Jump to content

Drive names within Explorer completely changed, crashes the moment you


Corran

Recommended Posts

This is so weird, see the screenshot.

b406a94dab4b5ce9cfdf4f8fa815ec4a.png

This happened after booting up my pc today (running XP Pro SP3).

I had a malware infection days ago and removed it almost completely (apart from random tabs popping up in Firefox).

Last night I ran O&O Defrag and it finished without any problems or errors.

I shut down the pc and then this morning I hung at startup.

Safe mode hung at mup.sys and after some Googling I managed to 'fix' it by copying over the original registry (as detailed here: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q307545).

Obviously that got me back to how Windows was just after the original install in 2007.

So I restored the backup of the registry I made just days ago.

This fixed everything but gave me this really weird thing in Explorer.

Even though the names are wrong I can still click the C: drive and see all my files and folders.

I can enter any folder but the moment I double click a file it will open the file in the associated program and crash explorer at the same time.

I hope someone has a solution for this!

Link to comment
Share on other sites


Seems to me your pc is still infected.

A while ago I had an infection on my USB-stick and it showed also those strange 'chinese-letters'.

I unplugged it, plugged it in again and it wasn't recognised anymore -> USB-stick death.

I would backup all important files and do a new installation.

Or maybe, if you haven't done already, install 'Malwarebytes' and do a full scan to check for malware.

Greetz, DJPro

Link to comment
Share on other sites

Actually, I notice "DeskMovrW" in the iframe properties that are displayed on your "My Computer" icon. That's actually one of the things you find on an infected machine where the default .htt file has been modified with one of the viruses/malware out there that replaces desktop contents with rotating porn pictures on the desktop and in the Explorer interface (no kidding, really).

I'm with DJPro, you probably need to take this offline and clean it, or just admit that the infection has broken things and start over. Once a machine has been compromised, you can't really ever be 100% certain it's completely healed in the future anyway without starting over.

Link to comment
Share on other sites

I Googled the DeskMovrW too and found it to be part of some malware that changes the Active Desktop. However, the first thing I did after installing Windows (back in 2007) was disable active Desktop. It is still disabled and obviously not the cause of this.

I'm thinking some files have gotten mixed up (by O&O or whatever) so I hope anyone knows what files to restore to fix this.

Link to comment
Share on other sites

No, but the fact it's on your machine is indication of an infection or attack that succeeded in getting it's payload on your machine. It's not *able* to do what it wants, but it *did* get on the box. Your machine was compromised by this at the least, and who knows what else. Are you *sure* it's clean? Also, restoring registry without restoring a backup from the same time is usually not a good idea.

Link to comment
Share on other sites

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...