I met this little “gem” today and I was very surprised. It has been a long time since something snuck up on me like that. My detection tools are always updated and I’m very careful about handling downloads and attachments.
The problem is that once infected (and yes, it is an infection) one can no longer use the start menu shortcuts of apps mostly used. One can still launch them from any shortcut on the desktop or from their proper group in start menu, however most of us just press Start and click on our favorite app. With this infection though a popup appears that requests a registration of the Context Menu Platinum program (that I never installed, nor read in any setup dialogue steps which, yes, I do read). The close window button does not work, the Register program closes the popup without launching the app but takes you to a web page that requests anywhere from $400 to $250. All of that of course is moot, because no one requested this program in the first place.
Upon looking on the net, there are three most probable culprits; CompMgmtLauncher.exe, FILEminimizer and EmailOpenView. None of these were the cause in my system. Spent two hours trying to identify the problem using all kinds of tools and monitors etc.
Finally I just did a simple sorting and eyball-1 (look for it with my eyes) on the directories inside Program Files. It turns out that of the four directories modified in the last two days, one was the freeware Movie Subtitle Searcher from opensubtitles.org. Inside that was a directory Application Data and inside that another called Opensubtitles-1.0_1_0_0_0
Inside that was a program ShellMenu.exe with the same icon as the popup. It was of course being used by the system and could not be deleted, so reboot to command prompt, delete the file and all was well and good. After that I uninstalled the Movie Subtitles Searcher, just for the hell of it.
Thanks very much! I had the same problem.
hi, this was my problem as well, it took a hard time finding on the net the right solution. thanks.
Thanks Thanks Thanks GRACIAS
thanks so much
Thanks so much!
This guide should be on every technical support site!
use SheelExView(it may require andvanced user).it solved my problem.(right click on .doc file>details>Remove Properties and Personal Information)
Thanks been trying to get rid of this rascal forever it seems previous blogs mentioned “Minimizer ” but this time Open subtitles Searcher had it embedded as you stated.
after that you have uninstalled the movie subtitle searcher, there are still directories and one file shellmenu.exe to be killed… you can’ t kill them because this menu is still active, publisher unknown, so copy the file to your desktop and rename the extension to bad, next restart your machine an now you can delete the rest of this junk… one hint and advise, never install fishy programs…
don’t copy just MOVE the damn file
Thanks. Acted as you advised. The issue has been eliminated.
Thanks too. Really cleanned up so by this way.
Nice work! Straight to the point and effective!
Thanks a lot!
Thanks so much. That fucking thing was driving me nuts. It was in the movie subtitles downloader.
I found ShellMenu.exe under FileMinimizer in Program Files. I forced Context Menu Platinum to open its registration window by trying to close down Skype, then I killed the job from the task manager.
While it was gone from the system momentarily, I was able to remove the file from the FileMinimizer directory, and voila, now it is gone…..