Virus help please

[SuperDave]

I just tried it again and it turned back on. I chose to open in safe mode... should I run aswMBR?

Boot in Normal mode if you can and run that scan.

[gracette17]

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-29 08:27:28
-----------------------------
08:27:28.158    OS Version: Windows x64 6.1.7601 Service Pack 1
08:27:28.158    Number of processors: 2 586 0x602
08:27:28.158    ComputerName: JESSICA-PC  UserName: Jessica
08:27:29.952    Initialize success
08:27:39.140    AVAST engine defs: 12082800
08:28:58.373    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:28:58.373    Disk 0 Vendor: WDC_WD3200BEKT-60V5T1 12.01A12 Size: 305245MB BusType: 11
08:28:58.388    Device \Driver\atapi -> MajorFunction fffffa80047855e8
08:28:58.404    Disk 0 MBR read successfully
08:28:58.404    Disk 0 MBR scan
08:28:58.404    Disk 0 Windows 7 default MBR code
08:28:58.419    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
08:28:58.435    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       289291 MB offset 409600
08:28:58.451    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        15650 MB offset 592877568
08:28:58.529    Disk 0 scanning C:\Windows\system32\drivers
08:29:15.579    Service scanning
08:29:24.409    Service MpKsla7657f45 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A3E08EE5-A537-4FD2-B389-B7BC6D041EC5}\MpKsla7657f45.sys **LOCKED** 32
08:29:42.177    Modules scanning
08:29:42.692    Disk 0 trace - called modules:
08:29:42.692    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
08:29:42.692    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004332790]
08:29:42.708    3 CLASSPNP.SYS[fffff8800195643f] -> nt!IofCallDriver -> [0xfffffa8004331520]
08:29:42.708    5 hpdskflt.sys[fffff880018fd289] -> nt!IofCallDriver -> [0xfffffa8003dbc790]
08:29:42.723    7 ACPI.sys[fffff88000e0d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80042af060]
08:29:42.723    \Driver\atapi[0xfffffa800476cdf0] -> IRP_MJ_CREATE -> 0xfffffa80047855e8
08:29:44.096    AVAST engine scan C:\Windows
08:29:55.531    AVAST engine scan C:\Windows\system32
08:34:13.560    AVAST engine scan C:\Windows\system32\drivers
08:34:26.801    AVAST engine scan C:\Users\Jessica
08:38:30.757    AVAST engine scan C:\ProgramData
08:39:58.146    Scan finished successfully
08:40:16.180    Disk 0 MBR has been saved successfully to "C:\Users\Jessica\Desktop\MBR.dat"
08:40:16.195    The log file has been saved successfully to "C:\Users\Jessica\Desktop\aswMBR.after scan.txt"
08:40:25.030    Verifying
08:40:35.061    Disk 0 Windows 601 MBR fixed successfully
08:40:50.271    Disk 0 MBR has been saved successfully to "C:\Users\Jessica\Desktop\MBR.dat"
08:40:50.287    The log file has been saved successfully to "C:\Users\Jessica\Desktop\aswMBR. after fix.txt"

[SuperDave]

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

[gracette17]

I did this and it said it found "no threats" I can't find the log anywhere, even where you specified.

[SuperDave]

I did this and it said it found "no threats" I can't find the log anywhere, even where you specified.

That's ok. How's your computer running now? Any other issues?

[gracette17]

It still says Microsoft essentials cannot protect my computer because of a threat. It says it called "Tojan:DOS/Alureon.a" 

[SuperDave]

Re-run MBAM:

Code:
Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply..

********************************************

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
  
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Note:It will also create a log in the C:\ directory..
**********************************************************

• Download RogueKiller on the desktop
  
• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  
• Otherwise just double-click on RogueKiller.exe
  
• Pre-scan will start. Let it finish.
• Click on SCAN button.
  
• A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
  
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again