Windows Task Bar and Desktop Not Appearing Beceause of an Infection

Have you ever had an infection on your computer that stops Windows from fully loading? You get the past the Windows splash screen and all you see is either your fake program which will only let you click the “buy now” button, or if you have somehow been able to block of remove the infection, you just see your Windows background and mouse cursor. In both cases there is no Windows task bar so you can’t do anything in Windows.

Your infection is messing with Windows explorer which is what you need in order to navigate around your computer. You can easily get it running again by holding down the Windows key and pressing R. When the run command appears type explorer.exe and click OK.

This doesn’t solve the problem that explorer isn’t launching when you start your computer so you are going to have to go into the registry. Hold down the Windows key and press R. When the run command appears type regedit and click OK.

Now navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Shell. You want shell to say explorer.exe so double click shell, type in explorer.exe and click OK. If the shell entry is not there, right click in right hand panel and click New > String Value. Call it shell. Double click shell, type in explorer.exe and click OK

While you are in the registry go to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Run. Everything in here is designed to run before explorer.exe is loaded so look for anything with the name of your rogue program in it, select it and press delete.

Restart your computer and now you can now start removing the infection.

Popularity: 3% [?]

FileFix Professional 2009

FileFix Professional 2009 is the beginning of a new trend in fake security programs.

FileFix Professional 2009 will encrypt any document you attempt to open generate the following message:

“Windows detected that some of your MS Office and media files are corrupted. Click here to download and install recommended file repair application”

FileFix Professional 2009 will allow you to fix one file for free and demand you pay $50 per file after that. Sadly even after you remove FileFix Professional 2009, your files are still encrypted. Fortunately, as more people are getting hit by FileFix Professional 2009, more solutions are popping up. If you are unable to access your documents due to FileFix Professional 2009, visit FileFix File Decrypter who will decrypt your files for free.

Unfortunately their aren’t any instructions to manually remove FileFix Professional 2009. Your best bet is to find and delete any folder named “FileFix Professional 2009 ” however that wont completely remove the infection. For now, only running a program like Spyware Doctor will completely remove FileFix Professional 2009 and the Trojan that gave it to you from your computer.

(FYI: for some links to software we receive a commission. This is one of them. But we wouldn’t recommend Spyware Doctor if we didn’t think it would help.)

Popularity: 2% [?]

How I removed W32.Downadup.B/Conficker

I have just been infected by W32.Downadup.B – AKA Conficker and have spent all night removing it, so now I am going to share the quick way to remove W32.Downadup.B.

First make sure you are infected with W32.Downadup.B/Conficker. The biggest sign is going into My Computer and double clicking your hard drive. If you get an error message about “RECYCLER\S” then you are infected.

Be on the lookout for the “RECYCLER” folder as W32.Downadup.B/Conficker puts this on any drive on your computer. It is launched when autorun runs and is responsible for installing the infection. If your computer is infected with W32.Downadup.B/Conficker, you cant remove the RECYCLER folder as it is just put straight back on. RECYCLER is in the main directory “[YourDriveLetter]:\RECYCLER” so it is easy to find.

There are alot of sites out there showing you how to manually remove W32.Downadup.B/Conficker. Most of these files have the word [Random] in it meaning it could be anything. Don’t bother trying to manually remove it, it’s time consuming and you could do more harm than good.

To get rid of W32.Downadup.B/Conficker you have to use an antivirus/anti-spyware program, I just don’t see any other way around it. Microsoft recommends using their Malicious Software Removal tool. If you can’t access that link, it’s because W32.Downadup.B/Conficker is blocking it. Even if you were able to download it, W32.Downadup.B/Conficker stops the Malicious Software Removal tool from being executed.

I did have some limited success using Microsoft’s Conficker manual removal instructions.. Surprisingly W32.Downadup.B/Conficker allowed me to view the page however it didn’t allow me to download or even install the patches.

