DJ, Tarun, Twisted,etc - HELP!

[steve1368]

Hi,

 

I scanned with a2 trojan scanner, noted 9 malware...some worm called bagle something, so I deleted all of them.

 

Then, all is gone except my desktop image, no icons, no toolbar, nothing just my desktop image.

 

I have restore set before with XP and another with ERUNT.

 

What can I do to save my computer???

 

Please help

 

Steve

 

P/S - I will never use a2 again. Others reading, please be careful when using a2 trojan scanner.

[DjLizard]

There's nothing wrong with a-squared (I use their hijack-free product all the time)... it's actually what bagle did that caused the damage.

 

When your system boots to the no-desktop situation, try the following:

 

* Control+shift+escape (or control+alt+delete) - may bring up task manager. If it does, click File>New Task (Run...), and type 'explorer.exe' in the box, and hit OK. If everything comes back, then you possibly need to reset Windows' "shell=" parameter. I think Hijack This! might notice it and let you fix it -- not sure. If you can get explorer.exe running again, we'll investigate further.

 

If the above didn't work, you'll have to reinstall Windows on top of itself (no harm will be done, you won't lose anything -- but you have to have your XP CD and your product key handy. If you are using a name-brand computer (HP, Compaq, Dell, etc) and don't have an XP CD, let me know and we'll go from there).

[steve1368]

There's nothing wrong with a-squared (I use their hijack-free product all the time)... it's actually what bagle did that caused the damage.

 

When your system boots to the no-desktop situation, try the following:

 

* Control+shift+escape (or control+alt+delete) - may bring up task manager.  If it does, click File>New Task (Run...), and type 'explorer.exe' in the box, and hit OK.  If everything comes back, then you possibly need to reset Windows' "shell=" parameter.  I think Hijack This! might notice it and let you fix it -- not sure.  If you can get explorer.exe running again, we'll investigate further.

 

If the above didn't work, you'll have to reinstall Windows on top of itself (no harm will be done, you won't lose anything -- but you have to have your XP CD and your product key handy.  If you are using a name-brand computer (HP, Compaq, Dell, etc) and don't have an XP CD, let me know and we'll go from there).

<{POST_SNAPBACK}>

 

DJ, thanks for the fast reply. I'm at office now. I will go back home this evening & do as you say.

 

Keeping my fingers crossed.

 

Thanks,

Steve

[TwistedMetal]

I have to agree with DJ on this one. The one alt. I can think of, if you can't get Task Manager to come up. You can always try Safe Mode and see what happens. But, I doubt it will do anygood, it can't hurt to try.

[Eldmannen]

Sounds really bad.

These people gave good suggestions.

 

Next time try to keep better care of your computer security by using a firewall and antivirus (with real-time scanning) and keep it up-to-date at all times. And do a full scanning atleast every month, preferably more often. And use a spyware software that you run atleast every other week. Use Windowsupdate to keep the system up-to-date against the latest security vulnerabilities.

[steve1368]

* Control+shift+escape (or control+alt+delete) - may bring up task manager.  If it does, click File>New Task (Run...), and type 'explorer.exe' in the box, and hit OK.  If everything comes back, then you possibly need to reset Windows' "shell=" parameter.  I think Hijack This! might notice it and let you fix it -- not sure.  If you can get explorer.exe running again, we'll investigate further.

 

<{POST_SNAPBACK}>

 

Hi, I did the above ( I took time off to go back for awhile). Bad news it says windows cannot find"explorer.exe" etc etc.

 

I searched for my XP CD, I think I lost it when I shifted house recently.

 

What can I do now?? BTW, mine is not a branded pc

 

Just curious , can't I do anything with restore point I have in my pc

and with last Erunt back up I have? Are they only for registry back up ?

 

Boy oh boy, what a day!.........

 

Another thought, maybe I can download from the net on a different pc & install in my pc......or someone can send it to me by e-mail..... looks like I'm getting desperate, sorry guys

 

Steve

[Eldmannen]

Sounds like its complete reinstall...

[DjLizard]

Unfortunately, this isn't a registry problem, this is a `file-is-missing' problem.

 

You will HAVE to get an XP CD... but here's the kicker:

You can get one for free (if you have your product key sticker affixed to your computer's chassis) and if it is OEM version.

 

Call 1-800-MIC-ROSO(ft) (1-800-642-7676)

Press 2, then 1, then 2

Tell the customer service rep that you just moved and you can't find your Windows XP CD. Tell them that a local shop built your computer but you can't afford to pay for another version of Windows that you already own a license for. If the person doesn't then ask you to read numbers off of your product key sticker, then hang up and call back until you get a person who will do it (I've never had to hang up -- they've ALWAYS helped me, every single time (I've done this repeatedly for my customers))

 

Also note that if you have the XP CD with the hologram, but don't have a product key, they will generate you a FREE PRODUCT KEY over the phone, and read it to you (but will not send you a real sticker though). It helps to be in the middle of installing Windows when you want a free product key -- you tell them that you were trying to repair Windows by reinstalling, but couldn't find your product key stuck to the side of your case, and now you're stuck... and if it's the OEM version, and you read them the part number(s) or words off the hologram CD, then they say hang on, and generate you a valid product key you can activate with

[steve1368]

DJ, while you were away ( maybe asleep ), Twisted Metal, sent me a copy of "explorer.exe" thru e-mail & guided me what to do.

