Inactive 8-step malware/rootkit removal help, logs included

[Broni]

No, not yet
I just want to take precautions, in case, something goes wrong.
Just to let you know, that you can use OTLPE CD and USB stick to backup anything else, you may need to backup.

Now, when done, boot to your Dell's recovery CD and you should find an option to perform "non-destructive" recovery.
In theory, you data should be safe.

 

[Jarick]

How do I perform a "non-destructive" recovery? My computer came with the Windows XP install disc, and "ResoureCD" that includes drivers for my hardware.
I looked around and found that in the Windows XP install from CD boot, you can repair windows, but when I follow the given steps, the screen that others get in order to start the repair by selecting your broken OS doesnt show up for me, instead it continues and goes to the drive partition screen.
These are the steps I followed:
1. Insert the Windows XP CD into your computer's CD drive or DVD drive, and then restart your computer.
2. When you receive the "Press any key to boot from CD" message on the screen, press a key to start your computer from the Windows XP CD.
3. The following message on the Welcome to Setup screen will appear:
This portion of the Setup program prepares Microsoft Windows XP to run on your computer: To setup Windows XP now, press ENTER. To repair a Windows XP installation by using Recovery Console, press R. To quit Setup without installing Windows XP, press F3.
4. Press ENTER to set up Windows XP.
5. On the Windows XP Licensing Agreement screen, press F8 to agree to the license agreement.
6. Make sure that your current installation of Windows XP is selected in the box, and then press R to repair Windows XP.
7. Follow the instructions that appear on the screen to reinstall Windows XP. After you repair Windows XP, you may have to reactivate your copy of Windows XP.

 

[Broni]

Oh, I see. It looks like you have full version of Windows XP CD.
It's even better.

Perform repair installation: http://www.geekstogo.com/forum/topic/138-how-to-repair-windows-xp/

 

[Jarick]

Yes I do
The problem is, after I push F8 to agree to the licensing, it doesnt show the screen giving me the option to repair, instead it brings me to the disk partition screen.
"If no installations are found, then you will not be given the option to repair. This may happen if the data or partition on your drive is too corrupted."
Do I have to select my partition first? Or am I going to have to format?

 

[Broni]

Yeah, that's probably because system hive is missing and the installation doesn't see your Windows installation.

Let's try something else.
Looking at your OTL log, I don't see recovery partition on your Dell, which is strange.
Unless someone removed it.
Restart computer and at Dell's logo press CTRL+F10.
See, if you'll get recovery options.

 

[Jarick]

I never removed the recovery partition... so how or why it got removed is mysterious.
Got no recovery options by pushing CTRL+F10, or even just F10.

 

[Broni]

Mea culpa
It's CTRL+F11.

I'll be back in 30 minutes, or so...

 

[Jarick]

Its no problem. CTRL+F11 worked, dell pc restore popped up. Unfortunately it says all data will be lost... I will go ahead and start the restore.
Note: OTLPE wouldn't let me access my hard drive, so no additional files were backed up, which is fine.

Take your time, I highly appreciate all of the help you have been providing, thank you

 

[Broni]

You're welcome

CTRL+F11 worked, dell pc restore popped up

Good
It should give you two options, non-destructive and destructive recovery.
Let me know.

 

[Jarick]

I didnt start it yet, but it only gives me 2 options. 1: Restore, which it says all data will be lost. When I clicked Restore, a confirmation window popped up saying all data will be lost, and gives the option to Confirm or Cancel. 2: Reboot, so you can backup data in windows (which I cant do)

 

[Broni]

Well, we got, what we got.
I'm glad, you had your data backed up
Go for recovery then.
Good luck and keep me posted.

 

[Jarick]

Everything seems good Its been so long since it was like this. Gonna take a little time to gets things back, but as long as its not infected im fine. Everything should be gone now?

Thank you so much, I know this probably took longer to fix than others, I highly appreciate your time and effort to help.

 

[Broni]

You're very welcome.
I'm sorry, we couldn't fix it without using some extreme measures
On the other hand, your computer, with clean installation should be flying

 

[Jarick]

Its perfectly fine, I was planning on going through and cleaning it up soon. And it is going SO much faster, its been so long since its been this fast.
For some reason this showed up in a malwarebytes scan I just ran, "Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully." but it got deleted and luckily there is nothing bad out of it.

 

[Jarick]

Well im off thank you for all of the help, ill be sure to recommend you to everybody, and come back here first if I have any future problems

 

[Broni]

Well, that's why you have couple of tools to keep bad guys away