Repairing Windows after Malware removal

One of my client's called up with an infected system. I dont have physcial access to this machine, so safe mode is out of the question.

Although the malware seems to be removed, some of the symptoms remain. So far I have found:

Start menu is completely empty, even on the right hand side.
Cannot browse any disks. C: drive shows as empty through explorer and through cmd (dir)

You can start programs by cmd though if you know the path. I.E I can type cd c:\pro <tab> and it will auto-resolve program files. This was I am able to start programs directly.

I am able to search for programs in the Start Menu search bar.

System Restore is turned off (I think malware done it, as I've never manually turned it off and the user wouldnt know how to).

Any ideas on how to restore?
LVL 1
hongeditAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

hongeditAuthor Commented:
Superantispyware Log attached

Running 2nd scan now. SUPERAntiSpyware-Scan-Log---01-0.log
0
jcimarronCommented:
hongedit--Not sure what you hope to restore to, but a Repair Install should result in a working PC.
http://www.sevenforums.com/tutorials/3413-repair-install.html
It should not affect personal data or installed data unless the malware hosed them.
0
Run5kCommented:
There are some standard "best practices" to follow that should be able to get that machine working again.  Essentially, it sounds like the malware flagged several things as hidden.  Some malware will flag your personal data files as hidden in an attempt to hold them hostage and get you to pay for their fix. After the malware scans have finished and you are reasonably confident that the operating system is clean again, try running the Unhide utility. It was written by a Microsoft MVP, and it is specifically designed to reset all of your files & folders to their default status: your personal data should be visible, while the critical system files will remain hidden.

Unhide.exe - Download
http://download.bleepingcomputer.com/grinler/unhide.exe

Unhide.exe - Tutorial
http://www.bleepingcomputer.com/forums/topic405109.html

Additionally, take a few minutes to read through this article written by Younghv, one of the Experts Exchange community's very best malware removal/recovery specialists:

Stop the Bleeding: First Aid for Malware

0
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

hongeditAuthor Commented:
I found a usefukl link:

http://download.bleepingcomputer.com/grinler/unhide.exe

This has brought the old desktop back and also the Start Menu for All Programs.

However the right hand side (Computer, Control Panel etc) bit is still blank.
0
hongeditAuthor Commented:
Aha, missed your post but led to same place.

However some icons still missing.
0
hongeditAuthor Commented:
Thanks
0
Thomas Zucker-ScharffSolution GuideCommented:
I would also suggest this excellent article by younghv on Malware fighting Best Practices.
0
rpggamergirlCommented:
Try the steps suggested for the missing startmenu icons:
Did you run any scanners that empty your temp folders? that could be why unhide.exe didn't work fully. Let us know if you run CCleaner or any temp folder cleaners.

Desktop icons missing - Empty Programs files
http://www.experts-exchange.com/A_6209.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Anuj BhatiaDirectorCommented:
Hey Budd,

I am assuming you are running Windows 7 , if that is rght then you can open Task bar and Start Menu Properties and then click on Start Menu -> Customize then select Use Default Settings on the left and if that fixes the issue .

Keep me posted.

Thanks.
Anuj
0
hongeditAuthor Commented:
Just trying to arrange access to PC again, will keep you all posted.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.