I suggest:

1. Get/copy/salvage all working data in the HD;

2. Low-level format the HD and then restore the work data as recovered, after the OS was reinstalled. If your client is sticking with the partition, then do the partitions as originally done before the data restore.

3. Have the firewalls and the AVs up and then let it go. You m,ight as well check if the user's ISP is dedicated to that vulnerable default URl, if indeed there is, and change it.

4. <Mind, you might as well educate the user regarding running the standard diagnostics and the updates needed for the anti-virus, firewalls, spyware and adware watchers/cleaners, etc.>

I just noticed that some users are just that... users, like the jockeys who don't care if the horse is well-fed, as long as it runs. Computer users are <mostly> similarly inclined; they wouldn't care what ails the system as long as it works. Somehow, they need to be reminded that they need to get updates for the software they use and to do the diagnostics themselves so that when they encounter something that mystifies, then they should consult the more knowledgeable ones like here, in AO.

<Tongue-in-cheek>! I was reading about JP's ruminations and every other one else ... was AO better then than now, indeed? Please pardon this irrelevance/irreverence, MsM and Neg.