|
Log in to post
|
Print Thread |
|
|
|
|
|
Off-Topic
|
Joined: Jul 2007
Posts: 1,869
Expert
|
OP
Expert
Joined: Jul 2007
Posts: 1,869 |
I was searching for last minute holidays and got a message, looking for all purposes like a genuine windows message stating that my hard disk had issues and needed repair. Foolishly I decided that this was a genuine message and allowed it through unser accounts control. Windows Security Essentials did nothing.
Some very nasty sad low life people then downloaded the "Recovery Virus" to my machine. This evil little program purports to dagnose variuos faluts on yuor machine and then tries to chrage you for the solution. I did not pay of course, but the damage its done is nasty.
I have managed to get rid of the virus, run various scans and eventually had to do a Windows Repair install.
However, when I hit Start/All Programs - al lthe program folders are there but they are all empty.
As this is a music machine there are lots of programs that will take weeks to reinstall.
I have been trying to google around to find out what to do and apparently this nasty *&^£" program hides them all away until you pay them money to get them back. However I fear my reinstall has wiped the folder (called smtemp) from my system as I can find no trace of it.
Does anyone know a way of restoring the "All programs" folders after they have been wiped?
thanks in advance
Win 11 64, Asus Rog Strix z390 mobo, 64 gig RAM, 8700k
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Feb 2007
Posts: 1,815
Expert
|
|
Expert
Joined: Feb 2007
Posts: 1,815 |
Yea, It is a nasty one. In the hidden folder c:\program data\ there will be a directory that has the bad boy in it. The key is to start up in SAFE MODE (hit F8 a few times while while booting up), then launch windows explorer, show hidden files and then navigate to the \program data\ folder find the bad file/directory and rename it. It will be something like d34562723.exe (I am making up that title, because I don't remember the actual name. You could also search for windows security virus and you will find a bunch of locations that will help. here is one: http://www.myantispyware.com/2012/07/20/how-to-remove-windows-security-renewal-virus/ . They go about fixing it a little different than I do, but I do run MalwareBytes Anti-malware (MBAM) also. Does this help at all?
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Feb 2007
Posts: 1,815
Expert
|
|
Expert
Joined: Feb 2007
Posts: 1,815 |
Oops, I noticed you did a windows repair already -- that might complicate things. Search your hard drive for your programs (like c:\bb for band-in-a-box) to ensure that it is still there. I am not 100% sure how to get all that back -- but I did get most of that back on my daughter's laptop when she got that virus. I can't remember how I did it. I just went back to the factory setting on that laptop this weekend, because I never could get things all the way back to the way I wanted it (it was infected and cleaned about 6 months ago).
... and don't pay anything -- they won't even fix your computer, just take your money.
Last edited by Kemmrich; 10/09/12 01:37 PM.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
|
Anonymous
Unregistered
|
|
Anonymous
Unregistered
|
I have removed that with Malwarebytes and then Superantispyware. That virus is Russian and has been out every year since 2009.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jul 2007
Posts: 1,869
Expert
|
|
OP
Expert
Joined: Jul 2007
Posts: 1,869 |
Thanks for your efforts K but As I have said above I have got rid of the virus itself, my question relates to restoring the All Programs shortcuts. I have done a lot of work restoring my machine and am getting to the position that I might have to reformat the drive and do a fresh install of everything, after which I shall install malware bytes and purchase this program specifically to get protection from this.
People should know that this SOAB also hides all the contents of your main user folder and generally ferrets around altering internet options, turning the screen black and all sorts of other nasties.
On further consdieration, I might even get an SSD drive for my system drive - this may be the time
It's a puzzle that you can't simply restore the shorctus in the Start/ All Programs folders, as its just an algo to copy a short cut for each app.
Now.. if only I could find the guy that actually wrote this virus...
Zero
Win 11 64, Asus Rog Strix z390 mobo, 64 gig RAM, 8700k
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Feb 2007
Posts: 1,815
Expert
|
|
Expert
Joined: Feb 2007
Posts: 1,815 |
Once I get my laptop installed with all the business and music software, I will do a full image backup, that I will use in the case of future infection. Going back to factory settings is OK, but it is a lot of work to get everything back to the way it needs to be.
Good luck on your re-build.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jan 2007
Posts: 385
Journeyman
|
|
Journeyman
Joined: Jan 2007
Posts: 385 |
Quote:
As this is a music machine there are lots of programs that will take weeks to reinstall.
Well, Zero, look at the bright side.... Now you have clarified the question as to what to do on your holiday.
(Sorry, I know that wasn't helpful, but I just couldn't resist) 
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
|
Anonymous
Unregistered
|
|
Anonymous
Unregistered
|
Quote:
Now.. if only I could find the guy that actually wrote this virus...
