Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Black Desktop, missing all icons, malware, start menu missing icons, programs all empty


  • Please log in to reply
5 replies to this topic

#1 Srcloudnine

Srcloudnine

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 07 November 2011 - 02:27 AM

Ok so i was told to make my own thread so ill try to go thoroughly through what ive done, I will keep this 100% updated %100 for anyone else searching for the similar problem. PLEASE READ 1st BEFORE TRYING ON YOUR COMPUTER, might learn from my mistakes if there is any.

Original problems
Yesterday got 21 popups saying error and would come back 5 min after you close them.
Got something saying "Remove Windows 7 Recovery" and "system scanning" wouldn't close EVER.
"User account control" kept asking for permission and i kept denying, had to quickly click off screen on a web page to get it to stop asking.
Desktop was blank and black
Start menu was empty, everything missing, task bar all unpinned also.

What ive done
Went to use advira, asked to update so i figures why not quick so it does better, well not sure if that has anything to do with it but i was unable to "system scan" yet i could still (right click a folder and scan with advira)
So i looked what to do online since all i could do was still go on line thankfully, and i found this http://malwarecrypt.com/index.php?PHPSESSID=90bf089d22c8a9369b9d7d8731e89d83&topic=61.0 basically saying to (3 - Empty Temp Storage.) so I did
Then found this place shortly after and Downloaded AVG 2012 and used it
"Object name";"C:\Users\Jeremiah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8EMY7BH9\gfwlivesetup_4d530fa3e0000001_DIR[1].exe"
Then used AVG tune up kit 2011 which in turn "fixed" 1200 files/ Also SIDE NOTE by this time my computer isnt having any more pop ups :) thankfully!!!
Then downloaded Malwarebytes' Anti-Malware and used it
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

After MBAM I still dont have anything back on my desktop(besides newly downloaded things)and still no start menu items and documents all still say empty.
I find unhide.exe and use it, also go to control panel and check UNhide all hidden folders (get a few back)
By this time i just read that i SHOULDNT have emptied my temp folders.... BLEEP ME
I go back and do a few random steps (just to try)
tdskiller.exe (nothing bad appears)
Rkill.com (nothing terminated)
I download SystemLook 64bit (posed here post#144) http://www.bleepingcomputer.com/forums/topic396978.html/page__hl__start+menu+and+folders+are+empty+windows+__st__135
Tried doing the following and i was unable to because C:\Program Data\Start Menu didnt exist and C:\Users\Jeremiah\AppData\Local\Temp\smtmp\1 all the folders are empty anyways (not sure if that matters but thought it was important)
This is what you have to do...
Copy all content of this folder:
C:\Users\Matthew\AppData\Local\Temp\smtmp\1
and paste it to this folder:
C:\Program Data\Start Menu
NOTE. "Start Menu" folder is a system folder, so in order to see it, in Windows Explorer, go Tools>Folder Options>View tab and UN-check "Hide protected operating system files"
Then...
Copy all content of this folder:
C:\Users\Matthew\AppData\Local\Temp\smtmp\4
and paste it to this folder:
C:\Program Data\Desktop
NOTE. "Desktop" is also a system folder.

Then downloaded and completed Current_User_Start_Menu.zip
Then was told to make my own thread.

Problems I still have
Have to repin everything my self (not a big deal)
Start menu is empty (on right hand side of course)
All my folders in all programs say empty when clicked on
Still missing SOME icons on desktop

-ALSO
Avira is now letting me do a system scan, as it wouldn't earlier.
Id like to know what caused this, can streaming movies from http://www.movie2k.to/ cause something like this???? or would it have to of been a download, i have downloaded probably 3 things in the past few weeks.
2ND, HOW CAN I FIND THIS DUDE WHO MAKES THIS BLEEP!!!
THANK YOU FOR EVERYTHING!!! ALMOST ALL MY PROGRESS IS BECAUSE OF THIS SITE!!! If your ever in MN and need something car related im all yours!

BC AdBot (Login to Remove)

 


#2 jennifern2213

jennifern2213

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:09:09 AM

Posted 07 November 2011 - 03:59 AM

I went through this same thing. The folders that say empty...are they light rather than normal? If so you didn't change the setting for files and folders correctly (I did the same thing at first) Open up windows explorer (my computer, etc) click on organize, then go down to folder and search options:

On the first tab (general) under navigation pane make sure "show all folders" is selected.

Then go to the next tab (view) and make sure those settings are correct, select the radio for "show hidden files, folders and drives" and make sure all your other settings are the way you want them.


I got mine from clicking on a link to a website I'd never gone to before and then what i thought was adobe told me that I needed to update my flash player to view the content on the page, I clicked ok and it took over my computer with the same exact things you're talking about.

#3 Srcloudnine

Srcloudnine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 07 November 2011 - 10:06 AM

All of my folders are no longer transparent, not sure what step it was to get that back but i think it was the unhide.exe that fixed it for me.
But how did you get your files to contain things again? I think since i cleared temp files that im screwed.

And i think i also did the same thing, but i cant exactly remember, but im pretty sure i was asked to update my flash player. Kinda mad at my self if that is what caused it. I would think i would of noticed it was a fake one. I can promise that i will now be going to the manufacturers web site every time to update lol. Thanks or letting me know!

#4 Srcloudnine

Srcloudnine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 07 November 2011 - 11:00 AM

Little update/find,I tried using Word to type a paper for school and when i opened word it said. Only telling you guys because maybe that give you a idea of what its doing... lol however i have no clue what macros and if they even matter.

fyi:I had to close 6 alerts, all the same.

"This error usually occurs because of macro security settings. If you know that the macro comes from a source that you trust, you can change your macro security settings to allow you to enable the macro. The way that you change your macro security settings depends on the Microsoft Office System program that you are using."


"This error may also occur for the following reasons:
The certificate of trust that is attached to the macro is invalid. Unless you are certain that the macro is safe, it is recommended that you not trust or run the macro.
The certificate is no longer trusted, was revoked by the issuing authority, or is damaged. Unless you are certain that the macro is safe, it is recommended that you not trust or run the macro.
Visual Basic for Applications (VBA) is not installed on your computer. In this case, no VBA macro can be run, regardless of whether the macro has a valid certificate of trust. You or your administrator may have chosen not to install VBA, or the version of Microsoft Office that you are using may not install VBA by default. If your version of Microsoft Office does not provide VBA as an installable feature, you can upgrade to a version that provides VBA support.
If you are unable to change the security settings, it is possible that another program has locked the security settings. Close all Microsoft Office System programs, then restart your program and change the security settings."

#5 Sonic98

Sonic98

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 07 November 2011 - 02:16 PM

Someone gave a unit with the System Restore virus. Even after cleaning wit with Malwarebytes, I still could not do most of the steps for removing it or in the pre-Malwarebytes thread: rkill, dds, unhide.exe, etc. I actually was able to complete every step after I did the windows permission fix from the command prompt using the secedit command.


http://www.bleepingcomputer.com/virus-removal/

You might want to follow the instructions here for the System Restore Virus. Also, if every program you try to run just says it can't run or it had a problem you might have a permission problem. But I did all the steps in the guide for the removal of my virus, and right now I'm just waiting for my logs to be reviewed to see what else could have piggy-backed with it or was left around still doing damage because I'm still only able to browse with firefox, unable to enable windows fireall, and get redirects.

#6 Srcloudnine

Srcloudnine
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 08 November 2011 - 06:00 AM

Still need help, :/ cant seem to get my start menu or all program document files, they still all say empty. And word is acting weird saying marcos are disabled




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users