Mini Spy

Loading...

Latest Threads

Loading...
 
  1. Before you start!
    All given instructions in this forum are customized for each help request, the tools used may cause damage if used on a computer with different infections. If you think you have similar issues, please post the appropriate logs in our Malware Removal Assistance forum and wait for help.

    Please be aware that removing Malware is a potentially hazardous undertaking. We will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for us to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and we cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
    We strongly advise you to backup any personal files and folders before you start.

afp virus removal method 4

Discussion in 'Malware Removal Assistance' started by thebrainthatwouldnotdie, Feb 17, 2013.

  1. thebrainthatwouldnotdie

    thebrainthatwouldnotdie New Member

    Joined:
    Feb 17, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    OK, this post for those with the AFP virus where method 1 2 or 3 (as described by by Stelian Pilici in his great post titled "Remove Australian Federal Police virus (Ukash Scam)") did not work.

    So..
    -you can't boot into safe mode with command prompt
    -you cant boot into safe mode with networking
    -the kickstart usb method does not work

    Method 4
    Restart the computer, and start the 'Recovery Consol'. For me this is availble by pressing f12 during start up, and also by pressing f8 there is also a link to the options menu that lists recovery consol

    If you cannot access recovery consol from there, insert the windows disk into the CD and select the 'repair windows using recovery consol' option at the first options screen.

    After selecting the recovery consol, you are asked to select the install to log into, and then you should get a command prompt.

    Now you can manually restore the registry to an earlier point in time. For the instructions go here: http://www.faultwire.com/solutions/using_system_restore_xp.php#RepairBoot and select "Manually Restore Registry via a Restore Point
    "
    Follow those instructions exactly.

    You might be able to reboot into your OS now, I could not and had to take a second step using rsturi.exe to complete the process. To do this:

    Reboot your machine and press F8 then select "SafeMode with command prompt" This time your system will (hopefully) reboot and give you the command prompt with the safe mode OS running in the background.

    Now follow the balance of Stelian Pilici instructions from "Method 2: Restore Windows to a previous state using System Restore"

    OK, I hope this gets you out of the muck. Good luck!
  2. kuttus

    kuttus Active Member

    Joined:
    Oct 5, 2012
    Messages:
    2,767
    Likes Received:
    81
    Trophy Points:
    152
    Hi and welcome to the MalwareTips.com forums!

    I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:
    • I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
    • The fixes are specific to your problem and should only be used for this issue on this machine!
    • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
    • If you don't know, stop and ask! Don't keep going on.
    • Please reply to this thread. Do not start a new topic.
    • Refrain from running self fixes as this will hinder the malware removal process.
    • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
    Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


    Before we start:
    Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

    Because of this, I advise you to backup any personal files and folders before you start.
    <hr />
    STEP 1: Run a scan with OTL by OldTimer
    <ol><li>Download the OTL utility using the below link :
    <><a title="External link" href="http://oldtimer.geekstogo.com/OTL.exe" rel="nofollow external">OTL DOWNLOAD LINK</a> <em>(This link will automatically download OTL on your computer)</em></></li>
    <li>Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    <img src="http://malwaretips.com/blogs/wp-content/uploads/2012/07/OTL-logo.png" alt="" title="OTL-logo" width="106" height="118" class="alignnone size-full wp-image-3946" /></li>
    <li>When the window appears, <>underneath Output</> at the top change it to <>Minimal Output</>.</li>
    <li>Check the boxes beside <>LOP Check</> and <>Purity Check</>.</li>
    <li>Click the<> Run Scan</> button.
    <img src="http://malwaretips.com/blogs/wp-content/uploads/2012/07/OTL.png" alt="" title="OTL" width="658" height="584" class="alignnone size-full wp-image-3945" /></li>
    <li>When the scan completes, it will open two notepad windows. <>OTL.Txt</> and <>Extras.Txt</>. These are saved in the same location as OTL.
    <>Please post this 2 logs in your first reply.</>.</li></ol>

    Settings You need to Select in OTL
    1. Click the [b]Scan All Users[/b] checkbox.
    2. Change [b]Standard Registry[/b] to [b]All[/b].
    3. Check the boxes beside [b]LOP Check[/b] and [b]Purity Check.[/b]

    <em>Note: If OTL.exe will not run, it may be blocked by malware. Try these alternate versions: <a title="External link" href="http://www.itxassociates.com/OT-Tools/OTL.scr" rel="nofollow external">OTL.scr</a>, or <a title="External link" href="http://oldtimer.geekstogo.com/OTL.com" rel="nofollow external">OTL.com</a>.</em>

    <hr />
    Last edited by a moderator: Mar 13, 2014

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads: virus removal
Forum Title Date
Avoid Malware Antivirus Rescue CD/USB - Bootable Tools of Scanning and Removal of malwares Aug 22, 2014
Malware Removal Assistance PriceChop Extensions in Chrome...JollyWallet Virus Removal Aug 12, 2014
Malware Removal Assistance Persistent virus, resistant to removal. Aug 5, 2014
The Community Video Reviews Baidu Antivirus 2014 Detection and Removal Test Jul 8, 2014
Your Review Baidu Antivirus Free 2014 Removal Capability Jun 16, 2014

MalwareTips.com is an independent website.All trademarks mentioned on this page are the property of their respective owners.