Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Win64/Alureon.gen!A*Virus preventing computer startup

14 Sep 2013   #11
kyle7282

Windows 7 Home Premium 64-bit SP1
 
 

I can indeed open the the command prompt in the System Recovery Options I've been through how to change the boot order already though, but thanks for explaining it anyway. What can I do exactly in the command prompt?


My System SpecsSystem Spec
.
14 Sep 2013   #12
cottonball

Windows 7 Home Premium
 
 

Good!!

You may want to print these instructions so you can have access to them.
Also, you may want to read them once before you apply them.

Plug in a USB pen drive into the good working computer.

Go to the the Farbar Recovery Scan Tool Download
Select the 64-bit download.
Save the program to the >> USB pen drive.
Remove from the good computer when done.

Now, go to the problem computer.
Plug in the USB pen drive which has FRST.

Using the Windows 7 System Repair Disc just created, boot to the System Recovery Options Instructions: Use Option Two
http://www.sevenforums.com/tutorials/668-system-recovery-options.html

Select: Command Prompt

■In the Command Prompt window, at the blinking cursor, type notepad and press: Enter
■In Notepad, under the File menu select: Open
■Double-click the Computer icon on the left.
■Find the pen drive letter, remember what letter it is, click on it, and press: Open
■Close out of Notepad.

■Click the Command Prompt window
■Type x:\frst64.exe, and press: Enter
Note: Replace the drive letter x with the drive letter of your pen drive!
■FRST starts, and prepares to run. Follow the prompts.
■Click Yes to the Disclaimer.

■Press the Scan button.

The scan runs, and, the program saves the FRST.txt and Addition.txt, on the pen drive.

When done, click the Command Prompt window, type exit, and press: Enter
Back at the System Recovery Options, press: Shutdown
Remove the USB pen drive.

Plug the USB pen drive in the good working computer, and please provide the FRST.txt and Addition.txt in your reply.
My System SpecsSystem Spec
14 Sep 2013   #13
kyle7282

Windows 7 Home Premium 64-bit SP1
 
 

Here you are. It didn't create an Addition.txt file however.


Attached Files
File Type: txt FRST.txt (67.6 KB, 11 views)
My System SpecsSystem Spec
.

15 Sep 2013   #14
cottonball

Windows 7 Home Premium
 
 

kyle7282,

Pressing on with FRST...

Please open Notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents of the code box below
Save it on the pen drive, and name it: fixlist.txt

Code:
start
HKLM\...\Run: [] - [x]
HKLM-x32\...\Run: [] -  [x]
HKU\Keenan\...\Run: [TempKeyedkfjsAdobe] - C:\Adobe\rjNeY7PVTgjf\Loerijfsdantilib.exe
HKU\Keenan\...\Run: [JgDsClTqzA] - C:\Users\Keenan\AppData\Roaming\iexplorer.exe
HKU\Keenan\...\Run: [AdobeBridge] - [x]
C:\$Recycle.Bin\S-1-5-18\$1124a725e7eb82f4e97828044d39f9dc
C:\$Recycle.Bin\S-1-5-18\$1124a725e7eb82f4e97828044d39f9dc
C:\$Recycle.Bin\S-1-5-21-1546822543-3853009327-1610196860-1000\$1124a725e7eb82f4e97828044d39f9dc
C:\$Recycle.Bin\S-1-5-18\$1124a725e7eb82f4e97828044d39f9dc
C:\Users\Keenan\Info.bat
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
TDL4: custom:26000022 
end
Note: This script is written specifically for use only on this computer.
Running this on another computer may cause damage to the Operating System!!

Run FRST, and press the Fix button, just once, and wait.

The tool creates a report on the pen drive called: Fixlog.txt
Please post the Fixlog.txt in your reply.

Let's get the results from this program, and take it from there.

Edited: Made a mistake! Underlined above.
My System SpecsSystem Spec
16 Sep 2013   #15
kyle7282

Windows 7 Home Premium 64-bit SP1
 
 

Do I run FRST on the infected computer?
My System SpecsSystem Spec
16 Sep 2013   #16
cottonball

Windows 7 Home Premium
 
 

Same routine as Post #12, but, instead of running Scan, you run: Fix
My System SpecsSystem Spec
16 Sep 2013   #17
kyle7282

Windows 7 Home Premium 64-bit SP1
 
 

Okay, thanks. Here you are. Also, I apologize for taking so long to reply, I have work throughout the week and it eats up most of my time.


Attached Files
File Type: txt Fixlog.txt (2.1 KB, 8 views)
My System SpecsSystem Spec
16 Sep 2013   #18
cottonball

Windows 7 Home Premium
 
 

The question is...

Quote:

...my computer has been unable to start up and receives an error...

...is the computer able to start normally?

