Obviously working in IT everyone comes to you to fix problems with their computers and I am a sucker for helping people out – most of the time. I don’t mind helping people who I know appreciate it and will always repay any favors given out.

Recently it seems there has been a spate of requests from friends and work colleagues to fix their computers because they have got a “bug” on their computer. The most recent “bug” was Windows XP basically couldn’t boot, you could login and the wallpaper would come up but that was it. Knowing computers I CTRL + ALT + DEL’d and got task manager up but couldn’t really see anything obscure running that shouldn’t have been, but there was no explorer.exe task which was odd. I tried to launch it, it would launch but no start menu would load and then it would disappear from task manager. So further investigation was required.

I was able to launch a command prompt and from there run some of the normal debugging tools – but basically nothing would run. So I downloaded a copy of an old faithful program I have used about half a dozen times in the last month – combofix.exe. I was luckily able to use a usb drive and transfer the file using good old DOS copy command and from the command prompt launch it.

It usually only takes 5-10 minutes to run, but this time it took about 20 minutes to run and one of the things it found was AntiVirus 2009 (there was others too). It seems even viruses get an upgrade to the latest version each year. The worst thing is it all looks legitimate but too many people fall for it and readily install this “AntiVirus” software only to discover all too late that it is a problem.

I recommend everyone get a copy of combofix and make themselves aware of its use – view the website below for more details

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Trackback Post

Related Posts