I removed the Alureon Virus following some steps that were given to me via MS Security Essentials. Now I am getting a BSOD and cant get into anything except repair your system.
I have ran frst64.exe because of some other threads that I read. I am not sure what to do now. I am attaching the log from running frst64.exe.
Thanks for any help.
RustyBrotherton,
Please do the following:
Open notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents of the quote box below (Do not copy the word 'Quote');
Save it on the pendrive that has FRST64 and name it: fixlist.txt
WARNING: This script is written specifically for RustyBrotherton, and, for use on this computer.start
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\n. ATTENTION! ====> ZeroAccess
AppInit_DLLs: [0 ] ()
C:\Users\Amy\Application Data\eufihagb
C:\Users\Amy\AppData\Roaming\eufihagb
TDL4: custom:26000022 <===== ATTENTION!
end
Running this on another computer may cause damage to the Operating System!!
Now, please enter System Recovery Options and select the Command Prompt as done before.
Run FRST64, and press the Fix button, just once, and wait.
FRST reboots the computer.
When done, the tool creates a report on the pendrive called: Fixlog.txt
Please post Fixlog.txt in your reply.
Post back on whether you can boot normally to Windows.
I just booted into Windows normally!!!
Here is the log.
You guys are seriously amazing!!
RustyBrotherton
Once you're up and running . I recommend removing McAfee
McAfee Removal ToolMCPR.exe
Drag the MCPR.exe file from your Downloads folder to your Desktop folder
Yes cottonball that is why I said once you're up in running . Meaning when the virus is removed .
I just ran tdsskiller.exe and it said no threats found. Additionally I loaded MS Security Essentials and it found no threats as well.
I might have been to quick but I had already ran the MCPR.exe
We are switching to the Desktop...no pendrive.
Also, TDSSKiller produced a report. Please post it in your reply.
Please go to the: Farbar Recovery Scan Tool Download
Select the 64-bit version.
Save it to your Desktop.
You will use it shortly.
Open Notepad (Start > All Programs > Accessories > Notepad)
Copy/paste all the contents of the quote box below to Notepad (do not copy the word 'Quote').
Save it on the Desktop as: fixlist.txt
Run FRST64 again (from the Desktop), but this time press the Fix button just once, and wait.start
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
end
When done, the tool makes a log on the Desktop.
Please post Fixlog.txt in your reply.
Since the following steps involve editing the Registry, please create new restore point before proceeding.
System Restore Point - Create
Select: Option Two
Now, please download the ESET ServiceRepair:
http://kb.eset.com/library/ESET/KB%2...icesRepair.exe
Save to the Desktop.
Double-click and run the downloaded file.
When the program runs, a prompt appears asking if you want to proceed.
Click: Yes
When the Services routine is Completed, you are asked to Reboot.
Click Yes to allow the reboot.
The tool creates a folder named CC Support on the Desktop.
Please provide the CC Support\Logs\SvcRepair.txt in your reply.
Last, please take action Downloading Farbar Service Scanner
Save to the Desktop
Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Press: Scan
FSS creates a log, FSS.txt, on the Desktop.
Please provide the FSS.txt in your reply.
Need for you to attach 4 reports:
TDSSKiller
Fixlog.txt from FRST64
SvcRepair.txt
FSS.txt
OK here are the logs.
TDSSKiller Report.txt
Fixlog.txt
SvcRepair.log
FSS.txt
RustyBrotherton,
There is still some more work to do, but the mean malwre is out of the picture.
VistaKing, in California, will run you through the routine of geting rid of McAfee.
In Illinois, it is 12:45AM, past my night-night time.
Will se ya later, probably in the afternoon!
Quote
