is rebooting at the end all it will take to restore the default file (if that should be done)?
cannot remove alureon.a
Started by
yellowpower123
, Jun 21 2011 07:46 PM
-
This topic is locked
#46
Posted 12 August 2011 - 01:13 AM
yellowpower123
- Topic Starter
-
- Member
-
- 33 posts
Member
is rebooting at the end all it will take to restore the default file (if that should be done)?
#47
Posted 12 August 2011 - 01:15 AM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
Let it change HOST file. It's OK.
#48
Posted 13 August 2011 - 12:14 AM
yellowpower123
- Topic Starter
-
- Member
-
- 33 posts
Member
When I refreshed this page to see your response, I didn't see the second to last one about deleting the antivirus programs until now. I hope it's ok that I did the DR.Web before I deleted the antivirus programs (it was turned off during the scan).
Dr.Web Log
_desktop.ini;C:\cabs\D00805-001-001;Win32.HLLW.Gavir.ini;Deleted.;
OTL.exe;C:\Documents and Settings\Administrator\Desktop;Trojan.Siggen2.43612;Incurable.Moved.;
0E4C0000.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine;Trojan.DownLoader1.52641;Incurable.Moved.;
0E4C0001.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine;Trojan.DownLoader1.52641;Incurable.Moved.;
0E4C0002.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine;Trojan.DownLoader1.52641;Incurable.Moved.;
4DF47CEC.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40000;Trojan.Siggen2.10592;Incurable.Moved.;
4DF47CED.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40000;Trojan.Siggen2.10592;Incurable.Moved.;
4DF47D06.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40001;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D07.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40001;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D0E.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40002;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D0F.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40002;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D18.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40003;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D19.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40003;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D21.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40004;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D22.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40004;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D2A.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40005;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D2B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40005;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D32.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40006;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D33.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40006;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D3A.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40007;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D3B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40007;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D43.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40008;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D44.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40008;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D4B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40009;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D4C.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40009;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D52.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000A;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D53.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000A;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D5A.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000B;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D5B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000B;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4D436C4C.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C400000;Trojan.Fakealert.19786;Deleted.;
4E6CAAFC.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C680000;Win32.HLLW.Autoruner.25074;Deleted.;
4FFADACB.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F900003;Trojan.DownLoad1.60836;Deleted.;
Dr.Web Log
_desktop.ini;C:\cabs\D00805-001-001;Win32.HLLW.Gavir.ini;Deleted.;
OTL.exe;C:\Documents and Settings\Administrator\Desktop;Trojan.Siggen2.43612;Incurable.Moved.;
0E4C0000.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine;Trojan.DownLoader1.52641;Incurable.Moved.;
0E4C0001.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine;Trojan.DownLoader1.52641;Incurable.Moved.;
0E4C0002.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine;Trojan.DownLoader1.52641;Incurable.Moved.;
4DF47CEC.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40000;Trojan.Siggen2.10592;Incurable.Moved.;
4DF47CED.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40000;Trojan.Siggen2.10592;Incurable.Moved.;
4DF47D06.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40001;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D07.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40001;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D0E.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40002;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D0F.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40002;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D18.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40003;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D19.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40003;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D21.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40004;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D22.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40004;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D2A.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40005;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D2B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40005;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D32.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40006;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D33.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40006;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D3A.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40007;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D3B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40007;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D43.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40008;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D44.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40008;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D4B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40009;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D4C.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B40009;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D52.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000A;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D53.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000A;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D5A.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000B;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4DF47D5B.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\00B4000B;Trojan.PWS.Siggen.10506;Incurable.Moved.;
4D436C4C.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C400000;Trojan.Fakealert.19786;Deleted.;
4E6CAAFC.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C680000;Win32.HLLW.Autoruner.25074;Deleted.;
4FFADACB.VBN;C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0F900003;Trojan.DownLoad1.60836;Deleted.;
#49
Posted 13 August 2011 - 12:33 AM
yellowpower123
- Topic Starter
-
- Member
-
- 33 posts
Member
Dr.Web moved OTL.exe somewhere, can I just download another one?
Side note: somehow "Clean this" icon is on my desktop but I never click on it because I didnt trust it. This happened during the time my comp was infected with a virus.
Side note: somehow "Clean this" icon is on my desktop but I never click on it because I didnt trust it. This happened during the time my comp was infected with a virus.
#50
Posted 13 August 2011 - 09:43 AM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
Dr.Web log is clean. All that it found is quarantine files. Did you remove one of your antivirus software? Let's see where we stand now:
Download OTL to your Desktop
Download OTL to your Desktop
- Run OTL.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Click the "Scan All User" checkbox
- Change "Extra Registry" option to "SafeList"
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows OTL.txt and Extra.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of this files, and post it with your next reply.
#51
Posted 13 August 2011 - 02:35 PM
yellowpower123
- Topic Starter
-
- Member
-
- 33 posts
Member
yes, I deleted Microsoft essential & I only have symantec Antivirus program now (not including aswmbr & Dr.Web)
I tried to download OTL on my flashdrive and copy it to my desktop on my other computer, but I couldn't remove my flashdrive. It kept saying "Generic volume cannot be stopped right now." I tried to download a Unlocker but I couldn't find one/ the website didnt work. I didn't want to pull it right out and data might be lost. What's weird is the only thing I did was download the OTL to the flashdrive then I existed when the download is complete--I didn't open any other file on my computer so I don't know why I can't safely remove it.
I tried to download OTL on my flashdrive and copy it to my desktop on my other computer, but I couldn't remove my flashdrive. It kept saying "Generic volume cannot be stopped right now." I tried to download a Unlocker but I couldn't find one/ the website didnt work. I didn't want to pull it right out and data might be lost. What's weird is the only thing I did was download the OTL to the flashdrive then I existed when the download is complete--I didn't open any other file on my computer so I don't know why I can't safely remove it.
#52
Posted 14 August 2011 - 08:00 AM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
You can remove your USB memory by unplugging it from your PC. There are very low chance to lose your data. If you have very important data then first turn off your PC then unplug it from it.
#53
Posted 17 August 2011 - 11:22 PM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