Then spend your vacation in Russia, because that's where this one comes from.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2005
Posts: 222
Apprentice
|
|
Apprentice
Joined: May 2005
Posts: 222 |
The Linux users probably read this, shook their heads, and moved on.
However, I can't resist.
Windows for music... Linux for the Internet.
JBlatz
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jun 2003
Posts: 1,116
Expert
|
|
Expert
Joined: Jun 2003
Posts: 1,116 |
Don't mess with anything until you try this!!! This is a FREE download. You need a program called unhide.exe The reason you can't see your stuff is that the virus changes file and folder attributes to hidden. This program takes a while to run but it brings everything back. You really haven't lost anything. The virus just fools you into thinking that you have. It is all still there.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jul 2000
Posts: 6,504
Veteran
|
|
Veteran
Joined: Jul 2000
Posts: 6,504 |
I can't help with this, but I can help for the future.
Get a disk image program like Norton Ghost (no relation to me) or Acronis - I use Ghost but have also read good things about Acronis. Disk image is MUCH, MUCH better than a plain old back-up app. I used to use Dantz Retrospect and a few others before that, and they were fine at restoring my data, but not the OS and they didn't clear a virus from my wife's computer.
I make a complete disk image once per month and in addition, before installing any new software. I also make incremental changes to the image every night before I turn the computer off (takes about 2 minutes).
I've not had a virus, but I've installed some nasty software that wrecked my system, but a Ghost image saved my *ss more than once.
Example case:
I got a Cubase LE disk free with a guitar pedal I bought. I hadn't tried Cubase in a long time and was curious to see if it had changed to the point where I might like it. So I made a fresh disk image and installed it. It went through most of the Cubase install, and asked me toto re-boot the computer. On re-boot the install never finished but again asked if I want to re-boot the computer. I was stuck in the re-boot loop, I wanted to finish the install so I tried the safe mode but even the safe mode wouldn't even get me out of the re-boot loop.
So I installed the Ghost rescue disk into the CD drive, booted from the CD, restored my HD from the image on my external USB drive and the computer was back to normal.
Stupid me, I tried installing Cubase LE again, and the same thing happened so it's back to Ghost again.
It should work for a virus as well. The disk image works better than a backup/restore because it supposedly re-writes your disk exactly as it was at the last back up. If you back up every night, you can get back there with no problem.
So once you get your computer up and running again, get a good disk imaging software app and back up daily. It can save your data.
Insights and incites by Notes
Bob "Notes" Norton  Norton Music
https://www.nortonmusic.com
100% MIDI Super-Styles recorded by live, pro, studio musicians for a live groove
& Fake Disks for MIDI and/or RealTracks
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
|
Anonymous
Unregistered
|
|
Anonymous
Unregistered
|
Just to make sure there is no confusion, running a program such as Ghost or Drive image or any of them is considered "imaging" the drive. "Back up" is a term most used to make copies of data files you can't lose. Ghost will make a snapshop of your entire drive, OS and all. I suggest you go one further and buy a second drive just like the one you have in the box now so your hard drives are identical. I prefer to not save my Ghost (I use Drive Image) images. I have heard hundreds of people go on and on about how they have "backed up" their drive and they did not understand that they backed up data but not imaged it to where they have a bootable OS on the spare drive.
Summary:
BACK UP moves copies of data files (doc, jpg, mp3, seq.....) to a secondary device
IMAGING makes a byte for byte copy of the entire drive and makes a second bootable hard drive
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jul 2007
Posts: 1,869
Expert
|
|
OP
Expert
Joined: Jul 2007
Posts: 1,869 |
Thanks for the replies folks. I tried the unhide.exe thing no joy. This nasy peice of work copies all your All program shorcuts to some folders names 1, 2, 3. It then deletes the shortcuts from there original location. As I have done a re-nistall I beleive that these folders then got wiped as trhere is no sign of them by all the search means at my disposal.
I have orders a Samsung SSD 830 256 Drive. I shall install my system folders fresh on that and probably BB folder. I have copied the BB folder to a spare hard disk. I have the everything pack 2012.5
I am not sure how to reinstall BIAB. I presume its a matter of getting out the original PG drive and then installing all the updates? I have had BIAB a good few years now.
There is a copy of Norton Ghost supplied with the SSD I shall image the drive when its pristine. Iknow the difference between image and back up, I was just lazy I confess. I did use system restore but the nasty virus wiped those files of my system - nice.
thanks for the sympathies
Win 11 64, Asus Rog Strix z390 mobo, 64 gig RAM, 8700k
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: May 2003
Posts: 8,021
Veteran
|
|
Veteran
Joined: May 2003
Posts: 8,021 |
Quote:
The Linux users probably read this, shook their heads, and moved on.
However, I can't resist.
Windows for music... Linux for the Internet.
