[Peptobismol165]

Hello!
First I want to start off by saying this. Yes, I'm in GeekU. I do realize one of GeekU's rules are "You cannot post on the Maleware Topic board." Well I wanted to leave GeekU, but nobody took me off. I've been inactive for at least 2 months and I STILL haven't been taken off. Here is my question:

My friend has a virus. I'm trying to take it off, but he dosen't have any recovery disks and I also cannot get on the Internet. I went to "System Restore" in the System Tools menu, but when I click on it it won't open. What can I do? I can't tell you what the virus's name is, but here is it's behaviors.

-Redirects him to a porn site. (Don't know the name)
-slows his computer down
-prevents him from getting on the internet
-Prevents him from opening programs

I know that isn't enough info, but this is all I could get. Please help!

[Advertisements]

Hello,

• Download OTLPEStd.exe to your desktop
• Download OTLPENet.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
• Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  
• Save the following text to your USB stick as scan.txt It must be named this, or the automated scan won't work.
  
  Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  netsvcs
  %SYSTEMDRIVE%\*.*
  %sysmtemroot\system32\*sys /90 /md5
  %systemroot%\Fonts\*.com
  %systemroot%\Fonts\*.dll
  %systemroot%\Fonts\*.ini
  %systemroot%\Fonts\*.ini2
  %systemroot%\Fonts\*.exe
  %systemroot%\system32\spool\prtprocs\w32x86\*.*
  %systemroot%\REPAIR\*.bak1
  %systemroot%\REPAIR\*.ini
  %systemroot%\system32\*.jpg 
  %systemroot%\*.jpg 
  %systemroot%\*.png 
  %systemroot%\*.scr
  %systemroot%\*._sy
  %APPDATA%\Adobe\Update\*.*
  %ALLUSERSPROFILE%\Favorites\*.*
  %APPDATA%\Microsoft\*.*
  %PROGRAMFILES%\*.*
  %APPDATA%\Update\*.*
  %systemroot%\*. /mp /s
  CREATERESTOREPOINT
  %systemroot%\System32\config\*.sav 
  %PROGRAMFILES%|bak;true;false;false /fp
  %systemroot%\system32|bak;true;false;false /fp
  %ALLUSERSPROFILE%\Start Menu\*.lnk /x 
  %systemroot%\system32\config\systemprofile\*.dat /x
  %systemroot%\*.config
  %systemroot%\system32\*.db
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  

  
  
• Reboot your system using the boot CD you just created.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
  
  
• Your system should now display a Reatogo desktop.
  Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Insert your USB drive, Drag and drop the scan.txt into the Custom scans and fixes box
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\OTL.txt file in your reply.

[Thunderbird1988]

Hello,

• Download OTLPEStd.exe to your desktop
• Download OTLPENet.exe to your desktop
• Ensure that you have a blank CD in the drive
• Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
• Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  
• Save the following text to your USB stick as scan.txt It must be named this, or the automated scan won't work.
  
  Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  netsvcs
  %SYSTEMDRIVE%\*.*
  %sysmtemroot\system32\*sys /90 /md5
  %systemroot%\Fonts\*.com
  %systemroot%\Fonts\*.dll
  %systemroot%\Fonts\*.ini
  %systemroot%\Fonts\*.ini2
  %systemroot%\Fonts\*.exe
  %systemroot%\system32\spool\prtprocs\w32x86\*.*
  %systemroot%\REPAIR\*.bak1
  %systemroot%\REPAIR\*.ini
  %systemroot%\system32\*.jpg 
  %systemroot%\*.jpg 
  %systemroot%\*.png 
  %systemroot%\*.scr
  %systemroot%\*._sy
  %APPDATA%\Adobe\Update\*.*
  %ALLUSERSPROFILE%\Favorites\*.*
  %APPDATA%\Microsoft\*.*
  %PROGRAMFILES%\*.*
  %APPDATA%\Update\*.*
  %systemroot%\*. /mp /s
  CREATERESTOREPOINT
  %systemroot%\System32\config\*.sav 
  %PROGRAMFILES%|bak;true;false;false /fp
  %systemroot%\system32|bak;true;false;false /fp
  %ALLUSERSPROFILE%\Start Menu\*.lnk /x 
  %systemroot%\system32\config\systemprofile\*.dat /x
  %systemroot%\*.config
  %systemroot%\system32\*.db
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  

  
  
• Reboot your system using the boot CD you just created.
  Note : If you do not know how to set your computer to boot from CD follow the steps here
• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
  
  
• Your system should now display a Reatogo desktop.
  Note : as you are running from CD it is not exactly speedy
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Insert your USB drive, Drag and drop the scan.txt into the Custom scans and fixes box
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\OTL.txt file in your reply.

