missing folder options and run command

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by sandy63, Apr 11, 2008.

  1. sandy63

    sandy63 Private E-2

    Hi all,

    I'm using XP.

    My run command doesn't show on the start menu. I have already tried editing the gpedit.msc, the taskbar and start menu, and the HKEY_CURRENT_USER, and still no go.

    The same thing with the folder options in the tools menu of the explorer. I have already tried the kelly's korner reg file, edited the HKEY_CURRENT_USER explorer, windows+e, and still nothing.

    I think my PC may be infected by malware or virus. I have followed your Malware Removal Guide as much as I can. Except for the steps that required the use of run command and folder options (combofix, MGTools, etc. for obvious reasons). Additionally, I cleaned my PC of viruses and malware, etc., using AVG, S&D, Trend Housecall online scanning. And still, I can't find my folder options and run command.

    I haven't tried HijackThis yet. Should I?

    Thanks in advance,

    Sandy
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Are you saying you have already done this? http://support.microsoft.com/kb/275260

    This really does not sound like malware.

    You do not need the Run command box to run the READ ME. Please complete all of the steps in the READ ME and attach the requested logs. Don't worry about folder options if you cannot set them. Only attach what we ask you to attach.
     
  3. sandy63

    sandy63 Private E-2

    Yes. That's the first thing I read and did. Problem is, there is no "display run" in the menu.

    Oh, ok. I thought running the READ ME without going through step # 2 "Enable viewing of hidden files, system files and file extensions" would be a problem. I'll get to it then.

    Thank you chaslang,

    Sandy
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Sorry that link was really for Win ME. For Win XP it actually says Run command and is right under Printers and Faxes

    If you hold down the Windows key and also press r ( winkey+r ), does the Run box come up or do you get an error message.


    MGtools will attempt to automatically set them correctly for you anyway.
     
  5. sandy63

    sandy63 Private E-2

    Hi chaslang,

    First, the good news: somehow after running combofix, my missing run command and folder option re-appeared :D:D:D Nevertheless, I'm attaching the log files you required in READ ME just in case.

    However, when I ran the combofix, I was not able to do this step:

    I tried both the left- and right- clicks on the combofix button but there is no "start" or "run". The prog just starts scanning whichever click I use. Hence, the combofix log is the product of this situation.

    At any rate, thank you very much for your help, and more power to you and the MajorGeeks!

    Sandy
     

    Attached Files:

  6. sandy63

    sandy63 Private E-2

    one more ;)
     

    Attached Files:

  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Those are instructions for running ComboFix from by using the Windows Start button on your Taskar and the Run box (which you could not do before since Run did not appear) they are not part of ComboFix itself. The instructions showed you a snapshot of the run box.

    Your logs are clean but you just need to do the below.


    Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.

    If you are not having any other malware problems, it is time to do our final steps:
    1. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop & renamed it like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\cf" /u
        • Notes: The space between the cf" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\cf folder from combofix.
    2. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    3. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    4. If you are running Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    5. After doing the above, you should work thru the below link:
     
  8. sandy63

    sandy63 Private E-2

    Hi chaslang,

    Yes, I received a success message after adding the fixme.reg to the registry. Just out of curiosity, what's that for?

    I followed the final steps without any problems except uninstalling the combofix. Step # 2 didn't work; it says that it can't find the combofix on my desktop (but it's there!). I deleted the red combofix button from my desktop, anyway. I can't find the C:\cf folder from combofix, either. I hope that isn't a big problem.

    Thank you once again. :celebrate

    Sandy
     
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    To remove some unnecessary keys from using MSconfig, from malware, and some items that ComboFix added to your registry and would not remove upon uninstalling.

    Step # 2 didn't work; it says that it can't find the combofix on my desktop (but it's there!). I deleted the red combofix button from my desktop, anyway. I can't find the C:\cf folder from combofix, either. I hope that isn't a big problem. [/quote]Most likely because you did not name it properly. You had

    C:\Documents and Settings\Elmer\Desktop\cf.exe.exe

    Instead of C:\Documents and Settings\Elmer\Desktop\cf.exe

    But also your last MGlogs.zip file did not show cf.exe on your Desktop at all.

    Delete the below file and folder if still present:
    Code:
    "C:\"
    combofix.txt  Apr 12 2008       10941  "ComboFix.txt"
    QOOBOX        Apr 12 2008              "QooBox"
    Also delete the below improperly named folder copies of MGtools.exe. At least I assume that is what you did. If these are not from MGtools what are they.
    Code:
    "C:\"
    CMGTOOLS.EXE  Apr 12 2008              "CMGtools.exe"
     
    "C:\WINDOWS\"
    CMGTOOLS.EXE  Mar 24 2008              "CMGtools.exe"
     
  10. sandy63

    sandy63 Private E-2

    Hi there,

    I deleted all the files you mentioned. After that, I made a few repetitive searches just to make sure. They're all gone.

    Is it done?

    Thank you, thank you, thank you!!!! :D

    Sandy
     
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds