Maaaaaaajor Error!!!

[HelpMePlease]

As you can see from the subject line i have a major error with my laptop. I downloaded a file from kazza and ran it (it turned out to be a ms-dos batch file) and it asked me if it was ok to delete a registry key, i was foolish enought to not only press yes the frist time it asked me but to say ok for the next 3 times.

I restarted my computer and now not a dicky bird works. it doesn't find th icons for ANY file on the machine for ANY file type if you go into the program fiiles and click on a folder they are all the same windows icons. if i right click on the desktop it says it can't find rundll32.dll, so i point it in the right direction but continues to say that it can't find the file, none of my visual settings are correct.

I can't even load up system resotre as the icons that are on my desktop don't open (all expecpt my documents and everything in them)

ps. before i restarted my computer i deleted the batch file so i can't even try and open it to see what regisrty items it deleted


Please, please, please , please help me as my laptop is my pride and joy

[Confused]

If you cain't get into system restore I cain't be much help except to suggest that you try booting to "Safe mode" and see if you can get to restore from there.

If not maybe from safe mode you will be able to remove the offending software although I doubt that will help as you have modified the registry.

Check back often as there are a lot more knowledgeable people here than me.
Chas

[HelpMePlease]

I've tried everything you;ve suggested there 'confused' but the thing still doesn't work.
I've ran the blessed thing in 'last known working configuration' that doesn't change anything, i've booted in safe mode, that doesn't do anything, i've booted minimal boot (i think), that doesn't do anything. the only thing left that could possible do something is using the recovery console or the last option that comes on the screen when you get the the 'shall i boot in safe mode' screen

[HelpMePlease]

Some progress, i've managed to locate the batch file that i clicked onto before i started getting the errors. and have attached it as a text file. I don't understand batch files so could somebody look at it and tell me how to undo it

Moderator note
_{your attachment was deleted to prevent accidental running
For those joining in late, the precis of the txt file was commands for a CLI batch file to delete registry trees}

[pam123]

You're AV not only let you download this but the program let you run it ?
I clicked on your attachment and both ZoneAlarm and Norton's went into full alert ( no surprise there, if I hadn't thought they'd catch the problem I wouldn't have done it ).
I hope you have backed up your data because you're looking at a reformat, if not a full drive erase, before reinstall.
As for the rest; get yourself an AV and a firewall and keep both up to date.
You got careless and you got caught.

[Statica]

The file you downloaded was not a virus. It is nothing more than a batch file to delete off important registry trees from your system registry. There is no virus that is as simplistic as that, however you are the victim of a piece of rogue programming.
Unfortunately, your only choices at this moment are:
0) Boot to a repair console: then run the commands outlined here -
http://support.microsoft.com/default...b;EN-US;307545
1) try booting up with your XP CD and trying to run a repair
2) try booting up with your XP CD and reinstall windows OVER your current installation
3) Start afresh with Windows

Hopefully, you will use this experience as a lesson not to trust every file that is available out there on the net and to read important dialog boxes.

[Pentium-ant]

Hmmmmm I would recommend you delete the attachment because you are helping distribute that virus I am also surprised that your AV did not pick that up my MacAfee got it instantly.

What operating system you using? Windows XP? If so can you not just repair it using the disks?

P.S no one else click that attachment.

[pam123]

Quote:

Originally posted by Statica The file you downloaded was not a virus. It is nothing more than a batch file to delete off important registry trees from your system registry. There is no virus that is as simplistic as that, however you are the victim of a piece of rogue programming. Unfortunately, your only choices at this moment are: 0) Boot to a repair console: then run the commands outlined here - http://support.microsoft.com/default...b;EN-US;307545 1) try booting up with your XP CD and trying to run a repair 2) try booting up with your XP CD and reinstall windows OVER your current installation 3) Start afresh with Windows Hopefully, you will use this experience as a lesson not to trust every file that is available out there on the net and to read important dialog boxes.

It's hard to keep everything straight but why would Norton's and Zone Alarm slam warnings into my face if it wasn't a virus?
I don't doubt you but I don't know why.

[Pentium-ant]

yeah same here

[ghost2003]

Why wouldnt they? A batch file can do just asmuch damage.

[Statica]

Have you tried checking even the mcafee virus encyclopedia for the particular virus? Bat/qd124 ? Or even Norton or try to google it out?
There has to be some form of logic to categorizing a file as a virus, I have often had to deploy batch files that remove out registry entries from the CLI. If there was an AV maker that wouldnt allow me to create my own batch files, it would make things very difficult.
But anyways, I'd like to see what the specs of the qd124 batch file are and what is the determining factor.

There are some things that cannot be left to having an antivirus program catch - one has to use an amount of self-restraint and common sense to figure it out. The same commands that were issued from that one batch file could be done so by 4 different batch files, it really doesnt matter as I've said before it still doesnt make it rogue programming because the commands are part of the valid commandline vocabulary for the operating system.

There are other reasons why such issues happen - one of the most aggravating things I have seen amongst windows users when they move to 2K or XP, most recently, is the compulsion of the majority of people to use their computer as the administrator (or a user with admin rights). There are some things that is true of most robust operating systems, Linux, NIX and even NT based Windows - that is definitive user rights! By running as the administrator at all times, one does not give the OS a fighting chance. Run the exact same commands as a regular user and the system denies access to that command.

[HelpMePlease]

Thanks for all of you suggestion and will try them one by one.

Regarding the anitivirus programs, i do have norton antivirus 2004 installed on my computer but i was instaling something a couple of days ago and it asked me to disable it for some reason or another. I guess i forgot to enable it once again.

I can tell you that i won't be doing that again in a hurry


Again thanks for your help

[pam123]

I made a trip to Google's to check out batch files.
Eyuck!
Given the harm you can do with them they may not be virii but they could just as well be.
So, technically, Statica is right.
Practically, unless you're a pro, you don't want to mess with them unless you've got a major reason.
Kazzaa isn't a major reason.