Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

removed "security check " malware .start up program list remains empty


  • Please log in to reply
12 replies to this topic

#1 whogordon

whogordon

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 26 January 2012 - 09:54 PM

i ran unhide.exe(with avg 2012 firewall and antivirus disabled) ,restore administrative tools,restore accessories group, .also tried to repair by typing in "run" field
cmd ,and then
cd \ and then
attrib -h /s /d .
I did the above last step after disabling my fire wall and antivirus within my avg 2012 antivirus program and still no luck. i have also tried to restore my computer to an earlier date with a system restore (a date that is prior to a restore point on the day i got the malware )but system restore said it could not restore it to those dates? I followed these instructions step by step to remove the "system check "malware prior to trying to repair my start menu "empty program ,problem. http://www.bleepingcomputer.com/virus-removal/remove-system-check
Also downloaded apppaths but interface looks different than instructional on this site ,not sure if instructional i saw here was for xp or just vista OS only/so i did not attempt to do it manually with apppaths..fyi

i have now ran system look and here is post of that log .

SystemLook 30.07.11 by jpshortstuff
Log created at 21:15 on 26/01/2012 by Ben
Administrator - Elevation successful

========== dir ==========

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp - Parameters: "/s"

---Files---
None found.

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Accessibility d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Communications d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Entertainment d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\System Tools d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Windows PowerShell d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Administrative Tools d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Advanced SystemCare 5 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\AVG 2012 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\CCleaner d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Dell Accessories d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Dell Printers d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Dell Printers\Dell Photo AIO Printer 922 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Games d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\iWin Games d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Java Web Start d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\QuoteTracker d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Real d------ [02:23 24/01/2012]
RealPlayer.lnk --a---- 765 bytes [02:10 24/01/2012] [02:10 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Revo Uninstaller Pro d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\SpywareBlaster d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Startup d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\SUPERAntiSpyware d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\TradeLog d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\UltraDefrag d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\UltraDefrag\Documentation d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\UltraISO d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Uniblue d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Windows PowerShell 1.0 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\2 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\4 d------ [02:23 24/01/2012]

-= EOF =-

thank you for anticipated help :)

Edited by whogordon, 26 January 2012 - 10:00 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:17 PM

Posted 26 January 2012 - 10:04 PM

Hello and welcome ..This will restore the default start menu that came with Windows

Windows XP Pro 32-bit US English
http://download.bleepingcomputer.com/grinler/fakehdd/winxp-pro-32bit-sm-reset.exe
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:17 PM

Posted 26 January 2012 - 10:04 PM

Copy the entire content of this folder:

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1

and paste it to this folder:

C:\Documents and Settings\All Users\Start Menu

Click YES when it asks for replacing

good luck

#4 whogordon

whogordon
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 26 January 2012 - 10:54 PM

boopme, i ran that and it did not work? nothing changed
narenxp i also tried that and programs in start up menu still remain empty? narenxp i know how to copy and paste yes but do i right click on the folder that says "programs" and copy and then where exactly do i paste it too?the folders here are also showing empty (C:\Documents and Settings\Ben\Local Settings\temp\smtmp\1\Programs)

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:17 PM

Posted 26 January 2012 - 11:14 PM

the folders here are also showing empty (C:\Documents and Settings\Ben\Local Settings\temp\smtmp\1\Programs)

You're logs shows that they are not empty

I want you to check it again,can you rerun SYSTEM LOOK and post the new log

#6 whogordon

whogordon
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 26 January 2012 - 11:25 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 23:23 on 26/01/2012 by Ben
Administrator - Elevation successful

========== dir ==========

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp - Parameters: "/s"

---Files---
None found.

