Please remember that EVERYTHING (even files that are meant to be hidden) will be unhidden, so after your missing programs are showing, please rehide your Protected System Files.
To do this in Windows XP: Go to Start>Search and at the top select Tools>Folder Options Select the View tab Display the contents of system folders Show hidden files and folders Check: Hide protected operating system files Click on Apply.
I think that he is missing the shortcut icons in the starting menu.
Yes, I understand that, but I need to know WHAT steps were taken to remove the infection. There is a variant that moves those shortcuts to another directory, but if the wrong removal procedure is used, the system will have no way to get them back.
I used a combination of Malware Bytes and ADAware. I am not sure which of them actually removed it. I did nothing manually and these were both run in safe mode. This has affected all of the profiles on my PC, three of them.
It is Start>All Programs>Ad Aware > Nothing, or Start>All Programs> Microsoft Office>Microsoft Office Tools>nothing. I can see what programs I have installed but no way to launch them.
Sorry about that, but bugbatter´s post about unhide protected system files thru me off and it was I who did not know about a variant which moves those shortcuts to another directory.
Bugbatter is the best. Listen to her. She must be busy. Wait for her answers
Sorry BB I should know better.:emotion-16:
Still one of my question is valid. Do you have those missing programs (icons) from starting menu in your C:\ program files? and if so, can you implement them from there? ie. double click Ad Aware.exe. It would be a great help if you can see what was what AdAware cleaned and posted it here.
I'm going to send you for a diagnostic tool. After you run it and post on the Malware Removal forum we will know more. ** There is a list of trained analysts at the top of that board in the Announcements. If someone else replies, it will be your decision whether or not you want to take advice from them.
Please download HJT Installer from Here to your desktop. Click the Download button.
When the Trend Micro HJT install box appears, double click on the HJTInstall.exe. Click on Install.
It will be installed by default here: C:\Program Files\Trend Micro\HijackThis A shortcut to the application will also be placed on your Desktop.
The program will open automatically after installation.
You can double-click the icon that was placed on the Desktop to run subsequent HijackThis scans or you can use the icon inside the folder. The folder HijackThis is where you will find the HJT logs that you save. When you use the application to remove anything, you will also find the backup copies made by HJT inside this folder.
Close all open windows except HijackThis. Click on "Do a system scan and save logfile" When the log pops up in Notepad copy and paste that file as a NEW THREAD on the HijackThis Board.
Posting Your Log:
1. Just click the New Post button (upper right) in the Malware Removal forum here:
2. Do not use the Quick Reply. Please use the Rich Text Editor. In order to post your log, simply Right-Click and select Paste.
3. Please add text to describe your symptoms.
4. Include in the message subject line a description of your problem. For example, "Popups warning of infection", "Programs Missing In Start Menu", etc..
5. Make certain you post the entire log by clicking the Preview Post tab at the top of the window and comparing it to the log from your scan before you click Post.
* DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or required.
I have the same issue that the other person is having. Have already ran ComboFix/Malwarebytes; found infections removed them. Ran HijackThis and didn't find any suspicous.
It may be too late. It is possible that your temporary folders were cleaned out by one or both of the scans that you ran, thus the shortcuts from your Start Menu are gone. Who told you to run ComboFix? Someone trained in its use would know the correct procedure for cleaning this type of malware. Didn't you read the warning when you opened ComboFix?
I never did figure out what was wrong. I think some of it may have been self inflicted. Check out the link below. It has some small utilities that will restore a lot of what you are missing.
Check out the link below. It has some small utilities that will restore a lot of what you are missing.
There are only two utilities in that discussion that might be used in this case. Please get an accurate diagnosis FIRST and do not randomly run any of these unless you know what you are doing or you could make things worse.
I strongly suggest posting a diagnostic log using HijackThis or DDS at SpywareHammer. Instructions on that site will explain how to do that.
pab61_10, I know that you are only trying to help, but because there are products on that site that are for sale, your sending another member there for random tools could be considered by Dell to be spam.
Bugbatter
3 Apprentice
•
20.5K Posts
1
June 6th, 2011 11:00
Try running Unhide: http://download.bleepingcomputer.com/grinler/unhide.exe
Please remember that EVERYTHING (even files that are meant to be hidden) will be unhidden, so after your missing programs are showing, please rehide your Protected System Files.
To do this in Windows XP: Go to Start>Search and at the top select Tools>Folder Options
Select the View tab
Display the contents of system folders
Show hidden files and folders
Check: Hide protected operating system files
Click on Apply.
See if this helps.
pab61_10
1 Rookie
•
16 Posts
0
June 6th, 2011 12:00
That didn't work. Everything looks just like it did before I ran unhide.
