Author Topic: [Resolved] DOS/Alureon.E ... help pleasse  (Read 7419 times)

0 Members and 1 Guest are viewing this topic.

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #15 on: April 02, 2012, 10:30:53 pm »
Icons are back on the desktop, but the Trojan DOS/Alureon.E is back.
I can locate files,... for now.
Should I still proceed with your last post?

Michael

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #16 on: April 02, 2012, 10:40:48 pm »
Icons and files appear to be back.
I do not see Error Checking ... this laptop is all flash memory... no hard drive... does that matter?
Michael


Online Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25340
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #17 on: April 02, 2012, 10:42:15 pm »
How do you know it is back? Is MSE telling you? If it is, can you post the logs that are telling you.

What do you store your files on if there is no harddrive?

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #18 on: April 02, 2012, 10:43:07 pm »
Now MSE, which originally detected the Trojan, indicates an all clear.
Michael

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #19 on: April 02, 2012, 10:44:37 pm »
The laptop is 500Gigs of flash memory... solid state.
m

Online Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25340
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #20 on: April 02, 2012, 10:58:54 pm »
Go ahead and skip the chkdsk. The problem is with windows 7, nothing you can do about it. Go ahead and run the computer for a while and let me know how it is going. I have to get some sleep tonight. Its already 1AM and my eyelids are getting heavy.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #21 on: April 02, 2012, 11:01:02 pm »
Hoov,
I really appreciate your help.
Have a good night and I will update you in the AM.

Michael

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #22 on: April 02, 2012, 11:25:21 pm »
MSE scan detects DOS/Alureon.E.  Lists it as: "Items:  File: C:\TDSS_Killler/Quarantine...
Does this indicate that MSE is detecting the Trojan in Quarantine, and if so, how do I eliminate that false alarm?
I guess I would be much happier if it was gone from quarantine as well... possible?

Michael

Online Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25340
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #23 on: April 03, 2012, 06:09:57 am »
Go ahead and delete C:\TDSS_Killler and then empty your recycle bin.

How is it running other than that?

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #24 on: April 03, 2012, 10:01:30 am »
Hoov,
Over the night I had MSE ignore the TDSS_Killer Quarantine, and there were no alerts.
The machine seems to be running very well.  The SONY VIAO diagnostics are producing all high scores.
I think that this is resolved.
Michael

Online Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25340
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #25 on: April 03, 2012, 10:16:47 am »
I would like to do one more thing. Go back to the event viewer as I had you do before. But this time instead of saving the logs I would like you to clear them. You will get an option to save them or not. Dealers choice. I don't need them. After you have cleared them, reboot the computer and use it normally for a half hour or so, and then reboot again. After all the startup items are running, and the computer has stabilized, save a new set of event viewer logs and then attach them to a new reply. They will be much smaller and you should be able to attach them this time.

During the half hour or so, do a few searches with Google, Bing and Yahoo search engines and make sure the results go where they are suppose to.

If all is well, we do a little cleanup and then we can mark this as done. The cleanup may have to be changed because of your SSD. To be totally honest, this is the first one I have run into that was the primary drive of the machine.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #26 on: April 03, 2012, 10:26:10 am »
Will do... it may take a couple of hours between patients.
No sweat, I have complete faith.

Michael

Online Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25340
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #27 on: April 03, 2012, 10:40:07 am »
No worries here. If it is longer between reboots, that is fine.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #28 on: April 03, 2012, 12:31:00 pm »
Event viewer logs.
No problems with search or function.

Offline mic

  • Bronze Member
  • Posts: 64
Re: [In Progress] DOS/Alureon.E ... help pleasse
« Reply #29 on: April 03, 2012, 12:32:25 pm »
Event viewer log... system