[IronFistt]

Yes, my machine is still on XP and I hope my issues can still be fixed. I got infected with some virus that appears to be called Arestocrat. When the PC boots up, I log in and shortly after, the malware takes over and says I have 48hrs to pay $300 Virus Image.

Ive tried to boot into safe mode, safe mode with command prompt, safe mode with networking and all end up in a blue screen. As its trying to boot, it gets to the following driver and blue screens. \windows\system32\drivers\mup.sys

Ive made a bootable usb with hitmanpro and ran that... unfortunately hitman pro cannot find an internet connection and do its thing. At this point, Im at the end of my rope. I know this is going to be a tough nut to crack but I hope someone can help me out!!!!

Thanks in advance

[Advertisements]

Hi,



Lets give this a try throughout an External Environment. You will need a CD to burn and a flash drive to move information from the troubled computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).

Here is what you need to do.

• Download OTLPEStd.exe to your desktop. NOTE: This file is 93.5MB in size so it may take some time to download.
• Once downloaded, insert a blank CD in your burner and click on OTLPEStd.exe.The executable includes the OTLPE_New_Std.iso and a copy of imgburn, a program to burn .iso files. When executed, the application will extract both and start the burning process automatically.
• Once the CD is burned, boot the Non working computer using the boot CD you just created.
• In order to do so, the computer must be set to boot from the CD first
  Note : For information click here
  
• Your system should now display a REATOGO-X-PE desktop.
• Double-click on the OTLPE icon.
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start. Change the following settings
  
  • Change Drivers to All
  • Change Standard Registry to All
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive in the root directory of your hard drive, usually C:\.
• Copy this file to your USB drive.
• Please post the contents of this file in your reply.

[JSntgRvr]

Hi,



Lets give this a try throughout an External Environment. You will need a CD to burn and a flash drive to move information from the troubled computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).

Here is what you need to do.

• Download OTLPEStd.exe to your desktop. NOTE: This file is 93.5MB in size so it may take some time to download.
• Once downloaded, insert a blank CD in your burner and click on OTLPEStd.exe.The executable includes the OTLPE_New_Std.iso and a copy of imgburn, a program to burn .iso files. When executed, the application will extract both and start the burning process automatically.
• Once the CD is burned, boot the Non working computer using the boot CD you just created.
• In order to do so, the computer must be set to boot from the CD first
  Note : For information click here
  
• Your system should now display a REATOGO-X-PE desktop.
• Double-click on the OTLPE icon.
• When asked "Do you wish to load the remote registry", select Yes
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
• OTL should now start. Change the following settings
  
  • Change Drivers to All
  • Change Standard Registry to All
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive in the root directory of your hard drive, usually C:\.
• Copy this file to your USB drive.
• Please post the contents of this file in your reply.

[JSntgRvr]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.