Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need hlep please with a system check virus


  • Please log in to reply
2 replies to this topic

#1 Stella E D

Stella E D

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:05 PM

Posted 22 January 2012 - 02:17 PM

My friend, who knows nothing about computers at all, asked me to look at his computer. It appeared to have been infected with a System Check Virus. The computer OS is Windows XP and unfortunately, my friend said he cannot find the Recovery Discs that he had with it. Again unfortunately, my friend had done what the virus asked as he thought it was part of microsoft's security. Which I can understand as the screen shots and view were very authentic. All of the files/programs on the computer had disappeared. My friend before he aske dme to look at it, had contacted his broadband provider, Virgin, whose security he a;so used on the computer. They were unable to remotely access his computer and were unable to help.

I am by no means an expert in computers, but can follow instructions. I searched for similar cases and possible help on the intranet for this and found alot of people who had experienced the same problem. The computer could not be accessed in ordinary mode so I went into safe mode with networking and downloaded Malabytes and AVG. I ran scans by both and Malabytes identified a number of issues, at that time the virus was called Adware BIO _GEN, I think. I clicked on fix for all issues found. After this some files came back but were all showing as empty when clicked on. In safe mode some of the files were there. The ineternet could not be accessed at all in ordinary mode but coudl in safe mode with networking. I was unable to acess the control panel and either in safe mode or normal mode, and trying ot open any programs in normal mode gave me the following message:

Windows cannot find 'C:\WINDOWS\system32\rundll32.exe'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click search.

I also tried retore the computer to an earlier point in time which did not work. I contacted Microsoft, mainlly about getting soem new disks but XP is no longer availble.

I then went to see the tecnical staff at PC World, who told me to download Combofix from bleepingcomputers, and only from this site, run it and this should fix the problem.

I did this and Coimbofix went throught the process, it asked me to disable AVG and Virgin security, before it ran the can, which I was unable to do as I could acess these in normal or safe mode (got the above message when I tried)

Combofix aske dme if I wanted to run it anyway, at my own risk etc. which I did. After a very very lengthy wait for Compbofix to prepare the log report, the computer had now got visible progarams back on the desk top, most of which are still showing as empty, but I was able to access some of them. However, the comtrol panel is still presneting me with the above alert message when I try and go into uninstall programs, display etc.

I have not attached the Combofix log as instructed, but can send if you need this. Any help, if there is any, would be gratefully received. Many thanks Stella E

BC AdBot (Login to Remove)

 


#2 mark1956

mark1956

  • Security Colleague
  • 271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Spain
  • Local time:09:05 PM

Posted 22 January 2012 - 02:27 PM

Well, for starters the Staff at PC World should learn a bit about Malware removal before they suggest to any members of the public to run Combofix. It should never be run without the guidance of someone who has been fully trained in Malware removal.

Anyway, you are in the wrong forum, so I will put in a request to move you to the "Am I Infected" forum where you will get the help you require.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:05 PM

Posted 22 January 2012 - 02:50 PM

Hello having run ComboFix we need to see that and a DDS log.

Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Skip the GMER step and instead post the ComboFix log you have.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users