Windows God Mode hack may attract malware attackers

By: Vamien McKalin
2 minute read

There’s a Windows hack going around known as God Mode and at first glance, one could easily believe it to allow hackers completely command over a computer. However,this is not the case as God Mode only makes it possible for hackers to command Control Panel options and Settings.

That doesn’t mean the God Mode hack isn’t a problem, though: security researchers have claimed to have used the hack to create a special folder to gain access to the Control Panel and all its features, something that could be exploited by malware.

While we didn’t take this thing too seriously before, this changes everything. According to McAfee, the God Mode easter egg is great for power users but one should bear in mind it can be used by attackers for nefarious purposes.

Should an attacker place certain files in the special folder, malware such as Dynamer could run undetected for quite some time.

McAfee researchers had the following to say via a blog post:

“It allows users to create a specially named folder that acts as a shortcut to Windows settings and special folders, such as control panels, My Computer, or the printers folder. This “God Mode” can come in handy for admins, but attackers are now using this undocumented feature for evil ends. Files placed within one of these master control panel shortcuts are not easily accessible via Windows Explorer because the folders do not open like other folders, but rather redirect the user.”

If you’re infected by Dynamer, a registry key is created and will persist even after multiple reboots. The following is what users should look for to determine if Dynamer is definitely on their system:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

lsm = C:\Users\admin\AppData\Roaming\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}\lsm.exe

To kill the problem once and for all, take the follow the steps below:

  1. First, the malware must be terminated (via Task Manager or other standard tools).
  1. Next, run this specially crafted command from the command prompt (cmd.exe):

rd “\\.\%appdata%\com4.{241D7C96-F8BF-4F85-B01F-E2B043341A4B}” /S /Q

RELATED STORIES YOU NEED TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions