Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Computer wont start after removing alureon virus with defender offline

11 May 2015   #1
stevenbensusan

windows 7 pro 64
 
 
Computer wont start after removing alureon virus with defender offline

From reading another thread, I found out that I needed to run frst64.exe.
This seems to be a common problem but not a simple solution. I have no idea how to create the fixlist.txt file.

frst.txt log attached
I also searched for services.exe and search.txt log attached.

I need to know how to create the fixlist.txt file so I can fix this problem.

Please let me know if I'm doing this correctly or if there is something else I should be doing.

Thanks.




Attached Files
File Type: txt FRST.txt (34.7 KB, 8 views)
File Type: txt Search.txt (1.8 KB, 2 views)
My System SpecsSystem Spec
.
11 May 2015   #2
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

You have a Rootkit. The best advice I can give you is to wipe and do a "Clean" install.
Rootkit - Wikipedia, the free encyclopedia

Your computer has been severely compromised and I wouldn't count on it to be stable by trying to 'fix' the Trojan.
My System SpecsSystem Spec
11 May 2015   #3
stevenbensusan

windows 7 pro 64
 
 

I would really like to get the machine up and running if possible. Is there a way you can walk me through getting it bootable?
My System SpecsSystem Spec
.

11 May 2015   #4
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I, personally, don't work with Rootkits, but there are other forums who have 'trained' experts.
https://www.google.com/search?noj=1&...05.xMPD07FPKbI
My System SpecsSystem Spec
11 May 2015   #5
cottonball

Windows 7 Home Premium
 
 

stevenbensusan,

I am basically retired, but, give this a try:

On the clean computer, please open: Notepad
Copy/paste all the contents of the quote box below to Notepad (do not copy the word 'Quote').
Save it on the flash drive as: fixlist.txt

Quote:
start
TDL4: custom:26000022
cmd: bootrec /fixmbr
cmd: bootrec /fixboot
end
WARNING: This script is written specifically for this User, for use on only this particular computer.
Running the script on another computer may cause damage to the Operating System.

Now, in the infected computer, plug in the USB flash drive, and enter System Recovery Options as you did before.

Run FRST again, but this time press the Fix button just once, and wait.

When done, the tool makes a log on the pen drive. This time it is called: Fixlog.txt

Try to boot the computer into normal mode and post back on what happens.

Also, please post Fixlog.txt in your reply.


If the computer still does not boot into Windows, just hang in there, please.
My System SpecsSystem Spec
11 May 2015   #6
stevenbensusan

windows 7 pro 64
 
 

Wow that worked!!!

See attached log.

Am I virus free? Is there anything else I need to do?

Thanks and let me know.


Attached Files
File Type: txt Fixlog.txt (790 Bytes, 5 views)
My System SpecsSystem Spec
11 May 2015   #7
cottonball

Windows 7 Home Premium
 
 

stevenbensusan,

Glad the fixlist worked.

Please run FRST once again, but, this time, download a fresh copy to the Desktop, and run it from there, so we can get the complete log. Also, please check the Addition.txt option.

When done, please provide both reports in your reply.
My System SpecsSystem Spec
11 May 2015   #8
cottonball

Windows 7 Home Premium
 
 

Also, please go to the TDSSKiller Download
Select the .exe version

Double-click on TDSSKiller.exe to run the program.
  • Doubleclick on TDSSKiller.exe to run the program.
  • At the Kaspersky TDSSKiller interface, click: Change parameters
  • Check: Detect TDLFS file system
  • Click: OK
  • Now, click Start Scan and allow the scan to run
  • If any threats are found, select: Skip (Do not select: Delete!!)
  • Click: Continue
  • Click: Reboot computer
When done, please provide the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in C:\
My System SpecsSystem Spec
11 May 2015   #9
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Yep, cottonball is a trooper! Do all advice given by this superb member.
My System SpecsSystem Spec
11 May 2015   #10
stevenbensusan

windows 7 pro 64
 
 

See Attached logs.

Let me know what I should do next.

Thanks.


Attached Files
File Type: txt Addition.txt (26.9 KB, 1 views)
File Type: txt FRST.txt (79.5 KB, 3 views)
My System SpecsSystem Spec
Reply

 Computer wont start after removing alureon virus with defender offline




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Computer wont start after removing alureon virus with defender offline
I used windows defender offline to remove the Trojan alureon virus and now my computer will not start up. as it is attempting to start, blue screen will flash and the loop will start over.
System Security
BSOD after removing Alureon using Windows Defender Offline
I removed a Alureon virus using the Windows Defender Offline and everything was successful until I restarted the computer, I got the BSOD. Then unplugged all the various drives I had attached and used the Start Up Repair option and it said that it couldn't repair the computer. So I searched on a...
BSOD Help and Support
How To Update Windows Defender Offline's Virus Definitions Manually
I tried to run Windows Defender Offline 64 bit on a friend's laptop using WDO installed on a USB stick, but it refused to scan the disk because it insisted on getting Updates to its definitions before scanning. So either the definitions on the USB stick were too old or not present at all or...
System Security
Computer won't boot after using Defender offline
Well, it seems this is a common problem. I'm mildly tech savvy, but this has me beat. Kid's college computer got Alureon, ran Defender Offline from a USB which appeared to work to remove the virus, but now it's in the start cycle of black and white Acer screen, a quick flash from a blue screen,...
System Security
Win64/Alureon.gen!A*Virus preventing computer startup
I had been experiencing blue screens for months before I posted on this site to hopefully receive some assistance. After taking the actions suggested by a member of the BSOD forums, I eliminated a lot of possible causes for the BSODs but one in specific has given me some trouble....
System Security
Windows Defender Offline crashed computer
Microsoft Security Essentials said I needed to run Windows Defender Offline to remove a trojan. I made the disk and ran it and it said it removed the trojan and to restart the computer. Only problem is it only goes to the Windows Error Recovery Screen. It will not repair or start normally. I...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:57.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App