also @ TechSpot: Nvidia interested in licensing graphics technology to other chip makers

Trojan:DOS/Alureon.E

Discussion in 'Virus and Malware Removal' started by Piratekitty, Jan 3, 2013.

Page 2 of 4

  1. Piratekitty Newcomer, in training Posts: 37

    And.. I came here mainly bc I called microsoft tech support up and asked them about the virus and they said if its not removed then it will efect my Emails and PC's around me and steal lots of data,.. but they told me I will have to pay 99 $for them to remove it and I do not have that kind of money so I came here lol
    Piratekitty, Jan 7, 2013
    #21

  2. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Thanks for showing the information, as TDSSKiller did not identify it, sadly.

    We need to remove a partition, but I need some more information. You'll have to work steady with me here, because if you don't get this right and delete something incorrect, it's irreversible. :p

    But, I'll do my best to help you avoid any issues.

    The following is just to verify some information again:

    Check Partitions

    Please download Listparts
    Run the tool,
    check the "list BCD" box
    click "Scan" and post the log (Result.txt) it makes.
    Jay Pfoutz, Jan 8, 2013
    #22

  3. Piratekitty Newcomer, in training Posts: 37

    ListParts by Farbar Version: 30-10-2012
    Ran by Tadpole (administrator) on 09-01-2013 at 10:57:08
    Windows 7 (X64)
    Running From: C:\Users\Tadpole\Desktop
    Language: 0409
    ************************************************************

    ========================= Memory info ======================

    Percentage of memory in use: 25%
    Total physical RAM: 7935.18 MB
    Available physical RAM: 5948.9 MB
    Total Pagefile: 15868.55 MB
    Available Pagefile: 13262.52 MB
    Total Virtual: 4095.88 MB
    Available Virtual: 3980.12 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:916.76 GB) (Free:859.74 GB) NTFS
    2 Drive d: (AVG 2012 - B1780) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 931 GB 0 B
    Disk 1 No Media 0 B 0 B
    Disk 2 No Media 0 B 0 B
    Disk 3 No Media 0 B 0 B
    Disk 4 No Media 0 B 0 B
    Disk 5 No Media 0 B 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Recovery 14 GB 31 KB
    Partition 2 Primary 100 MB 14 GB
    Partition 3 Primary 916 GB 14 GB
    Partition 4 Primary 1744 KB 931 GB

    ======================================================================================================

    Disk: 0
    Partition 1
    Type : 27
    Hidden: Yes
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 PQSERVICE NTFS Partition 14 GB Healthy Hidden

    ======================================================================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

    ======================================================================================================

    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 C NTFS Partition 916 GB Healthy Boot

    ======================================================================================================

    Disk: 0
    Partition 4
    Type : 17 (Suspicious Type)
    Hidden: Yes
    Active: No

    There is no volume associated with this partition.

    ======================================================================================================
    'bcdedit' is not recognized as an internal or external command,
    operable program or batch file.


    ****** End Of Log ******
    Piratekitty, Jan 9, 2013
    #23

  4. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Okay. Here we go with the fix:

    FRST Fixlist

    Please download attached fixlist.txt below, and save it to your flash drive in the same location as FRST.exe. Make sure it maintains the same name, otherwise the fix will fail.

    NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

    Now, please enter System Recovery Options then select Command Prompt.

    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Now restart, let it boot normally and tell me how it went.

    Attached Files:

    Jay Pfoutz, Jan 9, 2013
    #24

  5. Piratekitty Newcomer, in training Posts: 37

    Question: make sure it maintains the same name as what it is now or as FRST?
    Piratekitty, Jan 10, 2013
    #25

  6. Jay Pfoutz Malware Helper Posts: 4,286   +49

    As what it is now. Sorry for confusion. :)
    Jay Pfoutz, Jan 10, 2013
    #26
     

  7. Piratekitty Newcomer, in training Posts: 37

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-12-2012
    Ran by SYSTEM at 2013-01-10 14:10:16 Run:1
    Running from G:\

    ==============================================


    ==== End of Fixlog ====
    Piratekitty, Jan 10, 2013
    #27

  8. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Post new log from ListParts please...
    Jay Pfoutz, Jan 10, 2013
    #28

  9. Piratekitty Newcomer, in training Posts: 37

    ListParts by Farbar Version: 30-10-2012
    Ran by Tadpole (administrator) on 11-01-2013 at 12:01:08
    Windows 7 (X64)
    Running From: C:\Users\Tadpole\Desktop
    Language: 0409
    ************************************************************

