Spyware, Viruses, & Security forum


How do I get rid of Alureon virus?

by canu49 / November 24, 2012 9:54 PM PST

Showed up on my laptop Thursday( suspect email) I'm using Windows Essentials and Defender Offline. Cleaned and removed the virus, but as soon as I rebooted, it was right back. How do I get rid of this thing. I know I could go into the registry and delete it, I just don't know which strings to delete and which will do more harm than good.

Answer This Ask For Clarification
Discussion is locked
You are posting a reply to: How do I get rid of Alureon virus?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: How do I get rid of Alureon virus?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

All Answers

Collapse -
Things to try
by pgc3 / November 26, 2012 1:04 AM PST

Try this, from a clean computer, download Malwarebytes, save to CD or flash drive. Boot the sick unit into SAFE MODE WITH NETWORKING, run MWB from CD or FD and attempt to remove. You will have to have the infected system on line in order to try this, again SAFE MODE WITH NETWORKING. Windows Defender and Essentials is not likely enough security given what you said. You didn't mention anything about your system or OS and if you are/were running an A/V software aside from what you mentioned, which imop is insufficient.

Collapse -
Please Try This
by Grif Thomas Forum moderator / November 26, 2012 11:43 AM PST

If you can download the tools listed below on the problem computer, great, but you may need to use a separate, clean computer, download the tools, copy them to a flash drive or CD, then transfer them to the infected computer.

Once that's done, then restart the computer into "Safe Mode with Networking" and use the instructions below. If you can't start in Safe Mode, then run all the tools while in "normal" Windows first, then run them in Safe Mode afterward.:

After downloading or transferring it to the problem machine, run the
following tool to help allow the removal programs below to run.
(courtesy of Grinler at BleepingComputer.com)There are 3 different
versions. If one of them won't run then try to run the other one. Be
patient.... as a black window should open, then close after finding all
the background programs.Vista and Win7 users need to right click and choose Run as AdminYou only need to get one of them to run, not all of them.




IMMEDIATELY after running the "Rkill" tool above, run/install the Malwarebytes and
Hitman Pro installer and update files from the links below which
you've also copied to a CD or flash drive, and transfered to the problem
machine. Do NOT restart the computer after running Rkill. Once
downloaded and before transferring Malwarebytes and Hitman Pro to
the problem machine, rename the program installer "mbam-setup.exe" file
to something else like "Gogetum.exe", then copy the installer file and
the update file to a CD or flash drive.. Transfer the file to the
problem machine, then install the "Gogetum.exe" file, then run the
update to get the program current.. After that, run a full system scan
and delete anything it finds.

Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)

Hitman Pro 3.6

Next, download TDSSKiller and follow the guide to use the tool:

Restart the computer and see if things work correctly again.

And after that, if everything's fine by you can't connect to the internet,
then follow the procedures below to check your network "proxy" settings
again.Open Internet Explorer and go to Tools-Internet
Options-Connection Tab. Click on the LAN settings button. IF there is a
check mark next to "Use a proxy server for your LAN", uncheck it. Click
OK. Then OK, again.

Hope this helps.


Collapse -
I killed it.
by fijensen / May 5, 2013 6:08 AM PDT

It took a while. I used Microsoft forefront in Sae Mode. It wouldn' show up on a quick scan. 5 files showed up on full scan. I was able to delete them all. If you are not in Safe Mode, the virus will be in your memory, and re-install itself. Re-boot, tap F8 key until selection for safe mode comes up, select with arrow keys, hit enter. Be sure to disconnect from network/internet/turn off wireless.

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


$16,000 used SUVs

Whether you like your SUVs cute or capable, or some blend of the two, we've got a wide variety of choices in Roadshow's first collection of Editors' Used Picks.