Hey there

Recently one of my other computers got infected with a bunch of rogue’s, root-kit’s, trojans…

The computer was used for small business things like organizing and such, so I didn’t think it would get destroyed. Sooo my uncle decided one day that it would be nice to do some naughty things on there and then leaving it in chaos.

The only tools I managed to get working on their was avast, everything else would not open. Avast’s chest is “broken” as it says when I try to open it, so I couldn’t do anything to the viruses I found from the boot scan. I rather not delete them without an expert’s consent (you guys) so I just left it for now.

You might remember one of my earlier threads, on my dad’s business computer that was also infected with the same thing. That was never solved so we all agreed to reinstall the entire OS since that computer was only used for security cameras and no data of importance. My other computer however, is a bit more important since it’s for their sales so I don’t want to give up this time.

On my earlier thread, someone mentioned to download and burn an ISO image to a disc and then boot the computer. I had it working for awhile, but after I thought we were finally safe, the computer ended up not even being able to get to the desktop so that’s another reason why we had to reinstall the OS…(If you’re curious, it was one of those live CD’s by DrWeb or something)

Safe mode works but the pop up’s still come in and stop me from opening any of my downloaded tools (i.e Spybot, MBAM, HJT, etc.)

Oh and here are some extra details:

-Again with Windows Genuine notifications…(black background, timer at start up)
-Obvious rogue program…(Malware Defence)
-Downloading things still work, as well as installation, but it doesn’t go any further after that.
-Avast was the only program that was installed and executed successfully, but on that computer, I haven’t registered avast on it yet.
-The system restore has no check points for some reason…
-Changed the black background to “Hello kitty” for a less disturbing environment.

Sorry if I typed too much, I don’t think I put enough details. But if you guys need any more, I’ll post it.

Thanks for reading, and also thanks in advance whether or not this problem gets fixed ;D

PS: There are a few avast logs, I think from the boot scan (not good with logs) but I was afraid to transfer it to my home computer (this one) or through email.

-Obvious rogue program...(Malware Defence)

Remove Malware Defense (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-malware-defense

follow the guide step by step

Hi we could try to clear this outside windows by using a PE environment. This programme will only remove what I tell it to after I have analysed the log - so it is safe

OK this file is big Print these instruction out so that you know what you are doing

Two programmes to download

First

ISOBurner this will allow you to burn OTLPE.iso to a cd and make it bootable. Just install the programme, from there on in it is fairly automatic. Instructions

Second

[*]Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 292Mb in size so it may take some time to download.
[]When downloaded double click and this will then open ISOBurner to burn the file to CD
[]Reboot your system using the boot CD you just created.

Note : If you do not know how to set your computer to boot from CD follow the steps here

[*]Your system should now display a REATOGO-X-PE desktop.
[*]Double-click on the OTLPE icon.
[*]When asked “Do you wish to load the remote registry”, select Yes
[*]When asked “Do you wish to load remote user profile(s) for scanning”, select Yes
[*]Ensure the box “Automatically Load All Remaining Users” is checked and press OK
[*]OTL should now start. Change the following settings

[*]Change Drivers to Non-Microsoft

[*]Press Run Scan to start the scan.
[*]When finished, the file will be saved in drive C:\OTL.txt
[*]Copy this file to your USB drive if you do not have internet connection on this system
[*]Please post the contents of the C:\OTL.txt file in your reply.

SOOOO TERRIBLY SORRY I HAVEN’T REPLIED FOR AWHILE, BEEN REALLY BUSY!!!

Thanks for your help, I’m going to download the files onto another uninfected computer while going to try to find somewhere to purchase blank CD’s. By the way, the pop ups have stopped coming back up but not sure if the Windows Genuine thing is still there. Not even sure if it’s an actual virus but it’s annoying so I rather have it removed anyway.

Okay, I’m off to go buy some blank CD’s, thanks again for your help and patience.

Thanks! I will give this a try as well if Malware defense is still not removed.