Virus infection [Probably Alureon] Unable to boot

Status
Not open for further replies.

.Sam.

Level 1
Thread author
Aug 9, 2011
37
If you need further information you can post a reply :)
I can't boot to windows so i can't generate an OTL LOG
 

.Sam.

Level 1
Thread author
Aug 9, 2011
37
Tried Kaspersky Rescue Disk and it ended up to the "loading operating system"
 

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Hey NZS92, :)
Lets try to remove this nasty infection :
  1. Download OTLPENet.exe to your desktop
  2. Download Farbar Recovery Scan Tool and save it to a flash drive.
  3. Ensure that you have a blank CD in the drive
  4. Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  5. Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  6. As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)
  7. Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  8. Insert the flash drive with FRST on it
  9. Locate the flash drive and run FSRT
  10. The tool will start to run.
    FRST2.gif
  11. When the tool opens click Yes to disclaimer.
  12. Press Scan button.
  13. It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 

.Sam.

Level 1
Thread author
Aug 9, 2011
37
Thanks for helping!
Here's the file attached

EDIT: There's the new FRST file
 

Attachments

  • NEW FRST.txt
    96.9 KB · Views: 265

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Please do the following with FRST64.
Open notepad (Start --->All Programs ----> Accessories ---> Notepad). Please copy the entire contents of the code box below,then save it on the flashdrive as fixlist.txt

start
2012-05-26 08:54 - 2012-05-26 08:54 - 0000000 ____D C:\Windows\YZ12345689ABCDFG
2012-05-26 08:22 - 2012-05-26 08:22 - 0000000 ____D C:\Windows\STUVXYZ012456789
2012-05-22 03:56 - 2012-05-22 03:56 - 0000000 ____D C:\Windows\IJKLNOPQRSUVWXYZ
2012-05-22 00:00 - 2012-05-22 00:00 - 0000000 ____D C:\Windows\FGHIJLMNOPQSTUVW
2012-05-22 00:00 - 2012-05-22 00:00 - 0000000 ____D C:\Windows\345678ABCDEGHIJK
2012-05-18 21:17 - 2012-05-18 21:17 - 0059785 ____A C:\Users\Sam\ia_remove.sh5866.tmp
2012-05-18 21:16 - 2012-05-18 21:16 - 0059785 ____A C:\Users\Sam\ia_remove.sh4699.tmp
cmd: bootrec /fixboot
end

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top