I took my computer out of the office to do some work at a specific site. When I got there, my roaming profile wouldn’t load and none of my programs could connect back to the relevant servers. The next day, when I redocked my laptop at the office, I was getting the same experience. An IT guy came over and forced a re-sync of my profile. This solved my issues, but it also deleted some temporary files.
I didn’t care about these temporary files. However, the files in question were related to some adware (Conduit and MixDJ search bars that self-installed on my Internet Explorer). The re-sync, for some reason, disrupted the adware’s file path, which caused a pop-up error. IT guy saw the pop-up, inquired about what “Conduit” was, and I admitted that it was adware on a web browser I didn’t ever use. My mistake.
So, like any IT guy would do, he set about getting the malware off my computer. This, of course, is the responsible thing to do, the thing he’s paid for. He ran Malwarebytes Anti-Malware and deleted some stuff, then, to make absolutely sure everything was gone, he installed and ran Spybot – Search and Destroy.
Once he was confident the adware was eradicated, he rebooted the machine. When it came back up, my start menu was blank, my taskbar was perma-locked, and I couldn’t pin items to the task bar or the start menu. It was a puzzler for everyone who looked at it. He spent a while trying to fix it, but was ultimately unsuccessful. Due to time constraints, he was forced to leave the fight for another day.
What I did
After he left, I started poking around and researching the problem. I looked through a bunch of forums and found that there were several people who’d had similar problems. There were three primary camps that those proposing solutions fell into: that malware was hiding the files, that the user’s system had locked the task bar (and it just needed to be unlocked), or that the user was not an admin and was experiencing the side effects of a group policy.
None of these proposed answers worked for me. My system, I quickly discovered, would not allow me to unhide files (another clue!), which was weird because I am an admin on my machine. The system would not allow me to unlock the task bar no matter how I tried (registry, right clicks, etc.). And according to IT, my malware was gone. My own scans confirmed this.
So what I thought was that maybe the malware or the deep scraping of the malware removal tools might have deleted something integral from the Windows registry. I opened up another Windows 7 laptop to compare, though, and they looked pretty much the same. Out of curiosity, I booted into safe mode to see how my profile loaded. This was a very good decision.
Safe mode boots the user into a Windows environment that uses minimal resources. Essentially, it doesn’t load anything that isn’t necessary, which lets one diagnose problems in a less complicated environment. In safe mode, my profile loaded just fine. My start menu was there, and my task bar functioned as it should- all was well. That told me that the most likely culprit was a third party software that had been installed on the machine.
From there, I did a clean boot. I stopped all non-Windows processes to get an environment similar to what I had in safe mode. When my profile loaded, everything was good again. I did some thinking and figured out the problem.
Spybot – Search and Destroy was installed immediately before my problem surfaced. I uninstalled the program and rebooted into my normal start up environment. Sure enough, I had my tool bar and start menu functionality back.
I think malware’s bad reputation may have preceeded it where troubleshooters of this problem are concerned. When we know about a malware infection, it isn’t surprising to us when system functionality is reduced. It’s the lowest common denominator. But, in this case, it is the solution we enacted to address that initial issue that caused the more confusing secondary one. All I can figure is that Spybot somehow limited permissions in my system, with the objective of preventing malware from making changes to the system. By removing it, I removed the “protection” it was providing.
If you’re experiencing this issue AFTER trying to get rid of malware/adware/virus, try uninstalling whatever anti-virus programs you recently installed.