Author Topic: alureon-k!!!...new guy  (Read 8917 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: alureon-k!!!...new guy
« Reply #30 on: April 02, 2012, 09:52:36 AM »
Thats good - select the recovery console option and enter the commands as I pasted in post 26

themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #31 on: April 02, 2012, 01:41:19 PM »
the recovery console wont go past its loading screen :'(

guess its a wrap unless i can format a drive or get a used copy since this one was bought used i dont have any disks

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: alureon-k!!!...new guy
« Reply #32 on: April 02, 2012, 09:31:30 PM »
That is the problem with this malware I need to work outside of windows where it is totally inert

You could retry TDSSKiller as a new version was released today

themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #33 on: April 02, 2012, 10:44:03 PM »
 ;D
new tdsskiller ran and picked it up. i cured the file, restarted to safe mode with networking, updated mbam and scanned. mbam came up clean. i restarted, updated avast and ran a full scan. it came up with 12 threats, all of them related or different versions of the rootkit.

what do i do now? move them to the chest or delete them?

how will i know if i am clean and secure again. i REALLY dont want to use this machine for personal info if there is a monster in the background.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: alureon-k!!!...new guy
« Reply #34 on: April 02, 2012, 11:19:25 PM »
Could you attach  the TDSSKiller log please and the aswMBR log

themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #35 on: April 02, 2012, 11:26:30 PM »
how do i post the logs? they're kind of long

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: alureon-k!!!...new guy
« Reply #36 on: April 02, 2012, 11:39:03 PM »
Attach them

At the bottom of the post board is an additional options link
Click that and navaigate to the logsSelect them and then post


themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #37 on: April 02, 2012, 11:44:08 PM »
1st tdss log(first scan)

themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #38 on: April 02, 2012, 11:44:59 PM »
2nd tdss scan

themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #39 on: April 02, 2012, 11:49:58 PM »
here we go....
« Last Edit: April 02, 2012, 11:52:43 PM by themadness »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: alureon-k!!!...new guy
« Reply #40 on: April 02, 2012, 11:53:13 PM »
Download aswMBR.exe ( 4.1mb ) to your desktop.
 Double click the aswMBR.exe to run it  Click the "Scan" button to start scan 



On completion of the scan click save log, save it to your desktop and post in your next reply



Could you then retry combofix please, allow it to update

themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #41 on: April 03, 2012, 02:14:27 AM »
combofix

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: alureon-k!!!...new guy
« Reply #42 on: April 03, 2012, 08:53:16 PM »
Looks good - how is the computer behaving ?

themadness

  • Guest
Re: alureon-k!!!...new guy
« Reply #43 on: April 03, 2012, 08:59:05 PM »
no more redirects so far but its a little sluggish. crazy thing is it was blazin' with the virus on it. how can i be sure everything is gone and i am secure again?

i put the files in the avast quarantine, should i delete them? this is my only laptop and i normally do online banking and buying so i want to be overkill cautious to get it back to normal.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: alureon-k!!!...new guy
« Reply #44 on: April 03, 2012, 09:02:54 PM »
OK final check, could you run an OTL quickscan please and ensure all users is selected