Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Alureon.A infection. Windows 7. Cannot Boot.


  • Please log in to reply
2 replies to this topic

#1 Metacurious

Metacurious

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:43 PM

Posted 23 November 2012 - 04:50 PM

Hello. I had a wonderful thanksgiving surprise of discovering I have some sort of root kit trojan going on.

MSE diagnosed it as Alureon.A and removed it, but naturally it likes to keep coming back.
I eventually got TDSSKiller to run, and it removed something with a slightly different name? And I made it delete a TDLFS File System, which I think was a bad idea, because now it will not boot.

If I turn on my computer, it displays a little asus screen where I can hit f2 to go to the bios. Otherwise it goes to a full black screen with a blinking white upperscore in the top left. There is no way to get to the boot menu / safe mode / etc, as far as I know.

I downloaded some kind of recovery disk iso, and that successfully got me to the System Recovery Options screen, which is a start. I can Startup Repair from there (nothing), System Restore, System Image Recovery, Windows Memory Diagnostics, or Command Prompt.

Some website suggested running
bootrec /fixmbr
bootrec /fixboot
bootrec /rebuildbcd
but that didn't really do it. I feel like I must have totally wrecked my windows install.

I have FRST on a usb drive, but I'm not sure what to do with that.

Sooo. Can anybody help? This is kind of the worst.

Also: Before I got to the unbootable state, Malwarebytes and superAntiSpyware managed to knock out a few things. I should have saved the logs somewhere accessible. But it didn't fix it.

Edit: Is the point where I move to Linux? If so, is there any way I can copy over some files safely, or should I just reformat?

Edited by Metacurious, 23 November 2012 - 05:05 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:43 PM

Posted 23 November 2012 - 08:34 PM

Welcome aboard Posted Image

Playing with MBR is a dangerous game.
I'll report this topic to appropriate helpers.
Help is on the way.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 Metacurious

Metacurious
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:43 PM

Posted 23 November 2012 - 10:43 PM

Update: I realized that I have pretty much everything backed up, so I just went to linux.

BUT NEXT TIME I get a virus on something, I will come straight here. Because this looks like fun!

Also, sorry, anyone who got here via google. Consider Linux.


But yes! Thank you! Have a super day

Edited by Metacurious, 23 November 2012 - 10:43 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users