 

Everything seems to be ok now. Thanks Twisted Metal & DJ, you guys are great. I'm pretty sure I wouldn't have gone this far, without you guys.

 

I have several questions tho:-

 

1) I have Avast, how can this "bagle" get into my pc. I suspect it is from an e-mail. Am I right?

 

2) How to be really sure everything is really back to normal, I saw some settings were changed in my pc...is there anything to be concerned about?

 

3) How can I prevent this from happening again to my pc. For your note, I have Tarun's malware package in my pc, besides that I have MSAS.

 

4) Is it safe to run CCleaner for issues....scanning shows many items to delete.

 

Thank you very much once again to both of you.

 

Steve (my smile is back)

 

P/S - Now I know why Eldmannen gets banged every now & then in this forum.

[Tarun]

DJ, while you were away ( maybe asleep ), Twisted Metal, sent me a copy of "explorer.exe" thru e-mail & guided me what to do.

 

Everything seems to be ok now. Thanks Twisted Metal & DJ, you guys are great. I'm pretty sure I wouldn't  have gone this far, without you guys.

 

I have several questions tho:-

 

1) I have Avast, how can this "bagle" get into my pc. I suspect it is from an e-mail. Am I right?

 

2) How to be really sure everything is really back to normal, I saw some settings were changed in my pc...is there anything to be concerned about?

 

3) How can I prevent this from happening again to my pc. For your note, I have Tarun's malware package in my pc, besides that I have MSAS.

 

4) Is it safe to run CCleaner for issues....scanning shows many items to delete.

 

Thank you very much once again to both of you.

 

Steve   (my smile is back)

 

P/S - Now I know why Eldmannen gets banged every now & then in this forum.

 

<{POST_SNAPBACK}>

 

 

1. There's many ways for any virus/worm to get into your pc. It can be from browsing a website (yes they install from javascript and more), a download, e-mail, and any number of things.

2. Well, things you can possibly try are System Restore IF you know when you got infected. If not don't even touch System Restore. You may wish to disable System Restore and scan with Avast again. As for the settings you may have to manually reset them to your preferences.

3. Avast has an excellent scanning engine. Just make sure you always have it running, run scans every so often and be sure that the active scanner is set to scan e-mail and all files when your pc is running. The Anti-Malware package has MSAS in it too now.

4. Yeah, should be. At least it makes backups.

[Capman]

Dj, would you recommend all the a-squared products or just HiJackFree.

[Newhotness]

You will HAVE to get an XP CD... but here's the kicker:

You can get one for free (if you have your product key sticker affixed to your computer's chassis) and if it is OEM version.

 

Call 1-800-MIC-ROSO(ft) (1-800-642-7676)

Press 2, then 1, then 2

Tell the customer service rep that you just moved and you can't find your Windows XP CD.? Tell them that a local shop built your computer but you can't afford to pay for another version of Windows that you already own a license for.? If the person doesn't then ask you to read numbers off of your product key sticker, then hang up and call back until you get a person who will do it (I've never had to hang up -- they've ALWAYS helped me, every single time (I've done this repeatedly for my customers))

 

Also note that if you have the XP CD with the hologram, but don't have a product key, they will generate you a FREE PRODUCT KEY over the phone, and read it to you (but will not send you a real sticker though).? It helps to be in the middle of installing Windows when you want a free product key -- you tell them that you were trying to repair Windows by reinstalling, but couldn't find your product key stuck to the side of your case, and now you're stuck... and if it's the OEM version, and you read them the part number(s) or words off the hologram CD, then they say hang on, and generate you a valid product key you can activate with

 

<{POST_SNAPBACK}>

 

 

 

DJ,

 

I may have misunderstood your last post? are you saying that you can receive a new product key and os cd for Windows? I just bought a new computer but Dell told me they don't give out the os cd's anymore becasue you can get everything you want from system restore, but i'd still prefer to have the cd so that i could do a complete re-install without all the pre-loaded crap from Dell. Also, is this considered sketchy, i mean, if i borrowed a cd from a friend wouldn't i be able to get a free key?

 

a little confused on what this process allows, thankx for the input

 

 

THANKX DJ FOR THE CLARIFICATION

[DjLizard]

It has to be a pure OEM version. If it is a DELL version, Microsoft will refer you to DELL. That's why they have you read numbers off of the CD (to get a product key) and numbers off of the product key sticker (to get a CD).

 

You obviously talked to an idiot when you called -- how is system restore going to install your operating system if you, say, had to replace your hard drive? Call again. New DELLs don't come with CDs, but they come with a utility that allows you to make a CD. Old DELLs did come with CDs, but you can also call them to order a CD. (There should have been a blue cardboard "CD" that explains this, in your box). I have all the CDs myself, from having worked in this field for a long while. I've got copies of absolutely everything.

 

It's okay if you make a copy of a pure OEM CD (which may work with your product key -- it usually does) from a friend and use it with your product key -- when you pay for Windows, you're paying for the product key sticker (the license) not the actual CD media.