File Restore is a fake hard drive diagnostic program
If you are infected with File Restore it is important that you do not delete any files from your Temp folder or use any temp file cleaners. This is because when the infection is installed it will delete shortcuts found in various locations and store backups of them in the %Temp%\smtmp folder.
Unhide:
https://download.bleepingcomputer.com/grinler/unhide.exe
For those of you who no longer have the %Temp%\Smtmp folder, you will not be able to use Unhide to restore your Start Menu items. With this in mind, I have created some scripts to restore the default Start Menu for specific versions of Windows that I have access to. You can view the available versions below.
Windows 2000 US English
https://download.bleepingcomputer.com/grinler/fakehdd/win-2000-sm-reset.exe
Windows XP Pro 32-bit US English – This should also work in other 32 bit version of Windows XP but I have nothing to compare against.
https://download.bleepingcomputer.com/grinler/fakehdd/winxp-pro-32bit-sm-reset.exe
Windows Vista 32-bit US English
https://download.bleepingcomputer.com/grinler/fakehdd/vista-32-sm-reset.exe
Windows Vista 64-bit US English
https://download.bleepingcomputer.com/grinler/fakehdd/vista-64-sm-reset.exe
Windows 7 32-bit US English
https://download.bleepingcomputer.com/grinler/fakehdd/win7-32-sm-reset.exe
Windows 7 64-bit US English
https://download.bleepingcomputer.com/grinler/fakehdd/win7-x64-sm-reset.exe
Thanks to tetonbob and Andrew for supplying me with the required start menus.
Anti-rootkit utility TDSSKiller
https://support.kaspersky.com/downloads/utils/tdsskiller.exe
Malwarebytes
https://www.malwarebytes.org/mbam/program/mbam-setup.exe
Rkill
https://download.bleepingcomputer.com/grinler/rkill.com
Process Explorer
https://live.sysinternals.com/procexp.exe
Roguekiller
https://tigzy.geekstogo.com/Tools/RogueKiller.exe