That would be me. Been saying this for quite a while.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Apr 2003
Posts: 886
Expert
|
|
Expert
Joined: Apr 2003
Posts: 886 |
IF your BiaB folder is intact, and you have used all default settings when installing, just go into it and find the "bbw" icon (it should be a little ways after the "Band-in-a-Box 2011-12-etc Manual" files, List View will help here) right Click & drag it to your desktop and Create A Shortcut. I have done this probably 100 times on a 100 nuke & paves, and it has always linked right up & found everything.
Make sure you use the bbw Icon, not the bbw3 or BBWICO ones!
And speaking of nuke & paves, don't just re-install onto the drive that got infected, or reuse it for something else, until ya do a "zero fill" and let it go. For my 1TB drive it takes about 2 days, but it will overwrite 99.9% of the software on the drive. If the program you are using has it, also do a complete wipe of the MBR before AND after your zero fill.
And I am a Acronis fan, Ghost always gave me problems. Even the Acronis versions that came with my Seagate, Maxtor, and WD HDD install disk worked better FOR ME than Ghost...
Of course this is a IMHO, YMMV, yada yada type of post....
i5 3.20GHz, 32gb RAM, 1tb SSD OS, 12tb HDD, 4gb gForce vid card, 32" monitor, Audient id44, Win10 x64, BiaB/RB 2023, Reaper 6,IK Multimedia Total Studio 3.5 MAX, Waves 10
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Apr 2003
Posts: 886
Expert
|
|
Expert
Joined: Apr 2003
Posts: 886 |
Quote:
Quote:
The Linux users probably read this, shook their heads, and moved on.
However, I can't resist.
Windows for music... Linux for the Internet.
That would be me. Been saying this for quite a while.
Linux Mint has been my go to since 11...Maya has been 100% solid on this system....
i5 3.20GHz, 32gb RAM, 1tb SSD OS, 12tb HDD, 4gb gForce vid card, 32" monitor, Audient id44, Win10 x64, BiaB/RB 2023, Reaper 6,IK Multimedia Total Studio 3.5 MAX, Waves 10
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Jul 2007
Posts: 1,869
Expert
|
|
OP
Expert
Joined: Jul 2007
Posts: 1,869 |
Sorry I have no idea what a nuke, a pave, or a zoro fill is. Its OK though  I feel good.
Win 11 64, Asus Rog Strix z390 mobo, 64 gig RAM, 8700k
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Apr 2003
Posts: 886
Expert
|
|
Expert
Joined: Apr 2003
Posts: 886 |
Opps! Sorry about that...
A "nuke & pave" is just a term for wiping your hard drive & re-installing everything fresh.
"Zero Fill" is where along with wiping the hard drive, you also have the program write "zeros" 0 across the entire drive, filling it with just 0...basically getting it "factory fresh".....tho there is a few more steps that can be done, this will basically clean out the drive..
i5 3.20GHz, 32gb RAM, 1tb SSD OS, 12tb HDD, 4gb gForce vid card, 32" monitor, Audient id44, Win10 x64, BiaB/RB 2023, Reaper 6,IK Multimedia Total Studio 3.5 MAX, Waves 10
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Oct 2008
Posts: 8,109
Veteran
|
|
Veteran
Joined: Oct 2008
Posts: 8,109 |
Quote:
Quote:
The Linux users probably read this, shook their heads, and moved on.
However, I can't resist.
Windows for music... Linux for the Internet.
That would be me. Been saying this for quite a while.
I finally joined the club too. (Ubuntu)
So far so good.
|
|
|
|
|
|
|
|
|
|
|
|
|
Off-Topic
|
Joined: Oct 2008
Posts: 8,109
Veteran
|
|
Veteran
Joined: Oct 2008
Posts: 8,109 |
|
|
|
|
|
|
|
|
|
|
|
|
Ask sales and support questions about Band-in-a-Box using natural language.
ChatPG's knowledge base includes the full Band-in-a-Box User Manual and sales information from the website.
|
|
|
|
|
|
|
|
|
|
|
XPro & Xtra Styles PAK Sets On Sale Now - Until May 15, 2026!
All of our XPro Styles PAKs and Xtra Styles PAKs are on sale until May 15th, 2026!
It's the perfect time to expand your Band-in-a-Box® style library with XPro and Xtra Styles PAKs. These additional styles for Band-in-a-Box® offer a wide range of genres designed to fit seamlessly into your projects. Each style is professionally arranged and mixed, helping enhance your songs while saving you time.
What are XPro Styles and Xtra Styles PAKs?
XPro Styles PAKs are styles that work with any version (Pro, MegaPAK, UltraPAK, UltraPAK+, or Audiophile Edition) of Band-in-a-Box® 2025 (or higher). XPro Styles PAKS 1-10 includes 1,000 styles!
