Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AV Security 2012 Removal Caused consrv to Not Be Found


  • This topic is locked This topic is locked
2 replies to this topic

#1 Tedium

Tedium

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 16 November 2011 - 11:03 AM

Hey guys,

My girlfriend's computer, running Windows Vista, was recently infected with the AV Security 2012 malware. I ran AVG Free(with latest updates), Spybot S-D(latest), MalwareBytes Free(latest), and ComboFix. Apparently, one of these programs targeted consrv, and possibly other vital components, as infected and deleted them.

Now, the computer boots to a blue screen with a "Stop: c0000135 consrv not found" error. I guess I have several questions:

1) My girlfriend has been through several moves recently and it's an old computer, so I doubt she has the boot disk. Can I fix this problem without one? Or is there somewhere that is free and legal to download one?

2) I have no idea whether or not I fully rid her computer of the malware. I thought it was similar to the SpySheriff family of malware, but this one is much more devious apparently.

3) Is it safe for me to be transferring files back and forth from my computer to hers? I don't want both of our computers to be infected.

Thanks in advance for your time and trouble.

ETA: The computer will not run in Safe mode either. And I am not sure how to run these logs if it won't boot to the desktop.

Edited by Tedium, 16 November 2011 - 11:17 AM.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:35 PM

Posted 16 November 2011 - 03:18 PM

:welcome:

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:05:35 PM

Posted 25 November 2011 - 08:32 AM

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users