I was asked to 'see what i could do' with a friends' dads' PC that 'died' last year sometime..
I asked what was up with it and was told 'it just stopped working, has been in the cupboard since'
Anyway, i took it away, wired it up and it just wouldn't start. wouldn't load beyond any xp screen and wouldn't allow me to choose 'last known good config.' or even safe mode.
Had a look at the BIOS and it was kind of messed up, each IDE device had had its setting manually input, which was odd, they were all wrong... (also strangely the default colour within the BIOS/CMOS settings had changed : / ) anyway i set them all back to auto and rebooted, though it still wouldn't load up. from there i reset the BIOS and set everything to auto again and reset the time/date settings. success! got windows to load
From there i was having a nose around to see what may have caused problems, spotted limewire
so immediately removed that, plus various other pieces of crap.
I copied setup files for Spybot and Avast antivirus on to the PC to see what they flagged up. Spybot showed a hell of a lot of problem files, a 100 at least! told it to 'fix problems' and let it work away. nearly all of them were shown as 'fixed' (green ticks for those familiar with Spybot) and there were 3 items still problematic. the two above were the problem entries. set spybot to run on restart and let it work on that.. still didnt remove them :s
Ran Avast and before the scan had even reached 1% it flagged up a rootkit - "Win32.Tiny.abk" with the file xpdx.sys, one Spybot had shown as a problem.. anyway it requested that i restarted and ran avast with a boot scan, so i did..
From there it picked up on quite a few infected files so i set it to delete/remove any problem files. cant remember how many exactly, but it removed a load of virus files..
Once back in windows i ran the two checks again, both picked it up the same files, so they obviously were not actually removed..
Also FSecure blacklight didn't pick up anything.
So, from here, what do you guys suggest my next step is?
(i haven't connected this PC to the internet yet, as i actually have it in work, where the internet connection is shared via LAN, and i didn't want to connect this PC to the network as it wasn't looking to healthy, just in case)