Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tough Trojan:DOS AlureonMbr


  • Please log in to reply
1 reply to this topic

#1 pupileye

pupileye

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 16 June 2011 - 10:06 AM

Hi.

I am working on a Toshiba Satellite, system Windows XP service pack 3.

About a week ago, when I tried to access the internet on Firefox, the searches were consistently diverted to other sites. AVG did not detect the cause. I was advised that it was malware, and examined the computer with SpyNoMore, Exterminate it! and Malwarebytes’ Anti-malware, and then with Microsoft Essentials. Exterminate It! Pointed out some Trojans, which I dealt with by hand, but they came back again. Malwarebytes and MSE both diagnosed rootkit: Trojan:DOS Alureon. They said that they could not remove the files. AVG has just blocked Exploit Blackhole Exploit Kit (type 2022). Meanwhile, Malwarebytes’ is blocking a series of outgoing attempts to contact “potentially malicious sites”.

I get at least one blue screen almost time I boot up now, on one occasion five or six. I am backing up data from my C and D drives, because I do not know when will be the last opportunity to do so.

I have been working with computers for years, but I am not expert at working with programming, and have practically no experience with editing the registry. But I can follow instructions and I am on a fairly steep learning curve right now.

If anyone can help, I will be very grateful.

pupileye

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:07 AM

Posted 16 June 2011 - 10:24 AM

Hello please run these and see how you are.

How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller

Please post back the two scan logs. Copy and paste the contents in your next reply.

TDSS
A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.

MBAM
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users