Xtra Styles PAKs are styles that work with the UltraPAK, UltraPAK+, or Audiophile Edition of Band-in-a-Box® 2025 (or higher). Xtra Styles PAKs 1-21 includes 3,700 styles (and 35 MIDI styles)!
The XPro & Xtra Styles PAKs are not included in any Band-in-a-Box® package.
The XPro Styles PAKs 1-10 are available for only $29 ea (reg. $49 ea), or get them all in the XPro Styles PAK Bundle for only $149 (reg. $299)! Listen to demos and order now! For Mac or for Windows.
The Xtra Styles PAKs 1-21 are available for only $29 ea (reg. $49 ea), or get them all in the Xtra Styles PAK Bundle for only $199 (reg. $349)! Listen to demos and order now! For Mac or for Windows.
Note: XPro Styles PAKs require Band-in-a-Box® 2025 or higher and are compatible with ANY package, including the Pro, MegaPAK, UltraPAK, UltraPAK+, and Audiophile Edition.
The Xtra Styles require the UltraPAK, UltraPAK+, or Audiophile Edition of Band-in-a-Box®. (Xtra Styles PAK 19 requires the 2025 or higher UltraPAK, UltraPAK+, or Audiophile Edition. They will not work with the Pro or MegaPAK version as they require the RealTracks included in the UltraPAK, UltraPAK+, or Audiophile Edition.
Supercharge your Band-in-a-Box today with XPro Styles PAKs and Xtra Styles PAK Sets!
Band-in-a-Box 2026 for Mac Videos
With the release of Band-in-a-Box® 2026 for Mac, we’re rolling out a collection of brand-new videos on our YouTube channel. We’ll keep this forum post updated so you can easily find all the latest videos in one convenient spot.
Whether you're exploring new features, checking out the latest RealTracks or Style PAKs, this is your go-to guide for Band-in-a-Box® 2026.
Check out this forum post for "One Stop Shopping" of our Band-in-a-Box® 2026 Mac Videos!
Band-in-a-Box 2026 for Mac is Here!
Band-in-a-Box® 2026 for Mac is here and it is packed with major new features! There’s a new modern look, a GUI redesign to all areas of the program including toolbars, windows, workflow and more. There’s a Multi-view layout for organizing multiple windows. A standout addition is the powerful AI-Notes feature, which uses AI neural-net technology to transcribe polyphonic audio into MIDI—entire mixes or individual instruments—making it easy to study, view, and play parts from any song. And that’s just the beginning—there are over 100 new features in this exciting release.
Along with version 2026, we've released an incredible lineup of new content! There's 202 new RealTracks, brand-new RealStyles, MIDI SuperTracks, Instrumental Studies, “Songs with Vocals” Artist Performance Sets, Playable RealTracks Set 5, two new RealDrums Stems sets, XPro Styles PAK 10, Xtra Styles PAK 21, and much more!
Special Offers
Upgrade to Band-in-a-Box® 2026 for Mac and save up to 50% on most upgrade packages during our special offer—available until May 15, 2026. Visit our Band-in-a-Box® packages page to explore all available upgrade options.
2026 Free Bonus PAK & 49-PAK Add-ons
Our Free Bonus PAK and 49-PAK are loaded with amazing add-ons! The Free Bonus PAK is included with most Band-in-a-Box® 2026 for Mac packages, but you can unlock even more—including 20 unreleased RealTracks—by upgrading to the 2026 49-PAK for just $49.
Holiday Weekend Hours
As we hop into the Easter weekend, here are our holiday hours:
April 3 (Good Friday): 8:00 AM – 4:00 PM PDT
April 4 (Saturday): Closed
April 5 (Easter Sunday): Closed
April 6 (Easter Monday): Open regular hours
Wishing you an egg-cellent weekend!
— Team PG
Update to Build 10 of RealBand® 2026 for Windows®!
If you're already using RealBand 2026 for Windows, download build 10 to get all the latest additions and enhancements.
Band-in-a-Box® 2025 for Mac® users: Build 904 now available!
If you're already using Band-in-a-Box® 2025 for Mac®, make sure to grab the latest update! Build 904 is now available for download and includes the newest additions and enhancements from our team.
Band-in-a-Box® 2026 for Windows® users: Build 1237 is now available!
Already a Band-in-a-Box 2026 for Windows user? Stay up to date and download the build 1237 to get all the latest additions and enhancements.
|
|
|
|
|
|
|
|
|
|
|
|
Forums57
Topics86,211
Posts801,972
Members40,070
| |
Most Online64,515
Apr 8th, 2026
|
|
|
|
|
|
|
|
|
Dansk
Deutsch - Windows
Español
Français - Windows
Italiano - Windows
Nederlands
Polski
Português
Svenskt
русский
Japanese
Simplified Chinese
Traditional Chinese
Korean