Infected with Trojan:DOS/Alureon.E, etc

Yes, that's the one I used ;-)  What about MBAM finding the Trojan, Vundo and the things Hitman found??  Does it seem that they took care of the issues?  Any other scan, such as ComboFix (which I don't know how to read) that you think need to be run or rerun?
MSE scan still running.
Thanks,
Mags

This thread,

http://guides.yoosecurity.com/permanently-remove-trojandosalureon-e-virus-from-win-7-vista-or-xp/

Gives me the impression that MSE removes it but it reoccurs.   It points out some manual removing done in the registry (on the lower part of the page)


Is MSE removing it?

tailoreddigital MSE did not rid the computer of the trojan but running aswMBR fixed the MBR then I delete the hidden partition...after running above mentioned scans MSE no longer found the Trojan:DOS/Alureon.E...it appears to be gone.

Hey Sudeep...great minds think alike...that was the parameter I was going to check...ran the scan and it found no threats.

So what do we think?  Is the computer Trojan free at last?!?

Thanks Sudeep.  I will run ComboFix as soon as the computer is available then send you the log.
Thank you!
Mags

Here is the ComboFix Log...also the TDSSKiller log
Thanks a million!!
Mags
ComboFix-log.txt
TDSSKiller.2.8.16.0-13.05.2013-1.txt

Running now.  Thanks Sudeep.
Mags

No infection was found.  Anything else or am I ready for cleanup?
Thanks,
Mags

Will do!  That was part of my cleanup plan.  I found a great program called Secunia Online Software Inspector that helps me find programs that are not up-to-date since I can't read the logs like you can.

Sudeep thank you for your assistance.  I'll be doing the cleanup this morning and will send in a final post.
Mags

Why would he have a driver (\\10.32.164.242) (Z:) which appears to be a network driver, with a big red X through it...

When clicked on I get the message
Restoring Network Connections - An error occurred while reconnecting Z: to \\10.32.164.242\driver  Microsoft Windows Network: The network path was not found.  This connection has not been restored.

I have no idea what this would try and connect to...I will see what happens when I do clean up.  I tried to get info on it and I'm thinking it should be deleted.  It does not show up in Disk Management but it is mapped.

Is the network device or system 10.32.164.24 accessible.

Make sure you could ping it fine and it has windows files sharing on it.

Try to browse is by typing \\10.32.164.24 in the Run.

Sudeep

No...error code 0x80070035 the network path was not found.  Diagnosed and got the message cannot communicate with 10.32.164.24, Network diagnostics pinged the remote host but did not receive a response.  Option...Reset the network adapter "Wireless Network Connection"  Resetting the adapter can sometimes resolve an intermittent problem.

I'm hesitant to do so since I am working remotely...could this be trojan related?

Weird thing...I could not rename files or print his screen.  Ran RKill, file attached, and know I can rename files but still cannot print his screen.  Rkill also has a different log saying -

Checking Windows Service Integrity: * msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

For cleanup I -
Uninstalled Combo Fix
Ran CCleaner
Ran Revo Junk removal
Turned off System restore to flush all restore points then turned system restore back on
Ran Windows Update...no important updates needed
Used Secunia Online Software Inspector to update Adobe Flash player and since he had the most recent Java I uninstalled the old Java updates

PS  When opening, let say "Computer" it takes a while to populate.
Rkill.txt

Sudeep...any suggestions on how to handle the unknown network drive?

Okay...I disconnected the mystery Z: drive and voila...no issues and when opening up "Computer" it populates quickly.

Still question the rkill log -

Checking Windows Service Integrity:

 * msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

What does this mean?

Thanks,
Mags