Alureon Virus Removed - Now system won't boot up!

I am a newbie to your forum. I posted this on Friday over on the Malware forum and they suggested posting here because of the boot-up issue.

I used Windows Defender Offline to remove the virus. Now it won't boot up. I found FRST64 instructions and I am going to attach the txt file below.

Machine Specs: Windows 7 Home Prem. ASUS X53E. Please advise. Thank you for your assistance!!

 

I am sorry I didn't realize that the attachment wouldn't load because I had attached it to my previous post on Malware forum. I had to rename the file in order to attach it. Hopefully that will not be an issue. Thanks for your patience!

Please see this thread for the attachment it is not liking me trying to attach it even if I renamed it.

http://forums.majorgeeks.com/showthread.php?t=275766

 

Nothing is showing as an attachment. I don't know the size of the text file you want to attach but the maximum size for a text file is 375 KB.

 

Yes sorry it wouldn't let me attach it (even if I renamed it) so my post below I show you the link that had the file attachment on the malware forum. Thanks!!

 

No they did not. They made a backup after they were infected.

 

Do you know anything about the fix that is mentioned on this thread (I have also seen it on others)? http://forums.majorgeeks.com/showthread.php?t=275643&highlight=alureon

Is this not an option for me? Not that I want to question you (I appreciate your assistance) I am just curious.

I have a Win7 Professional 64 Bit system can I make restore disks for that other laptop from my machine? Or does it have to match exactly (i.e. Home Prem). Thank you!

 

I did what you suggested. Booted from the Repair Disk. Once completed it said that I could restart. Restarted boot from Hard Drive. Came up to message stating would I like to try and Restore from a Previous Point I said yes. After running for awhile it said:

Unable to repair. Startup Repair diagnosis and repair log:
Last successful boot time: 4/19/2013 1:13:48 PM (GMT)
Number of repair attempts: 1

Session details
System Disk = \Device\Harddisk0
Windows directory = C:\Windows
AutoChk Run = 0
Number of root causes = 1

Test Performed:
Name: Check for updates
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Test Performed:
Name: System disk test
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Test Performed:
Name: Disk failure diagnosis
Result: Completed successfully. Error code = 0x0
Time taken = 16 ms

Test Performed:
Name: Disk metadata test
Result: Completed successfully. Error code = 0x0
Time taken = 31 ms

Test Performed:
Name: Target OS test
Result: Completed successfully. Error code = 0x0
Time taken = 265 ms

Test Performed:
Name: Volume content check
Result: Completed successfully. Error code = 0x0
Time taken = 375 ms

Test Performed:
Name: Boot manager diagnosis
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Test Performed:
Name: System boot log diagnosis
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Test Performed:
Name: Event log diagnosis
Result: Completed successfully. Error code = 0x0
Time taken = 93 ms

Test Performed:
Name: Internal state check
Result: Completed successfully. Error code = 0x0
Time taken = 63 ms

Test Performed:
Name: Boot status test
Result: Completed successfully. Error code = 0x0
Time taken = 46 ms

Test Performed:
Name: Setup state check
Result: Completed successfully. Error code = 0x0
Time taken = 609 ms

Test Performed:
Name: Registry hives test
Result: Completed successfully. Error code = 0x0
Time taken = 3806 ms

Test Performed:
Name: Windows boot log diagnosis
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Test Performed:
Name: Bugcheck analysis
Result: Completed successfully. Error code = 0x0
Time taken = 1170 ms

Test Performed:
Name: Access control test
Result: Completed successfully. Error code = 0x0
Time taken = 8642 ms

Test Performed:
Name: File system test (chkdsk)
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Test Performed:
Name: Software installation log diagnosis
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Test Performed:
Name: Fallback diagnosis
Result: Completed successfully. Error code = 0x0
Time taken = 0 ms

Root cause found:
Unspecified changes to system configuration might have caused the problem.

Repair action: System Restore
Result: Failed. Error code = 0x1f
Time taken = 466880 ms

Repair action: System files integrity check and repair
Result: Failed. Error code = 0x490
Time taken = 1026455 ms

 

How do I get someone who knows about FRST to help me? I need to get this laptop fixed. Do I start a new thread?? Thanks for your help anyhow.

 

I can't give you a FRST fix list, but the problem you have is shown in your FRST.txt log.

• TDL4: custom:26000022 <===== ATTENTION!
• C:\Windows\svchost.exe

Hopefully someone from the malware forum will write you the fix.

 

I couldn't see where I could PM him from the blog...sorry I am new to this blog thing and haven't figured it out yet.

 

I am also a newbie to the forum and very unsure of what I'm doing when posting but having the same problem. I used windows defender and removed alureon trojan and afterwards my laptop will not reboot, i get a black screen with a blinking cursor. Any help would be greatly appreciated. I don't want to lose what I have on my hard drive if possible.
Thanks

 

I ended up getting someone to look at my FRST txt file and giving me the fix txt for it. One line of code and VIOLA! good to go. Looks like TDSSKiller is the way to go to fix this bugger. I then was able to get the system to boot up. The virus was removed. Did a scan with ESET Online Scanner. It didn't find anything else. Ran ccleaner. Ran updates. Ran DDS and looked at logs. Looks like everything is good now. Good luck with your friends computer.

 

And just as an fyi I could never send a PM because private messages are limited to regular members with over 50 posts.

It would've been nice if I could have figured out how to get someone else from this forum that was familiar with FRST to respond to my question. I didn't want to risk starting a new thread and violating some rule so I ended up posting my question on bleepingcomputer's forum where I was able to get this resolved.