Repairing Windows after Malware removal

One of my client's called up with an infected system. I dont have physcial access to this machine, so safe mode is out of the question.

Although the malware seems to be removed, some of the symptoms remain. So far I have found:

Start menu is completely empty, even on the right hand side.
Cannot browse any disks. C: drive shows as empty through explorer and through cmd (dir)

You can start programs by cmd though if you know the path. I.E I can type cd c:\pro <tab> and it will auto-resolve program files. This was I am able to start programs directly.

I am able to search for programs in the Start Menu search bar.

System Restore is turned off (I think malware done it, as I've never manually turned it off and the user wouldnt know how to).

Any ideas on how to restore?
LVL 1
hongeditAsked:
Who is Participating?
 
rpggamergirlCommented:
Try the steps suggested for the missing startmenu icons:
Did you run any scanners that empty your temp folders? that could be why unhide.exe didn't work fully. Let us know if you run CCleaner or any temp folder cleaners.

Desktop icons missing - Empty Programs files
http://www.experts-exchange.com/A_6209.html
0
 
hongeditAuthor Commented:
Superantispyware Log attached

Running 2nd scan now. SUPERAntiSpyware-Scan-Log---01-0.log
0
 
jcimarronCommented:
hongedit--Not sure what you hope to restore to, but a Repair Install should result in a working PC.
http://www.sevenforums.com/tutorials/3413-repair-install.html
It should not affect personal data or installed data unless the malware hosed them.
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Run5kCommented:
There are some standard "best practices" to follow that should be able to get that machine working again.  Essentially, it sounds like the malware flagged several things as hidden.  Some malware will flag your personal data files as hidden in an attempt to hold them hostage and get you to pay for their fix. After the malware scans have finished and you are reasonably confident that the operating system is clean again, try running the Unhide utility. It was written by a Microsoft MVP, and it is specifically designed to reset all of your files & folders to their default status: your personal data should be visible, while the critical system files will remain hidden.

Unhide.exe - Download
http://download.bleepingcomputer.com/grinler/unhide.exe

Unhide.exe - Tutorial
http://www.bleepingcomputer.com/forums/topic405109.html

Additionally, take a few minutes to read through this article written by Younghv, one of the Experts Exchange community's very best malware removal/recovery specialists:

Stop the Bleeding: First Aid for Malware

0
 
hongeditAuthor Commented:
I found a usefukl link:

http://download.bleepingcomputer.com/grinler/unhide.exe

This has brought the old desktop back and also the Start Menu for All Programs.

However the right hand side (Computer, Control Panel etc) bit is still blank.
0
 
hongeditAuthor Commented:
Aha, missed your post but led to same place.

However some icons still missing.
0
 
hongeditAuthor Commented:
Thanks
0
 
Thomas Zucker-ScharffSystems AnalystCommented:
I would also suggest this excellent article by younghv on Malware fighting Best Practices.
0
 
Anuj BhatiaDirectorCommented:
Hey Budd,

I am assuming you are running Windows 7 , if that is rght then you can open Task bar and Start Menu Properties and then click on Start Menu -> Customize then select Use Default Settings on the left and if that fixes the issue .

Keep me posted.

Thanks.
Anuj
0
 
hongeditAuthor Commented:
Just trying to arrange access to PC again, will keep you all posted.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.