Is my computer still infected?

Regnes · 17-Nov-2009, 07:26 PM #1

I got a message from Live Onecare about an hour ago that I had been infected with a trojan named "Trojan:Win32/Alureon.DA", I told it to clean the trojan out, but received a message basically saying that it couldn't be cleaned, deleted or quarantined.

I've been frantically trying to find an update from Microsoft or something to deal with the trojan with no luck, and when I forgot the specific name I looked it up on my log and saw that contrary to the previous statement, it seems like Onecare might have taken care of the trojan after all.

Do you think I'm still infected? I'm running a full system scan as I write this, here is a copy/paste from my OneCare log concerning the trojan.

************************************************************
Begin Resource Scan
Scan ID:{45F7D23E-5614-46F8-96C6-3F2669959A65}
Scan Source:8
Start Time:Tue Nov 17 2009 14:49:01
End Time:Tue Nov 17 2009 14:49:01
Explicit resource to scan
Resource Schema:file
Resource Path:C:\Users\Mike\AppData\Local\Temp\Low\0.37348815608561525.exe
Result Count:1
Threat Name:Trojan:Win32/Alureon.DA
ID:2147629070
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:C:\Users\Mike\AppData\Local\Temp\Low\0.37348815608561525.exe
Extended Info:110468118480880
End Scan
************************************************************
Begin Resource Scan
Scan ID:{33762E16-0338-4B93-97A9-F229C3974CD2}
Scan Source:8
Start Time:Tue Nov 17 2009 14:49:10
End Time:Tue Nov 17 2009 14:49:23
Explicit resource to scan
Resource Schema:file
Resource Path:C:\Users\Mike\AppData\Local\Temp\Low\0.37348815608561525.exe
Result Count:1
Threat Name:Trojan:Win32/Alureon.DA
ID:2147629070
Severity:5
Number of Resources:1
Resource Schema:file
Resource Path:C:\Users\Mike\AppData\Local\Temp\Low\0.37348815608561525.exe
Extended Info:110468118480880
End Scan
************************************************************
Beginning threat actions
Start time:Tue Nov 17 2009 14:49:24
Threat Name:Trojan:Win32/Alureon.DA
Threat ID:2147629070
Action:remove
File cleaned/removed successfully
File Name:C:\Users\Mike\AppData\Local\Temp\Low\0.37348815608561525.exe
Resource action complete:Removal
Schema:file
Path:\\?\C:\Users\Mike\AppData\Local\Temp\Low\0.37348815608561525.exe
Threat ID:2147629070
Resource refcount:1
Result:0
Finished threat ID:2147629070
Threat result:0
Threat status flags:4
Finished threat actions
End time:Tue Nov 17 2009 14:49:25
Result:0
************************************************************

Mumbodog · 17-Nov-2009, 09:17 PM #2

Run the scan again, see if it comes up clean, the log said its removal was successful, but double check.

.

flavallee · 18-Nov-2009, 09:19 AM #3

Keep the contents of this temp folder:

C:\Users\Mike\AppData\Local\Temp

emptied out on a regular basis. It's all junk and is a good place for a "nasty" to hide.

Empty the Recycle Bin afterwards, then restart your computer.

---------------------------------------------------------------

Tag Cloud
access acer asus bios bsod computer crash desktop dns driver drivers error ethernet excel freeze gaming graphics hard drive hardware hdmi internet laptop malware memory monitor motherboard network printer problem ram registry repair router slow software sound trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for:

Find the solution to yourcomputer problem!

Find the solution to your
computer problem!