[Peptobismol165]

What is a clipboard? (or are you talking about the thing you write on?)

[Peptobismol165]

OTLPENet.exe won't copy the CD. What do I do?

[Thunderbird1988]

Hello,

"Clipboard" is a place in Windows where items get stored if you "cut" or "Copy" them.

Which burning program have you used. Also, do you own a thumb drive? If it is big enough (at least 512 mb) We could use that instead of a cd.

Thunderbird1988

[Peptobismol165]

I'm using the LG Burning tool. It came with the CD/DVD Burner I got.

And yes I do have a thumb drive. 2gb.

[Thunderbird1988]

IMPORTANT:
You will need a flash drive with a size of 512 Mb or bigger. Make sure that you do not leave anything important on the flash drive, as all data on it will be deleted during the following steps.

• 
  
  • Download OTLPEStd.exe from one of the following links and save it to your Desktop: mirror1 or mirror2
    
  • Download eeepcfr.zip from the following link and save it to your Desktop: the mirror
    
  • Finally, if you do not have a file archiver like 7-zip or Winrar installed, please download 7-zip from the following link and install it: the mirror
• Once you have 7-zip install, decompress OTLPEStd.exe by rightclicking on the folder and choosing the options shown in the picture below. Please use a dedicated folder, for example OTLPE, on your Desktop
  
  
  
  
• Open the folder OTLPEStd which will be created in the same location as OTLPEStd.exe and right-click OTLPE_New_Std.iso. Select 7-Zip and from the submenu select Extract files... and extract the content onto your Desktop in a OTLPE folder:
  
  
  
  
• Please also decompress eeepcfr to your systemroot (usually C:\).
  
• Empty the flash drive you want to install OTLPE on.
  
• Go to C:\eeecpfr and double-click usb_prep8.cmd to launch it.
  
• Press any key when asked to in the black window that opens.
  
• As indicated in the image, make sure you have selected the correct flash drive, before proceeding.
  For Drive Label: type in OTLPE.
  Under Source Path to built BartPE/WinPE Files click ... and select the folder OTLPE that you created on your Desktop.
  Finally check Enable File Copy.
  
  
  
  
  
• Click on Start, accept the disclaimers and wait for the program to finish.

Your bootable flash drive should now be ready!

• Save the following text to your USB stick as scan.txt It must be named this, or the automated scan won't work.
  
  Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  netsvcs
  %SYSTEMDRIVE%\*.*
  %sysmtemroot\system32\*sys /90 /md5
  %systemroot%\Fonts\*.com
  %systemroot%\Fonts\*.dll
  %systemroot%\Fonts\*.ini
  %systemroot%\Fonts\*.ini2
  %systemroot%\Fonts\*.exe
  %systemroot%\system32\spool\prtprocs\w32x86\*.*
  %systemroot%\REPAIR\*.bak1
  %systemroot%\REPAIR\*.ini
  %systemroot%\system32\*.jpg 
  %systemroot%\*.jpg 
  %systemroot%\*.png 
  %systemroot%\*.scr
  %systemroot%\*._sy
  %APPDATA%\Adobe\Update\*.*
  %ALLUSERSPROFILE%\Favorites\*.*
  %APPDATA%\Microsoft\*.*
  %PROGRAMFILES%\*.*
  %APPDATA%\Update\*.*
  %systemroot%\*. /mp /s
  CREATERESTOREPOINT
  %systemroot%\System32\config\*.sav 
  %PROGRAMFILES%|bak;true;false;false /fp
  %systemroot%\system32|bak;true;false;false /fp
  %ALLUSERSPROFILE%\Start Menu\*.lnk /x 
  %systemroot%\system32\config\systemprofile\*.dat /x
  %systemroot%\*.config
  %systemroot%\system32\*.db
  HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  

  
  
• Reboot your system using the boot USB you just created.
  
  
  
• Your system should now display a Reatogo desktop.
  
• Double-click on the OTLPE icon.
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Insert your USB drive, Drag and drop the scan.txt into the Custom scans and fixes box
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive.
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\OTL.txt file in your reply.

Thunderbird1988

[Thunderbird1988]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.