Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan and cannot open programs


  • Please log in to reply
6 replies to this topic

#1 kdcards

kdcards

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:06 PM

Posted 11 October 2012 - 12:57 PM

My computer has been infected with a trojan and I cannot open the majority of programs. The only things I'm aware of that are still running are McAfee and Internet Explorer 64 bit. Malwarebytes and other programs will not open regularly or run as administrator. The McAfee software is not detecting anything. I have done system restore and started the computer in safe mode but nothing has fixed the problem. I saw on a restart that the trojan Dos alureon was detected but I'm not sure if it was A or E and none of the forums that I've seen online have the inability to run programs. Please help. It is greatly appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:06 PM

Posted 11 October 2012 - 01:09 PM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 kdcards

kdcards
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:06 PM

Posted 11 October 2012 - 09:35 PM

I've done safe mode both with and without networking and I can download the programs but cannot open or run them. Any other suggestions?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:06 PM

Posted 11 October 2012 - 09:42 PM

Download Listparts from here

For 32 bit

List parts 32

For 64 bit

List parts 64

Launch it,click on SCAN,post the log

#5 kdcards

kdcards
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:06 PM

Posted 11 October 2012 - 09:45 PM

ListParts by Farbar Version: 02-10-2012
Ran by Kory (administrator) on 12-10-2012 at 04:44:36
Windows 7 (X64)
Running From: C:\Users\Kory\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\45GP61HC
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 19%
Total physical RAM: 3892.51 MB
Available physical RAM: 3133.12 MB
Total Pagefile: 7783.21 MB
Available Pagefile: 7009.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:388.07 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 14 GB 39 MB
Partition 3 Primary 451 GB 14 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 RECOVERY NTFS Partition 14 GB Healthy System (partition with boot components)

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 451 GB Healthy Boot

======================================================================================================
==========================================================
TDL4: custom:26000022


****** End Of Log ******

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:06 PM

Posted 11 October 2012 - 09:55 PM

The log indeed shows Alureon.Let me ask a malware response team member to help you

good luck

#7 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:06 PM

Posted 15 October 2012 - 10:22 AM

Hello kdcard :)

  • I apologize for the delay.
  • I will be helping with your computer problems.
  • From this point on, it is very important that you refrain from doing anything else to your computer other than what I have requested of you.
  • I do not mind if you browse the web, do basic tasks, or even test to see if the problem(s) you are experiencing are still occurring with the computer while we are working together, but do not run any tools/fixes unless I or another helper from this thread has asked you to do so.
  • Remember that you came here for help, so allow us to help you :)
  • If something does not run, make a detailed note of what problems you encountered along the way (exact error messages are preferred), but continue onto the next steps until you reach the end of my post.
  • Always do the steps they are listed in (left to right, top to bottom).
  • I prefer that you complete all the steps while you are in Normal Mode. However, I understand that sometimes this is not possible. If you are unsuccessful in getting a tool/fix to run from Normal Mode, but Safe Mode works, then use Safe Mode.
  • If you have a question about something, do not hesitate to ask.

Posted Image Please download HitmanPro to your desktop.
  • Open the program by double-clicking it.
  • Click the Settings button
  • Uncheck "Scan for tracking cookies"
  • Press OK.
  • Click the Next button => Default scan (recommended)
  • Put a bullet in: No, I only want to perform a one-time scan to check this computer.
  • Click the Next button.
  • If HitmanPro detected anything, Ignore all the detections for now because sometimes there are false-positives.
  • Press Next
  • Press Save Log
  • Save the log to your desktop and post its contents in your next message.

Edited by Orange Blossom, 15 October 2012 - 10:28 AM.
Moved to log forum. ~ OB





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users