Need help removing Trojan:Dos/Alureon.A

Do you have a Win7 boot disc?

Why did you not allow TDSSKiller to try to fix what it found?

Please attach a screen shot of your disc management partitions. I think one of them is a faked partition and we may need to remove it.

 

OK, the partitions appear to all be legit. Boot to the bios and change the boot order to CD/DVD as first boot device. Get into the Recovery Environment and choose the Command prompt option. Once in the command prompt, type this:
Bootrec.exe /fixmbr

Exit out and reboot to normal mode and then re-run MBRCheck and attach the new log.

 

Boot back into the Command prompt and try:
bootrec /FixBoot

Do note the space after bootrec and /

 

I need you to download: gparted-live-0.10.0-3.iso (115.1 MB)

Create a bootable CD, from the ISO images. You can use ImgBurn to do this.

Now boot off of the newly created Gparted CD.

Make the partition is active with the Disk Management.

Right click and manage flags, and double check it is set to bootable in GParted.

 

Your MBRCheck log is clean. What issues are you still having?

 

Good to know!!

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
     
     
   
   
3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
   
   
10. After doing the above, you should work thru the below link:
    
    • How to Protect yourself from malware!

Malware removal from a National Chain = $149
Malware removal from MajorGeeks = $0