"XP Antivirus 2012" infection, pls check logs...

Hello again.

This time it's my in-law's computer. They got the good old "XP Anitvirus 2012" infection and all the bugs that come with it. I had started to clean this up almost 2 weeks ago but I had to stop short and make them wait because the MG site was down and I didn't have my instructions!!! In the meantime, my brother-in-law came in and "fixed" the computer by monkeying with everything that he was NOT supposed to (including messing with God knows what in the registry!). So, needless to say, the infection came back.

Got through all the Run & Read Me very smoothly. I apologize, there were a few minor details in the beginning of the procedure that slipped my mind because I didn't have your handy dandy instructions to remind me (like updating Java - which has been done now). Logs are attached.

Everything was running very nicely when I left yesterday, to the point where I told them they could check their email quick. Apparently after that some pop-up came up and their computer froze. My dad-in-law manually turned off the system and when he turned it back on he claims there was a windows error. I told him to turn it off and I am assuming/hoping it was just a hiccup and it will boot just fine for me when I come back to finish the malware removal procedure (I hope!!!!).

Thanks!

 

Hello TimW! Always nice to get a reply from you! Thanks, but, I'm afraid that the puter is not booting through! Thankfully I called yesterday before going to work on it to make sure it was booting....and it did not. According to my mother-in-law (and over the phone, mind you) the error screen says something like "Windows could not start because of an error in the software - report load needed DLLs for kernel...." - again, that's what I got out of her over the phone.

So, I'm not sure what to do next. I'm pretty angry at this point because I know that my brother-in-law messed something up while he was here. But, he lives 4 hours away and I live 10 minutes away, so of course, guess who gets to deal with the problem that HE created...lol.

I know that they do have an XP disc so we can always wipe, BUT then there is the question about what do we do with their files? I have a hard drive reader, but at the moment I don't have a junk system to connect their infected hard drive to...so, I hope that there might be something to do to help before it gets to the point of a wipe and recovery mission...

 

Ok, sorry for taking so long to get back! And thanks for reminding about a repair. I was so angry at the situation before that I missed that simple answer.

So, I will admit that I don't know what I'm doing at this point. I have done a repair before but that was a few years back and it did not involve using the Recovery Console. Unless I'm doing something wrong now, so far, I get to the command prompt in Recovery Console and that's where I'm stuck. I'm not sure which of the commands to use...I would appreciate any advice! I did look up instructions for the recovery console but I didn't find them very helpful!

Thanks!

 

Der! Thanks TimW! I knew it had to be something simple like that. I'll get back with you as soon as I have a chance to repair and continue on with the removal process. Have a wonderful Friday evening!

 

Hi TimW. I apologize for dragging this out so long and for being intentionally so deliberate with my actions. I am trying to make sure I don't mess this thing up any further!

So, was able to start the proper repair process. Everything seemed to go ok until the repair process wanted to do the first reboot. That's where things get a little weird. This is an HP system that came with Vista and an XP downgrade. Every time I try to boot from the OS disc, it forces me to insert the "HP Restore Plus" cd to verify the install, then it wants to start the whole process over again. So, I don't know if the reboot after the initial "repair" copying of the files was supposed to go back to the repair process or what...like I said, it's been a while since I did a repair. Tried just rebooting normally after this and it just ends up in an endless reboot-of-death cycle unless I tell it to boot from the CD/DVD drive...during the reboot circle it does flash a blue screen right before it restarts but too fast to see it.

So, your advice on what to do next would be greatly appreciated. I'm gearing up to repair my junk desktop just in case I have to plug in their infected hard-drive to pull their files and do a full OS reinstall. I'd rather not do that because then my in-laws are going to lose a bunch of their email (but I can definitely save everything else).

Thank you as always for your help and patience!