the system was clear on a reboot. I removed the reference in the registry as well once I had access to it.
    However, the program left permanent damage as follows:
    All icons and shortcuts removed
    All menu items removed
    Previous menu items (such as in the run command) no longer drop down

    Anyone else come across this one?
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    You're not the first to see this. There is group of rogue programs that do just this. The intent is to make the user think he must click on their link to fix all the trumped up alerts and critical errors> all of which are manufactured by the malware.

    The accompanying feature is using the 'hide' attributes to make programs, files, icons and the link "go missing."!

    One of the most recent of these types of programs is calling itself "System Restore."

    Peruse our threads here. You will see many of this type of malware> the name may be different but the program is not>>>

    TechSpot:
    2008 http://www.techspot.com/vb/topic103468.html.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.