    ========================= Memory info ======================

    Percentage of memory in use: 23%
    Total physical RAM: 7935.18 MB
    Available physical RAM: 6082.39 MB
    Total Pagefile: 15868.55 MB
    Available Pagefile: 13222.73 MB
    Total Virtual: 4095.88 MB
    Available Virtual: 3984.37 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:916.76 GB) (Free:853.43 GB) NTFS
    2 Drive d: (AVG 2012 - B1780) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 931 GB 0 B
    Disk 2 No Media 0 B 0 B
    Disk 3 No Media 0 B 0 B
    Disk 4 No Media 0 B 0 B
    Disk 5 No Media 0 B 0 B
    Disk 6 No Media 0 B 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Recovery 14 GB 31 KB
    Partition 2 Primary 100 MB 14 GB
    Partition 3 Primary 916 GB 14 GB
    Partition 4 Primary 1744 KB 931 GB

    ======================================================================================================

    Disk: 0
    Partition 1
    Type : 27
    Hidden: Yes
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 PQSERVICE NTFS Partition 14 GB Healthy Hidden

    ======================================================================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

    ======================================================================================================

    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 C NTFS Partition 916 GB Healthy Boot

    ======================================================================================================

    Disk: 0
    Partition 4
    Type : 17 (Suspicious Type)
    Hidden: Yes
    Active: No

    There is no volume associated with this partition.

    ======================================================================================================

    ****** End Of Log ******
    Piratekitty, Jan 11, 2013
    #29

  10. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Again...

    FRST Fixlist

    Please download attached fixlist.txt below, and save it to your flash drive in the same location as FRST.exe. Make sure it maintains the same name, otherwise the fix will fail.

    NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

    Now, please enter System Recovery Options then select Command Prompt.

    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Now restart, let it boot normally and tell me how it went.

    Attached Files:

    Jay Pfoutz, Jan 11, 2013
    #30

  11. Piratekitty Newcomer, in training Posts: 37

    Did I do something wrong the 1st time?
    Piratekitty, Jan 11, 2013
    #31

  12. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Nah. Just need to try something different.
    Jay Pfoutz, Jan 11, 2013
    #32

  13. Piratekitty Newcomer, in training Posts: 37

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-12-2012
    Ran by SYSTEM at 2013-01-12 16:51:11 Run:2
    Running from G:\

    ==============================================


    ==== End of Fixlog ====
    Piratekitty, Jan 12, 2013
    #33

  14. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Let's try a free trial of Paragon Partition Manager: http://www.paragon-software.com/home/pm-personal/download.html

    Once you get it downloaded/installed, start up the program... click on the Delete partition button...


    Find Partition 4 (Type: 17)... 1744 KB is the size... delete that one. If any doubts, then stop and post screenshot if unsure.

    Let me know any results.
    Jay Pfoutz, Jan 13, 2013
    #34

  15. Piratekitty Newcomer, in training Posts: 37

    How do I find Partition 4 (Type: 17)? I looked and looked but I do not see anything that says type 17,. I see 3 blue ones and a red one.,
    Piratekitty, Jan 15, 2013
    #35

  16. Jay Pfoutz Malware Helper Posts: 4,286   +49

    There weren't any sizes noted?
    Jay Pfoutz, Jan 15, 2013
    #36

  17. Piratekitty Newcomer, in training Posts: 37

    Here is a pic of what I see on my end

    Attached Files:

    Piratekitty, Jan 16, 2013
    #37

  18. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Yes, good...please delete the red one at the bottom (1.7 MB).

    Once done, let me know.
    Jay Pfoutz, Jan 16, 2013
    #38

  19. Piratekitty Newcomer, in training Posts: 37

    The outcome is..it tells me

    Operation Delete partition is not available in the Demo version.
    Piratekitty, Jan 16, 2013
    #39

  20. Jay Pfoutz Malware Helper Posts: 4,286   +49

    Oh my goodness. :p

    Time to do it the long way here...print this, if you like...

    Click Start > type CMD and right-click on Command Prompt and select Run as administrator...

    While in Command Prompt, type the following pressing Enter after each break in line of my text:

    DISKPART

    List Disk

    select disk 0

    list partition

    delete partition 4

    exit

    exit


    NOTE: Be sure when you go to the step "list partition", verify that partition 4 is listed as 1.7 MB, 2 MB, or 1744 KB. If so, delete partition 4.
    Jay Pfoutz, Jan 17, 2013
    #40
Page 2 of 4
Topic Status:
Not open for further replies.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.