I had a customer drop off a dell laptop that would blue screen before the windows xp logon screen comes up. It looks like the customer tried to use combofix and other antispyware tools to remove spyware on the machine.
I hate fixing a computer that has been "fixed" already. It makes it harder to define the problem as weird variables crop up. I got relatively lucky. I found a recent copy of the user32.dll file in the c:\windows\servicepackfiles folder and replaced the current user32.dll. The bad user32.dll file had a modified date of today. The replacement user32.dll file had a modified date of 2 weeks ago.
Before I restarted the computer, I manually removed the spyware and rootkits. Magically, the pc fired right up.
I feel sorry for the new computer guys out there as the spyware out there now is pretty tough. I do not think this computer would have been fixed if I had to rely on anti virus software to clean the pc.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment