Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Alureon.E (virus)trojan

25 Mar 2013   #11
brato92

Windows 7 Home Premium x64
 
 

@VistaKing: i've edited the post.


My System SpecsSystem Spec
.
25 Mar 2013   #12
cottonball

Windows 7 Home Premium
 
 

brato92,

If you do not wish to pursue the advice given by Jacee, then, it looks as if we need to burn a Windows 7 RE CD...

Since the system is Windows 7 Home Premium, this is the ISO image:
http://msft.digitalrivercontent.net/win/X17-24209.iso
Download to the Desktop.

This CD is not an installation CD, it just has some tools to get you going.

Also download to the Desktop the Active@ ISO Burner program to create the CD:
http://www.ntfs.com/iso-burning.htm

Instructions:
http://www.ntfs.com/iso_burner_free.htm

Follow the prompts to install the program.

After installing the Active@ ISO Burner, place a blank CD-R in the CD burner drive of the computer.
Double-click the .iso for Windows 7, and the program automatically opens.

Make sure the full path to the ISO image file (on the Desktop) is in the Source field.
In the Target area verify the proper CD Burner drive is selected. (The PC may have more than one.)

Click: BURN

When done, the CD created ejects.

Post back when you get it done, and we will proceed.

Will be back here at around 7:00PM Central Std Time (USA)
My System SpecsSystem Spec
25 Mar 2013   #13
shawn77

32 bit
 
 

If TDSSkiller has come clean,then you can delete the partition from disk management.Get me a screenshot of your disk management and i will say which partition to delete.
My System SpecsSystem Spec
.

25 Mar 2013   #14
cottonball

Windows 7 Home Premium
 
 

brato92,

Quote:
Borg 386:

TDSSKiller... automates this process, & resets the boot sector back to it's rightful place.
It is your choice. We can go the TDSSKiller route, if you wish, per instructions that follow.

If it does not work, there is still the option to go with the Windows 7 RC CD and FRST64.

Download TDSSKiller.zip:
http://support.kaspersky.com/downloa...tdsskiller.zip
Right-click the program and select: Extract to tdsskiller\

A TDSSKiller folder is found on your Desktop.
Open the folder, and double-click the TDSSKiller application.

When TDSSKiller opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System
Click: OK

Press: Start Scan

If a suspicious object is detected, the default action is Skip, leave it as is, and click on: Continue
If malicious objects are found, they show in the Scan results.
Ensure Cure (the default) is selected, then click: Continue > Reboot now, to finish the cleaning process.
(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)

When done, the tool outputs its log to the system disk root folder (the disk with the Windows Operating System, normally C:\).

Logs have a name like:
C:\TDSSKiller.2.4.7_23.10.2013_15.31.43_log.txt

>>Please post the TDSSKiller log in your reply.<<
Quote:
shawn77:

If TDSSkiller has come clean...
We need to take a look at these results before doing anything else!!



~~~~
If you wish to proceed with the Windows 7 RC CD, then...

Please go to the infected computer.
Plug in the pendrive which has FRST64.

To enter System Recovery Options using the Windows 7 Recovery Environment Disc:
¦Insert the disc created into the CD drive.
¦Restart the computer.
¦If prompted, press any key to start Windows from the installation disc.
(If your computer is not configured to start from a CD, check your BIOS settings to do so.)

¦Select Language settings, etc., and then click: Next
¦Select the Operating System you want to repair, and then click: Next
¦At the next prompt, click: Repair your computer

Now, follow the Farbar Recovery Scan Tool instructions in Post # 3, from here onwards:
On the System Recovery Options menu you get the following options:
My System SpecsSystem Spec
25 Mar 2013   #15
cottonball

Windows 7 Home Premium
 
 

@huntbill66,

Please start your own thread.

Thank you.
My System SpecsSystem Spec
26 Mar 2013   #16
brato92

Windows 7 Home Premium x64
 
 

cottonball, i can't perform Jacee's advice (VAIO System Restore) because i don't have an external HDD where i can backup all my stuff (around 400GB). I'll run TDSSKILLER. I'll post soon.
My System SpecsSystem Spec
26 Mar 2013   #17
brato92

Windows 7 Home Premium x64
 
 

i ran TDSSKILLER and after reboot i found these 2 log files on C drive:

https://www.dropbox.com/s/nr4o3p835f....46.30_log.txt

https://www.dropbox.com/s/lfqv7078et....52.13_log.txt
My System SpecsSystem Spec
26 Mar 2013   #18
cottonball

Windows 7 Home Premium
 
 

brato92,

Please fo to Start > Control Panel > Administrtive Tool
In Administrative Tools, select: Computer Management
Under Storage, select: Disk Management

Please use the Snipping tool to post an image of Disk Management.

Disk Management - Post a Screen Capture Image
My System SpecsSystem Spec
26 Mar 2013   #19
cottonball

Windows 7 Home Premium
 
 

On TDSSKiller...

Please run it once again, and this time, if presented with the TDSS File System entry, select: Delete instead of Skip (sample - bottom entry):



Please post the new TDSSKiller log in your reply.


Also, let's also check the partitions in the hard drive to make sure the hidden partition from which Aleuron 'operates' is gone.

Please download ListrParts:
http://www.bleepingcomputer.com/down...stparts/dl/78/
Save to the Desktop

Double-click the downloaded file to run the program.

Click: Scan

When done, please post the Result.txt in your reply
My System SpecsSystem Spec
26 Mar 2013   #20
brato92

Windows 7 Home Premium x64
 
 

I've attached the Disk Management PrintscreenAlureon.E (virus)trojan-capture.jpg


My System SpecsSystem Spec
Reply

 Alureon.E (virus)trojan




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Computer wont start after removing alureon virus with defender offline
I used windows defender offline to remove the Trojan alureon virus and now my computer will not start up. as it is attempting to start, blue screen will flash and the loop will start over.
System Security
Win64/Alureon.gen!A*Virus preventing computer startup
I had been experiencing blue screens for months before I posted on this site to hopefully receive some assistance. After taking the actions suggested by a member of the BSOD forums, I eliminated a lot of possible causes for the BSODs but one in specific has given me some trouble....
System Security
Trojan Alureon.A Detected After Clean Win7 Install
A brief intro: I'm working on a family friend's laptop. It's a Dell Vostro 3550. After doing a factory reset, I was still getting tons of BSODs. You can find info on all that in this thread. I did a Clean Windows 7 install because all signs pointed to hardware issues, but we wanted to be sure. ...
System Security
boot:\physicaldrive0\partition3 (type 17) Alureon.E (virus)trojan
Good afternoon/evening, Sevenforums professionals:o My name is kyle and I'm looking for help to remove/cure some issues I'm having with my desktop Gateway PC. This is on a Windows 7 home premium 64bit, i3 processor. Here are the problems detected by Microsoft Security Essentials: ...
System Security
Trojan:DOS/Alureon.A
I've had this incredibly annoying infection for the last few weeks. I've done some searching online and don't get many clear answers about this one. It got to the point that i formatted my hdd, which was due anyway, but after a fresh install of Win 7 i still get prompts from MSE. I've gathered...
System Security
Alureon Bootkit Trojan - Crossing the 64 bit Barrier
UAC is there for a reason!
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 18:40.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App