Author Topic: Alureon-M[rtk]  (Read 2233 times)

0 Members and 1 Guest are viewing this topic.

Offline zpupster

  • Jr. Member
  • **
  • Posts: 32
Alureon-M[rtk]
« on: April 05, 2012, 12:38:56 AM »
hello support,
SOS!!

MBR rootkit

Alureon-M[rtk]

I need instructions on how to remove

thanks,

craig

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37130
Re: Alureon-M[rtk]
« Reply #1 on: April 05, 2012, 12:42:52 AM »
we do that in the virus and worms forum section   ;)      http://forum.avast.com/index.php?board=4.0


Follow this guide and attach logs from malwarebytes quick scan / OTL / aswMBR
http://forum.avast.com/index.php?topic=53253.0



it may take several hours before any of the removal specialists arrive....so be patient

Offline zpupster

  • Jr. Member
  • **
  • Posts: 32
Re: Alureon-M[rtk]
« Reply #2 on: April 05, 2012, 01:22:35 AM »
thanks for the reply and direction.

craig

Offline zpupster

  • Jr. Member
  • **
  • Posts: 32
Re: Alureon-M[rtk]
« Reply #3 on: April 05, 2012, 01:17:51 PM »
hello support,

i am trying to run in safe mode but aswMBR keeps crashing.

i shows the Alureon-M in the boot record but when scanning further it stops.

thanks,

craig

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37130
Re: Alureon-M[rtk]
« Reply #4 on: April 05, 2012, 01:28:56 PM »
just attach the logs you are able to and Essexboy will help you when he arrive

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85959
  • No support PMs thanks
Re: Alureon-M[rtk]
« Reply #5 on: April 05, 2012, 02:32:08 PM »
Try running aswMBR again but Select 'None' in the AV Scan: drop down list.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40610
  • Dragons by Sasha
    • Malware fixes
Re: Alureon-M[rtk]
« Reply #6 on: April 05, 2012, 08:48:19 PM »
Hi there are two things you could try for me

First :

Download the latest version of TDSSKiller from here and save it to your Desktop.
 
 
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     

     
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
     

     
  • Click the Start Scan button.
     

     
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
     

     
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
     

     
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Then :

Go start > Run
Type diskmgmt.msc
The disc management console will open
Ensure that all drives are visible by expanding the view
Take a screenshot and attach to your next post

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85959
  • No support PMs thanks
Re: Alureon-M[rtk]
« Reply #7 on: April 05, 2012, 09:20:33 PM »
@ essexboy
We are getting some duplication of effort here (by essexboy and others) as zpupster has two topics on the go, this one and one in the viruses and worms forum,  http://forum.avast.com/index.php?topic=96755.0 with all of the logs.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.9.2494 (build 21.9.6698.703) UI 1.0.672/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40610
  • Dragons by Sasha
    • Malware fixes
Re: Alureon-M[rtk]
« Reply #8 on: April 05, 2012, 09:32:53 PM »
Ah did not check the names - unsubscribing from this  ;D