Jump to content

Recommended Posts

I'm trying to fix a system that has been infected with the "Virus Protector" rogue. The system has been rebooted so the rogue has total control when any user logs in. The rogue also prevents the system from booting in any of the safe mode options...the system simply does a reboot when I try.

I can boot the system using a UBCD4Win disk but it does not include Malwarebytes and some of what I've read seemed to indicate that the approach was not going to work anyway.

How do I get this rogue off this system? Any help would be appreciated!

khabecker63

Link to post
Share on other sites

Hello khabecker63

Welcome to Malwarebytes.

=====================

You will need a blank cd,a cd burner and another computer to do the following.

Ok this file is big Print these instruction out so that you know what you are doing

Two programs to download

First

ISOBurner this will allow you to burn OTLPE.iso to a cd and make it bootable. Just install the program, from there on in it is fairly automatic. Instructions

Second

  • Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 292Mb in size so it may take some time to download.
  • When downloaded double click and this will then open ISOBurner to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the C:\OTL.txt file in your reply.

Link to post
Share on other sites

Thank you for the suggestion. I also found another solution:

The Ultimate Boot CD for Windows includes SUPERAntiSpyware. Once it updated itself it was able to scan the hard drive and delete the rogue's files. I was then able to boot Windows from the drive, download Malwarebytes and clean the registry.

For future reference, what is the source/author of OTLPE.iso? A web search shows recommendations that suggest it is a PE based malware scanner, but nothing about its source.

khabecker63

Link to post
Share on other sites

First off I would never ever ask you to download Malware for sure I would not be here if I did this.

OTlpe is a bootable iso made ny the author of OTL OldTimer.

Since you seem to have gotten full control back are you good to go or do you want me to take a look at your machine?

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.