BleepingComputer.com: Tough Trojan:DOS AlureonMbr

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Tough Trojan:DOS AlureonMbr request for help with obvious deep malware infection

#1 User is offline   pupileye 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 16-June 11

Posted 16 June 2011 - 10:06 AM

Hi.

I am working on a Toshiba Satellite, system Windows XP service pack 3.

About a week ago, when I tried to access the internet on Firefox, the searches were consistently diverted to other sites. AVG did not detect the cause. I was advised that it was malware, and examined the computer with SpyNoMore, Exterminate it! and Malwarebytes’ Anti-malware, and then with Microsoft Essentials. Exterminate It! Pointed out some Trojans, which I dealt with by hand, but they came back again. Malwarebytes and MSE both diagnosed rootkit: Trojan:DOS Alureon. They said that they could not remove the files. AVG has just blocked Exploit Blackhole Exploit Kit (type 2022). Meanwhile, Malwarebytes’ is blocking a series of outgoing attempts to contact “potentially malicious sites”.

I get at least one blue screen almost time I boot up now, on one occasion five or six. I am backing up data from my C and D drives, because I do not know when will be the last opportunity to do so.

I have been working with computers for years, but I am not expert at working with programming, and have practically no experience with editing the registry. But I can follow instructions and I am on a fairly steep learning curve right now.

If anyone can help, I will be very grateful.

pupileye

#2 User is offline   boopme 

  • To Insanity and Beyond
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Global Moderator
  • Posts: 48,775
  • Joined: 10-September 04
  • Gender:Male
  • Location:NJ USA

Posted 16 June 2011 - 10:24 AM

Hello please run these and see how you are.

How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller

Please post back the two scan logs. Copy and paste the contents in your next reply.

TDSS
A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.

MBAM
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users