Need to know before we continue.
My System SpecsSystem Spec
16 Sep 2013   #19
kyle7282

Windows 7 Home Premium 64-bit SP1
 
 

No, it reads "Starting Windows", bluescreens very briefly and restarts.
My System SpecsSystem Spec
16 Sep 2013   #20
cottonball

Windows 7 Home Premium
 
 

Do you still get an error message? If so, please be as specific as you can in describing what it says.

The FRST report shows it was run from C:. How did you get to C:?

Also, the Fixlog shows it was run from the Desktop.
Where these programs run from the problem computer?

Can you boot to Safe Mode?
Restart your computer.
When the computer starts, tap the F8 key on the keyboard repeatedly until presented with the Advanced Boot Options menu
Using the arrow keys, select: Safe Mode
Press the Enter key on your keyboard to boot into the selected mode.

Let us know if you can get to Safe Mode.

Pressing on...

Using the good working computer, download ListParts:
http://www.bleepingcomputer.com/download/listparts/
Select the 64-bit download.
Save it to the same USB pen drive where you have the Farbar Recovery Scan Tool saved.

Next, please remove any fixlist or fixlog from the USB pen drive.

Open Notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents of the code box below
Save it on the pen drive, and name it: fixlist.txt

Code:
cmd: copy /y C:\$$PendingFiles X:\
(Replace X with the letter of the pen drive.

Now, go to the problem computer.
Plug in the USB pen drive which now has FRST, ListParts, and a new fixlist on it.

Using the Windows 7 System Repair Disc, boot to the System Recovery Options as you did before.
Option Two: System Recovery Options

Select: Command Prompt

In the Command Prompt window, at the blinking cursor, type notepad and press: Enter
In Notepad, under the File menu select: Open
Double-click the Computer icon on the left.
Find the pen drive letter, remember what letter it is, click on it, and press: Open
Close out of Notepad.

Click the Command Prompt window
Type x:\frst64.exe, and press: Enter
Note: Replace the drive letter x with the drive letter of your pen drive!

FRST starts, and prepares to run. Follow the prompts.
Click Yes to the Disclaimer.
Press the Scan button.
The scan runs, and the program saves the FRST.txt report on the pen drive.

Go back to FRST, press the Fix button, just once, and wait until done.
The program saves a Fixlog.txt report on the pen drive.

Now, go back to the Command Prompt, and this time type x:\listparts64.exe and press: Enter
Note: As before, replace the drive letter x with the drive letter of your pen drive!

When ListParts starts to run, check the box next to List BCD and click: Scan
When finished ListParts produces a log on the pen drive titled: Result.txt

Next, click the Command Prompt window, type exit, and press: Enter
Back at the System Recovery Options, press: Shutdown

Remove the USB pen drive.
Plug the USB pen drive in the good working computer.

Please provide the FRST.txt, the Fixlog.txt, and the Result.txt in your reply.
My System SpecsSystem Spec
Reply

 Win64/Alureon.gen!A*Virus preventing computer startup




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Computer wont start after removing alureon virus with defender offline
I used windows defender offline to remove the Trojan alureon virus and now my computer will not start up. as it is attempting to start, blue screen will flash and the loop will start over.
System Security
Unable to fix Action Center notifications after virus Win64/Sirefef.B
Stupidly, I managed to get the Win64/Sirefef.B virus onto my PC. Thankfully my virus scanner caught it before it could do any serious damage, but it's still left me with a few problems. Notably, the following: Security Center service was removed (I've since fixed this) Windows Firewall...
System Security
Alureon.E (virus)trojan
Hello everyone, i'm Brato and i need help with this virus - Alureon.E. My laptop (VAIO - W7 Home Premium x64) has been infected with it a couple of months ago, i've searched the internet but didn't find a solution. My MSE antivirus keeps telling me the system is infected with this particullary kind...
System Security
boot:\physicaldrive0\partition3 (type 17) Alureon.E (virus)trojan
Good afternoon/evening, Sevenforums professionals:o My name is kyle and I'm looking for help to remove/cure some issues I'm having with my desktop Gateway PC. This is on a Windows 7 home premium 64bit, i3 processor. Here are the problems detected by Microsoft Security Essentials: ...
System Security
Virus preventing login?
It seems like a virus is preventing me from logging on to my computer. The computer starts just fine but upon turning on, the screen is just blank. I cannot access safe mode either. Just before I discovered this problem I had done a partial scan of my computer with MalwareBytes and removed the...
System Security
Bug or Virus Preventing Log On
My sibling was browsing the internet on my adminstrator account and was kicked off by some sort of bug or virus. When i tried logging back into my account it shows a black screen with security options for firewalls and other things. If i attempt to change any settings nothing happens, and if i exit...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:41.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App