New
#81
MSE is currently running the full scan. So I assume I need to wait until that is done
MSE is currently running the full scan. So I assume I need to wait until that is done
It found the Trojan/Alueron and Adware Win32 Arcade web
Ah a Rootkit ( Trojan/Alueron )
WarningYou will need a USB FLASH DRIVE
Farbar Tool
Download Farbar Recovery Scan Tool from below on a non infected PC
For 32-bit (x86) systems
Download
Farbar Recovery Scan Tool and save it to a flash drive.
For 64-bit (x64) systems
Download
InformationIf the Download button doesn't work click on the link http://www.bleepingcomputer.com/down...ery-scan-tool/ and choose on the Bit that fits your OS
Farbar Recovery Scan Tool x64 and save it to a flash drive.
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
Select Command Prompt
In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
NoteReplace letter e with the drive letter of your flash drive.
TipType the commands below to see what your letter is for the USB drive and press ENTER after each command
The tool will start to run.Code:Diskpart List volume
When the tool opens click Yes to disclaimer.
Press Scan button.
FRST will let you know when the scan is complete and has written the FRST.txt to file
Type exit and reboot the computer normally
Please copy and paste both logs in your reply.(FRST.txt and Addition.txt)
VistaKing it says no installation package found
Click here Farbar Recovery Scan Tool Download
Click on the Download Now 64-bit button if your OS is a 64 bit . Once downloaded save the .exe to your USB flash drive .
empresssoul,
While you are at it, go to Downloading ListParts
Save the downloaded file to the USB flash drive.
Plug the flash drive into the infected computer.
Enter System Recovery Options as you did before when using FRST64.
Select: Command Prompt
•At the Command Prompt window, type in notepad and press: Enter
•In notepad, under the File menu select: Open
•Select: Computer, and find your flash drive letter. Then close the notepad.
•At the Command Prompt window type e:\ListParts64.exe, and press: Enter
Note: Replace letter e with the drive letter of your flash drive.
•When ListParts starts to run, click Yes to the Disclaimer.
•Place a check by: List BCD
•Press: Scan
•Close the Command Prompt window.
•Boot back into normal mode
A Result.txt is found in the flash drive.
Please provide Results.txt in your reply.
Also, can you provide the path of the file where MSE reports Alureon is found?
Is it in:
C:\FRST\Quarantine
Last edited by cottonball; 02 May 2013 at 07:23.
Ok VistaKing and Cottonball I'm going to run both..Be back shortly
Farbar info
results for the listparts