New
#21
^^^ Post above was edited!!! ^^^
While attempting to bring up the error screen my computer actually started up all the way normally. It is on right now if that's useful.
In your instructions it said save it to the desktop so I did using Notepad. Was that a bad thing?
And yes, I ran FRST on the problem computer, I thought that was correct since you said the same routine as the other post.
I will now take the steps you have given to me and I'll update you once I've completed them.
Edit: I didn't know how to find Notepad on Windows 8, which is why I did it on the infected computer.
Here is what you requested. Everything should be in order.
Good job, kyle7282!!
If I understand you correctly, the system is booting up to Windows now. Olease confirm.
We do have more work to do, so, let's press on...
Also, download Farbar Service Scanner
Save to the Desktop
Please provide the FSS.txt in your reply.
- Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Windows Defender
- Press: Scan
- FSS creates a log, FSS.txt, on the Desktop.
Correct, it is booting up to Windows ^_^
And here it is just as you asked.
We need to make sure Alureon is not in the picture, remnants or otherwise...
Please go to the TDSSKiller Download, and select the .exe version
Double-click on TDSSKiller.exe to run the program.
When the TDSSKiller console opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System
Click: OK
Press: Start Scan
•If a suspicious object is detected by this program, the default action is Skip. Leave this action as is, and click on: Continue
•If malicious objects are found, they show in the Scan results.
•Ensure Cure (the default action) is selected, then click: Continue > Reboot now, to finish the cleaning process.
(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)
When done, the tool creates a log on the disk with the Windows Operating System, normally C:\
Logs have a name like:
C:\TDSSKiller.X.X.X_08.30.2013_15.31.43_log.txt
Please attach the TDSSKiller log in your reply.
That didn't take long at all. Here you go.
Some remnants on TDSSKiller...
Please run it once again, and this time, when presented with the TDSS File System entry in Threats Detected, select: Delete
Then post the new TDSSKiller log in your reply.
Now that you are in Windows, let's place the pen drive aside.
Please get a new copy of the Farbar Recovery Scan Tool Download
Select the 64-bit version.
Save to the Desktop. We will use it shortly...
Once again, open Notepad (Start > All Programs > Accessories > Notepad)
Copy the entire contents of the code box below
Save it to the Desktop, and name it: fixlist.txt
Double-click the FRST downloaded file to run it.Code:start DeleteJunctionsIndirectory: C:\Program Files\Windows Defender end
When the tool opens click Yes to disclaimer.
Press the Fix button.
When done, FRST makes a log (FRST.txt) on the Desktop.
Run FRST once again.
This time check: Addition.txt
Then press: Scan
Please provide the Fixlog.txt, FRST.txt, and the Addition.txt on your reply.
Here you go, hope it helps.
Looking good.
How is the computer running? Any more BSODs or error messages?
There is some 'stuff' here and there that you may want to get rid of, but, we will address it when you post the HijackThis results.
Now, let’s check your security status with the following...
Download Security Check:
http://screen317.spywareinfoforum.org/
Save to your Desktop.
Double-click SecurityCheck.exe
Follow the onscreen instructions inside the black box.
When done, a Notepad report opens automatically, called: checkup.txt
Please post the checkup.txt in your reply.
(Please do not take any corrective actions!)
Also download HijackThis:
http://www.bleepingcomputer.com/download/hijackthis/
Save to a folder of its own on the Desktop. So, make a folder titled 'HijackThis' on the Desktop, and place HJT in it.
Right-click and select: Run as Administrator
Accept the License Agreement if you decide to run the program.
When the HijackThis console opens, press the following button: Do A system scan and save a logfile
When done scanning, a log opens in Notepad, and also appears on your Desktop.
Please post the HijackThis log in your reply.