Although I used Spyware Doctor to remove W32.Downadup.B/Conficker, this post applies to all antivirus/anti-spyware programs. Even if you are able to download and purchase an antivirus/anti-spyware program, it is next to useless as Conficker will prevent it from downloading the necessary updates. Beceause of this, get whatever antivirus/anti-spyware program you want from an uninfected friends computer. When you have the program, manually download the updates from a website. Most antivirus/anti-spyware programs allow you to do this.

Now BURN THE ANTIVIRUS/ANTI-SPYWARE TO A CD. I cannot stress this enough. DO NOT USE A PENDRIVE/USB DEVICE. It will be infected as soon as you plug it into your computer. This is how I was infected in the first place.

Once on a CD/DVD, install the program onto your computer, put in your registation details and install the manual updates you downloaded. Now let it do a full scan and say goodbye to W32.Downadup.B/Conficker.

After you have removed W32.Downadup.B/Conficker, be sure to install this Microsoft patch. It prevents hackers from taking over your system using W32.Downadup.B/Conficker. Those of you are uninfected will want to install it anyway for safety.

Good luck.

UPDATE: Conficker B++ & Conficker C has recently been released. This is just Conficker that has been modified with different ways to communicate with hackers. It’s impact on your computer is the same as it’s twin brother. As before don’t bother trying to manually remove it but use Spyware Doctor to remove Conficker B++ and Conficker C instead.

Conficker is scheduled to start doing something on April 1st. No one is exactly sure what it will do the general consensus is that it will connect to a server and get further instructions like download a Trojan.

Popularity: 18% [?]

Remove Sagipsul – AKA Superjuan – For Free

Sagipsul — AKA “Superjuan” — is a Trojan that displays annoying popup ads on your computer. Sagipsul may also secretly download harmful files and launch a ton of Sagipsul pop-up ads, slowing down your computer.

On top that, Sagipsul puts pornographic icons your desktop, takes you to Sagipsul.com, and blocks anti-spyware sites to make it difficult for you to remove Sagipsul.

If Sagipsul and its hacker pals sound like a good time, by all means, keep Sagipsul, or Superjuan, or whatever it wants to call itself, on your computer. Otherwise, you can…

• Remove Sagipsul for Free, with Sagipsul Removal Instructions
• Read Adware.SuperJuan Technical Details

Popularity: 3% [?]

Remove Sagipsul, AKA Superjuan For Free

Damn Trojan is disappointed to present Sagipsul — AKA “Superjuan”. As well launches annoying popup ads on your computer, Sagipsul may secretly download harmful files and run a ton of pop-up ads, slowing down your computer.

If this sounds exciting, by all means keep Sagipsul, Superjuan or whatever it wants to call itself on your computer. Everyone else can,

• Remove Sagipsul. Description and removal instructions
• Adware.SuperJuan Technical Details

Popularity: 3% [?]

Get Rid of Trojan Zlob, For Free

If you’ve been infected by a fake security program, most likely you can thank Trojan Zlob.

Once Zlob gets onto your computer, it wastes no time downloading more malware that slows down your computer and bombards you with popups every 10 seconds.

If Zlob is on your PC, there are a few ways you can get rid of Zlob manually.

Or you could set fire to your computer. Up to you.

• How-To Video: Remove Trojan-Downloader.Win32.Agent (AKA ZLOB)
• Zlob Removal Guide, Step-by-Step Text Directions
• “Can’t Remove Trojan.Zlob…Please Help!” Get help for removal of Trojan.Zlob

Popularity: 7% [?]

“Your Computer Is Infected” Popup

Getting an annoying message that appears near your Windows clock reading “Your computer is infected. Windows has detected spyware infection”? This is stage one of a fake anti-spyware infection, and soon your sanity’ll be pushed to the limits, as you’re bombarded with security alerts pushing fake anti-spyware.

You can manually remove this “Your Computer is Infected” popup, but I recommend that you use Spyware Doctor to automatically get rid of this “Your Computer is Infected” popup, and find any malicious programs that may have been downloaded in the background.

Popularity: 10% [?]