I am in serious need of help with my laptop. I have some malware which by all appearances seems to be very similar to the Win32.bagel virus - but I have never seen it specifically named as such on my computer. I have seen b.exe, and msa.exe. I searched for both of these and deleted whatever I could find, which either hurt me or did no good at all.
Symptoms: I am unable to double click the vast majority of programs to start them. Itunes, VLC, Lotusnotes, IE, etc. I can't right click and go into properties, or connect to another monitor, or even double click the clock on the bottom right. Each time an error pops up saying "... .exe is not a valid Win32 application."
I am also unable to install any programs, I receive the same error message.
Double-clicking on My Computer works, but also often either opens up firefox and brings me to a website - http://winshield2009...block.php?r=8.1 (the screen shows the page load error message, website not found..whether I am connected properly to the internet or not). The pop-up is not limited to using my computer, going through any system folders or directories seems to have an equal chance of causing the pop-up or new tab created in firefox. Not sure if this is related to the Win32 error, but it's also a problem.
Other error messages I have seen a number of times:
"Not enough quota is available to process this demand" - This has never made sense to me, I have over 2 gigs of free space on my HD, and at the times this msg came up, no other programs even running.
"Insufficient system resources available to complete requested service" - Again, same as above.
I've also seen an error msg about "(Null)" and locations not being seen or available or something. But then the folder will open up anyways once I click okay...
Attempted Fixes:
Malwarebytes - By changing the file extension to .com from .exe I am at least able to install the program. But again, upon installation in order to run the program I copy the .exe within the program directory and then change the copy to a .com extension and then it runs. But a few seconds into running a scan the program disappears and is gone from my taskmgr as well. Also - at this time after running it once I am unable to start it again, I just get an error message.
Gmer - I have tried dl'ing and running this program more than once. Even utilizing the .com file extension the scan does not fully run. No text logs are made, it seems to simply disappear similar to MBAM during or at the end of the scan.
CClean - With .com extension, I was able to use this program to its full extent.
FindyKill - I utilized this via .com file extension and followed the instruction. I have a log of the fixes if you would like. Unfortunately it has not seemed to positively effect my computer in any way.
Spybot S-D - Will not run properly even though I was able to install (again, with .com)
Kaspersky - I was able to do an online scan of my critical areas and can upload that .html log file. Unfortunately the service does not appear to be available currently and the free trial of 2010 I dl'ed won't install at all, so I can not go further with this program.
I have NOT tried combofix. I read too many threads on different forums and know not to touch unless I'm instructed to by someone way more skilled with malware removal than myself.
It may be possible that I screwed myself by deleting some critical files from the registry or from my Windows folder? Sometimes I don't remember to look before I leap.
I also DO NOT have access to safe mode on this computer (it is not mine, and I simply don't have access unfortunately), and can NOT get into msconfig to try and restore to an earlier point. When I try to use the command prompt, any .exe I type in receives the same "... is not a valid Win32 application." Likewise, I can not access the add / remove programs tab from the control panel. The same error occurs.
Apologies on length of this post, wanted to cover everything. Any and all help would be so greatly appreciated!!
Edited by AcerNY, 11 October 2009 - 05:20 PM.