Posted 22 January 2012 - 02:17 PM
My friend, who knows nothing about computers at all, asked me to look at his computer. It appeared to have been infected with a System Check Virus. The computer OS is Windows XP and unfortunately, my friend said he cannot find the Recovery Discs that he had with it. Again unfortunately, my friend had done what the virus asked as he thought it was part of microsoft's security. Which I can understand as the screen shots and view were very authentic. All of the files/programs on the computer had disappeared. My friend before he aske dme to look at it, had contacted his broadband provider, Virgin, whose security he a;so used on the computer. They were unable to remotely access his computer and were unable to help.
I am by no means an expert in computers, but can follow instructions. I searched for similar cases and possible help on the intranet for this and found alot of people who had experienced the same problem. The computer could not be accessed in ordinary mode so I went into safe mode with networking and downloaded Malabytes and AVG. I ran scans by both and Malabytes identified a number of issues, at that time the virus was called Adware BIO _GEN, I think. I clicked on fix for all issues found. After this some files came back but were all showing as empty when clicked on. In safe mode some of the files were there. The ineternet could not be accessed at all in ordinary mode but coudl in safe mode with networking. I was unable to acess the control panel and either in safe mode or normal mode, and trying ot open any programs in normal mode gave me the following message:
Windows cannot find 'C:\WINDOWS\system32\rundll32.exe'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click search.
I also tried retore the computer to an earlier point in time which did not work. I contacted Microsoft, mainlly about getting soem new disks but XP is no longer availble.
I then went to see the tecnical staff at PC World, who told me to download Combofix from bleepingcomputers, and only from this site, run it and this should fix the problem.
I did this and Coimbofix went throught the process, it asked me to disable AVG and Virgin security, before it ran the can, which I was unable to do as I could acess these in normal or safe mode (got the above message when I tried)
Combofix aske dme if I wanted to run it anyway, at my own risk etc. which I did. After a very very lengthy wait for Compbofix to prepare the log report, the computer had now got visible progarams back on the desk top, most of which are still showing as empty, but I was able to access some of them. However, the comtrol panel is still presneting me with the above alert message when I try and go into uninstall programs, display etc.
I have not attached the Combofix log as instructed, but can send if you need this. Any help, if there is any, would be gratefully received. Many thanks Stella E