Spyware, Viruses, & Security

Question

How do I get rid of Alureon virus?

by canu49 / November 24, 2012 9:54 PM PST

Showed up on my laptop Thursday( suspect email) I'm using Windows Essentials and Defender Offline. Cleaned and removed the virus, but as soon as I rebooted, it was right back. How do I get rid of this thing. I know I could go into the registry and delete it, I just don't know which strings to delete and which will do more harm than good.

Answer This Ask For Clarification
Discussion is locked
You are posting a reply to: How do I get rid of Alureon virus?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: How do I get rid of Alureon virus?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

All Answers

Collapse -
Answer
Things to try
by pgc3 / November 26, 2012 1:04 AM PST

Try this, from a clean computer, download Malwarebytes, save to CD or flash drive. Boot the sick unit into SAFE MODE WITH NETWORKING, run MWB from CD or FD and attempt to remove. You will have to have the infected system on line in order to try this, again SAFE MODE WITH NETWORKING. Windows Defender and Essentials is not likely enough security given what you said. You didn't mention anything about your system or OS and if you are/were running an A/V software aside from what you mentioned, which imop is insufficient.

Collapse -
Answer
Please Try This
by Grif Thomas Forum moderator / November 26, 2012 11:43 AM PST

If you can download the tools listed below on the problem computer, great, but you may need to use a separate, clean computer, download the tools, copy them to a flash drive or CD, then transfer them to the infected computer.
_______________

Once that's done, then restart the computer into "Safe Mode with Networking" and use the instructions below. If you can't start in Safe Mode, then run all the tools while in "normal" Windows first, then run them in Safe Mode afterward.:

After downloading or transferring it to the problem machine, run the
following tool to help allow the removal programs below to run.
(courtesy of Grinler at BleepingComputer.com)There are 3 different
versions. If one of them won't run then try to run the other one. Be
patient.... as a black window should open, then close after finding all
the background programs.Vista and Win7 users need to right click and choose Run as AdminYou only need to get one of them to run, not all of them.

Rkill.exe
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill.com
http://download.bleepingcomputer.com/grinler/rkill.com

Rkill.scr
http://download.bleepingcomputer.com/grinler/rkill.scr
_____________________

IMMEDIATELY after running the "Rkill" tool above, run/install the Malwarebytes and
Hitman Pro installer and update files from the links below which
you've also copied to a CD or flash drive, and transfered to the problem
machine. Do NOT restart the computer after running Rkill. Once
downloaded and before transferring Malwarebytes and Hitman Pro to
the problem machine, rename the program installer "mbam-setup.exe" file
to something else like "Gogetum.exe", then copy the installer file and
the update file to a CD or flash drive.. Transfer the file to the
problem machine, then install the "Gogetum.exe" file, then run the
update to get the program current.. After that, run a full system scan
and delete anything it finds.

Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe

Hitman Pro 3.6

Next, download TDSSKiller and follow the guide to use the tool:
http://support.kaspersky.com/viruses/solutions?qid=208280684

Restart the computer and see if things work correctly again.
____________


And after that, if everything's fine by you can't connect to the internet,
then follow the procedures below to check your network "proxy" settings
again.Open Internet Explorer and go to Tools-Internet
Options-Connection Tab. Click on the LAN settings button. IF there is a
check mark next to "Use a proxy server for your LAN", uncheck it. Click
OK. Then OK, again.
__________________

Hope this helps.

Grif

Collapse -
Answer
I killed it.
by fijensen / May 5, 2013 6:08 AM PDT

It took a while. I used Microsoft forefront in Sae Mode. It wouldn' show up on a quick scan. 5 files showed up on full scan. I was able to delete them all. If you are not in Safe Mode, the virus will be in your memory, and re-install itself. Re-boot, tap F8 key until selection for safe mode comes up, select with arrow keys, hit enter. Be sure to disconnect from network/internet/turn off wireless.

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Tech Tip

Know how to save a wet phone?

It's not with a dryer and it's not with rice. CNET shows you the secret to saving your phone.