Bugbatter
3 Apprentice
•
20.5K Posts
0
June 6th, 2011 15:00
What procedure did you use for removing the malware?
iroc9555
2 Intern
•
1K Posts
0
June 6th, 2011 16:00
BB.
I think that he is missing the shortcut icons in the starting menu.
"C:\Documents and Settings\(user)\Starting Menu\Programs".
When he clicks Start > All Programs > ZIP = nothing because the shortcut is gone.
Now, do you have ZIP in C:\Program Files\ZIP (a bunch of files in that folder including zip.exe)?
Just asking.
Bugbatter
3 Apprentice
•
20.5K Posts
0
June 6th, 2011 19:00
pab61_10
1 Rookie
•
16 Posts
0
June 6th, 2011 19:00
I used a combination of Malware Bytes and ADAware. I am not sure which of them actually removed it. I did nothing manually and these were both run in safe mode. This has affected all of the profiles on my PC, three of them.
pab61_10
1 Rookie
•
16 Posts
0
June 6th, 2011 20:00
It isn't Start>All Programs> nothing.
It is Start>All Programs>Ad Aware > Nothing, or Start>All Programs> Microsoft Office>Microsoft Office Tools>nothing. I can see what programs I have installed but no way to launch them.
iroc9555
2 Intern
•
1K Posts
0
June 7th, 2011 12:00
PAB61_10
Sorry about that, but bugbatter´s post about unhide protected system files thru me off and it was I who did not know about a variant which moves those shortcuts to another directory.
Bugbatter is the best. Listen to her. She must be busy. Wait for her answers
Sorry BB I should know better.:emotion-16:
Still one of my question is valid. Do you have those missing programs (icons) from starting menu in your C:\ program files? and if so, can you implement them from there? ie. double click Ad Aware.exe. It would be a great help if you can see what was what AdAware cleaned and posted it here.
I never learn, shut up! Sorry again.
Bugbatter
3 Apprentice
•
20.5K Posts
0
June 7th, 2011 22:00
I'm going to send you for a diagnostic tool. After you run it and post on the Malware Removal forum we will know more. ** There is a list of trained analysts at the top of that board in the Announcements. If someone else replies, it will be your decision whether or not you want to take advice from them.
Please download HJT Installer from Here to your desktop. Click the Download button.
When the Trend Micro HJT install box appears, double click on the HJTInstall.exe. Click on Install.
It will be installed by default here: C:\Program Files\Trend Micro\HijackThis A shortcut to the application will also be placed on your Desktop.
The program will open automatically after installation.
You can double-click the icon that was placed on the Desktop to run subsequent HijackThis scans or you can use the icon inside the folder. The folder HijackThis is where you will find the HJT logs that you save. When you use the application to remove anything, you will also find the backup copies made by HJT inside this folder.
Close all open windows except HijackThis. Click on "Do a system scan and save logfile" When the log pops up in Notepad copy and paste that file as a NEW THREAD on the HijackThis Board.
Posting Your Log:
1. Just click the New Post button (upper right) in the Malware Removal forum here:
http://en.community.dell.com/forums/3521.aspx to start your own message topic requesting assistance.
2. Do not use the Quick Reply. Please use the Rich Text Editor. In order to post your log, simply Right-Click and select Paste.
3. Please add text to describe your symptoms.
4. Include in the message subject line a description of your problem. For example, "Popups warning of infection", "Programs Missing In Start Menu", etc..
5. Make certain you post the entire log by clicking the Preview Post tab at the top of the window and comparing it to the log from your scan before you click Post.
* DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or required.
emiliecathey
3 Posts
0
December 8th, 2011 14:00
I have the same issue that the other person is having. Have already ran ComboFix/Malwarebytes; found infections removed them. Ran HijackThis and didn't find any suspicous.
What other suggestions do you have?
Bugbatter
3 Apprentice
•
20.5K Posts
0
December 8th, 2011 14:00
It may be too late. It is possible that your temporary folders were cleaned out by one or both of the scans that you ran, thus the shortcuts from your Start Menu are gone. Who told you to run ComboFix? Someone trained in its use would know the correct procedure for cleaning this type of malware. Didn't you read the warning when you opened ComboFix?
pab61_10
1 Rookie
•
16 Posts
0
December 9th, 2011 05:00
I never did figure out what was wrong. I think some of it may have been self inflicted. Check out the link below. It has some small utilities that will restore a lot of what you are missing.
http://www.bleepingcomputer.com/forums/topic405109.html
Bugbatter
3 Apprentice
•
20.5K Posts
0
December 9th, 2011 07:00
I strongly suggest posting a diagnostic log using HijackThis or DDS at SpywareHammer. Instructions on that site will explain how to do that.
pab61_10, I know that you are only trying to help, but because there are products on that site that are for sale, your sending another member there for random tools could be considered by Dell to be spam.