Jump to content


  • Posts

  • Joined

  • Last visited


0 Neutral
  1. Thank you for helping me through my first bootkit.

  2. Results of screen317's Security Check version 0.99.64 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG AntiVirus 2013 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````
  3. AVG 2013 and Malwarebytes, one real time scanner and one user run program shouldn't cause any major conflicts? Is AVG 2013 or any free antivirus with a real time scanner, I know that every real time scanner / antivirus program is slightly different do you have any opinion on one over the other? Also thanks for guiding me through that process, I think I provided enough information, did you notice anywhere I could have helped improve the process?
  4. It reported clear, hopefully those logs show up as such. system-log (2).txt mbar-log-2013-06-06 (17-40-00).txt
  5. Actually you have the older one, the newer log file 17.09.04 is the current one, and no threats have been found on TDSSKiller, I should have made that clearer.
  6. I'll post the logs I got from TDSSKiller from earlier today compared to the ones I just ran. Also I didn't disable my AVG protection after the restart (I set it to disable until restart) although, I don't think it had much of an impact as AVG didn't pick up anything. In other words I hope it didn't alter anything (I wouldn't assume it would since I ran TDSSKiller earlier with AVG on). TDSSKiller. TDSSKiller. TDSSKiller. TDSSKiller.
  7. Two registries popped up, I feel like I may have made a mistake during the MBAR process, maybe by creating a restore point or maybe since the restart prompt didn't come up, I may have jumped over that as in didn't run MBAR a second time. Unless those are the registries that you're looking for. RKreport3_S_06062013_02d1649.txt
  8. New RougeKiller report RKreport2_S_06062013_02d1637.txt
  9. I updated then ran the MBAR it found one malware piece which I thought what it might have been, one of the partitions. Anyways Windows Updates ran before I learned about Alureon.K, I don't want to download if there is anything that still needs to get done per your instructions. Windows Firewall is active I didn't check before I learned about the Alureon.K infection, but I figured I was slightly safer since I was wired to my router, if Windows Firewall wasn't on before it is now. My Internet Access was never "compromised" before I learned about the Alureon.K and my Internet Access still works now. After MBAR ran and cleaned up I was never asked by the program to restart, would it still be a good idea to restart? mbar-log-2013-06-06 (14-48-44).txt system-log.txt
  10. Sorry about the delay, I have a RK_Quarantine file as well. But here is the report and thanks for the help so far. RKreport1_S_06062013_02d1350.txt
  11. Got the RougeKiller64 will post after uploading the attached files. dds.txt attach.txt
  12. I recently received a laptop from a friend who needed some viruses removed, I don't remember all the exact viruses, Moneypak/FBI and rouge Security Software were two major problems that I immediately discovered. After getting a go ahead from said friend I proceeded to do a reformat however I did not use the recovery partition or use any recovery disks. Toshiba Satellite Win 7 Hom Pre 64 bit I reformatted the laptop's C: drive with a (bloatware / shovelware free) .iso copy of Win 7 Hom Pre 64 bit. I installed AVG 2013 and Malwarebytes then ran the scans, with nothing of immediate concern. Then proceeded to update the Win 7, MSERT popped up (and keeps popping up) with a Trojan:DOS/Alureon.K Partially removed scan result. I've since learned that Alureon.K infects the Master Boot Record and/or the other Boot Record. I have four partitions on this hard drive the only one that's labeled is (C:). Two are Primary Partitions but one partition has 0 MB cap / 0 MB free / one partition has 8.95 GB cap / 8.95 GB free. The last partition is a recovery partition 1.46 GB cap / 1.46 GB free. I don't know if Alureon.K would be hiding in one of those other partitions. I've also ran TDSSKiller with and without Loaded Modules, with Loaded Modules I got no problem, without Loaded Modules I got Physical drive: \Device\Hardisk0\DR0 and took no action (skipped). I used my 4 GB USB Flash Drive to run the TDSSK, I did not put it on the desktop however.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.