Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Empty folders via 'All programs'


  • Please log in to reply
5 replies to this topic

#1 bigwhitefangs

bigwhitefangs

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:01 PM

Posted 02 July 2011 - 01:29 PM

Hi

I recently picked up the Info.exe virus. My AVG caught it but not until after it hid my desktop icons and Applications via windows "start/all programs". After searching the forums, I found reference to a application called "unhide". I downloaded and ran it. Thankfully all my desktop icons re-appeared as did the application folders via "start/all programs". Unfortunately, non of the applications appear in those folders. They all say (empty). Unhide suggested that I disable my virus scanners in case some of the files are still hidden. I went into service and disabled the AVG software and re-ran it. Still nothing. I then noticed that the AVG is somehow still running because it is in the startup. Could you direct me how to either temporarily remove AVG from the start menu or let me know if you feel there is something else going on?

Thanks

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:01 PM

Posted 02 July 2011 - 01:38 PM

You can download and run the associated AVG Removal Tool from there to temporarily remove AVG and try unhide again.

#3 thom_w

thom_w

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:01 AM

Posted 03 July 2011 - 08:11 AM

Hi I am new here but have been in the computer repair field for many years. I am a Network admin for a medium sized company and have had
4 users now this month that caught a version of fake av. I found this site helpful for removing the various strains out there but
I have the same results when trying the unhide program. It brings back all the folders and desktop items but it cannot bring back the All Programs short cuts and they display as empty. Once it worked completely over a month ago when I worked on a friends Home PC that caught a Version of Fake AV.
All his items including the All Programs came back without a problem.
The other computers are joined to our Domain and I am wondering if this is maybe the cause?
I wound up saving the users data to a flash drive, deleted the partition and reloded all the programs.
Thanks for the great tools like Rkill and Unhide along with the advice on installing Malwarebytes to rid the systems of the Malware.
With this I was always able to at least save the users data so all was not lost.

Tom

#4 bigwhitefangs

bigwhitefangs
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:01 PM

Posted 03 July 2011 - 09:53 AM

Cryptodan

Thanks for the information. I removed AVG, ran Unhide twice and rebooted. Unfortunately, it resulted in no change. The apps folders still show (empty). I of course re-installed AVG and when I did, I noticed that those apps did appear in the app folders. Any other suggestions?

Thanks

#5 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:12:01 PM

Posted 03 July 2011 - 10:49 AM

I suggest you read and follow Grinler's (site admin & unhide.exe developer) guide Unhide.exe - A introduction as to what this program does, specifically:

This infection will also delete shortcuts in various folders on your computer so that you can no longer find them pinned to the taskbar, in the quick launch, or in your Start Menu. When the infection deletes the shortcuts it will store a backup copy of them in the folder %Temp%\smtmp. Using this backup, we can then restore the files to their proper location so you can find them once again under your Start Menu and in other locations. It is very important, though, that if you are infected with this family of infections that you do not delete any of the files in your %Temp% folder and that you do not run any temp file cleaners as they will delete this backup folder. With this folder removed, we will not be able to restore the shortcuts back to their proper location.



#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:01 PM

Posted 03 July 2011 - 11:40 AM

Try running this version of Unhide.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users