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Accessibility d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Communications d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Entertainment d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\System Tools d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Accessories\Windows PowerShell d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Administrative Tools d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Advanced SystemCare 5 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\AVG 2012 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\CCleaner d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Dell Accessories d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Dell Printers d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Dell Printers\Dell Photo AIO Printer 922 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Games d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\iWin Games d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Java Web Start d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\QuoteTracker d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Real d------ [02:23 24/01/2012]
RealPlayer.lnk --a---- 765 bytes [02:10 24/01/2012] [02:10 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Revo Uninstaller Pro d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\SpywareBlaster d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Startup d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\SUPERAntiSpyware d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\TradeLog d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\UltraDefrag d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\UltraDefrag\Documentation d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\UltraISO d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Uniblue d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs\Windows PowerShell 1.0 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\2 d------ [02:23 24/01/2012]

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\4 d------ [02:23 24/01/2012]


here is the log of the re run.when i hold my mouse over one of the folders avg2012 or superantispyware for examples it says "folder is empty" ? strange tried to send screen shot but denied said file was to big??

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:17 PM

Posted 26 January 2012 - 11:35 PM

over one of the folders avg2012 or superantispyware for examples it says "folder is empty"

Ignore it for now

Copy the contents of

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs (skip avg and SAS)

and paste it in

C:\Documents and Settings\All Users\Start Menu\programs

if it asks for replace,click YES

let me know how it went

#8 whogordon

whogordon
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 26 January 2012 - 11:43 PM

i did it nochange? just so i am clear and doing it right i am right clicking on the actual folder that says progrrams and copying it then i am right clicking on the actual folder that says programs in the second path and pasting ?i think that is corect?

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:17 PM

Posted 27 January 2012 - 12:05 AM

Navigate to this path

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs

Double click on programs folder,you should find all the contents

Press Ctrl+A and select all(may be you can skip avg and SAS if you receive errors)

Now navigate to this path

C:\Documents and Settings\All Users\Start Menu\programs

Double click on programs folder

Right click -Select- paste option

If it asks for replace,click YES

There are two issues now

is your STARTMENU and startmenu programs both look empty?

When i say STARTMENU ,i mean the rectangle box,that comes up when we click the START BUTTON

when i say STARTMENU programs,i mean the programs that comes up when we click ALL programs


If you follow my instructions,you should have your startmenu programs back
Regarding STARTMENU ,for XP ,usually unhide fix should bring back your startmenu icons but if you still have your STARTMENU empty,let me know

#10 whogordon

whogordon
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 27 January 2012 - 12:22 AM

my start menu is there. my start menu programs lists all the programs but the side bar/box that opens to the right when over the start memnu program re: superantispyware is listed as empty so i cant start the program(s) avg and superantispyware are not particularly giving me problems specifically .others are listed as empty in the start menu programs as well dell accessories, tradelog ,java webstart ,i wingames, ccleaner etc etc....

followed your last instruction and still the same ....

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:17 PM

Posted 27 January 2012 - 12:32 AM

I can understand your issue

so i cant start the program(s) avg and superantispyware are not particularly giving me problems specifically .others are listed as empty in the start menu programs


I want you to browse through the specific folders here

C:\DOCUME~1\Ben\LOCALS~1\Temp\smtmp\1\Programs

Can you find icons related to AVG and super antispyware?


Probably you're having the folders alone.In that case we can't recover those icons.

Edited by narenxp, 27 January 2012 - 12:33 AM.


#12 whogordon

whogordon
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 27 January 2012 - 01:16 AM

when i click on the folders avg and super anti spyware the folders are empty so no, no icons there but also in that same place quotetracker and advancedsystemcare5 and ccleaner folders are empty also(no icons) but i can run ccleaner from the icon on my desktop?so that program is installed somewhere.advancedsystemcare runs fine perhaps cuz it is programmed to run on startup but the folder is empty in that same path. avg folder is empty
but that seems to run fine on startup(set to run on startup) and activate its components? any programs i installed after removal of "system check "malware run fine and are not listed as empty in the start menu programs list/ i know prolly more confusing than anything ? for instance if superantispyware is probably still installed how can i get it to run manually ?

Edited by whogordon, 27 January 2012 - 01:19 AM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:17 PM

Posted 27 January 2012 - 02:19 AM

Browse to


C:Program files folder

You can find installed files of all the programs including avg,sas ,advanced system care.You can create a shortcut to desktop.

It is not necessary that you need to start it from startmenu.

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users