Computer Newbies forum

General discussion

Computer infected with Trojans.

by nykommer / December 3, 2008 9:04 PM PST

My wifes computer running XP is infected with 2 Trojans.
"Win32/Alureon.gen" twice in the C drive and "Win32?Alureon.gen!j" twice in the C drive, 1 in the D drive and 1 in the G drive. Any suggestions how to remove them. Microsoft One Care found them, but could not remove them. AVG and Avira did not find them. Hope someone can help

Discussion is locked
You are posting a reply to: Computer infected with Trojans.
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Computer infected with Trojans.
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
This Should Help But...
by Grif Thomas Forum moderator / December 3, 2008 11:08 PM PST

...a little more information would sure assist us in identifying the specific problem.. First, are the D: drive and the G: drive separate hard drives on the computer or are the simply partitions of one hard drive..? (Commonly, a D: drive is a recovery partition and as such, it should be left alone.)

Next, EXACTLY what are the names of the infected files and what folders are they located in..?

Next, please use the instructions below to download the free tools and scan with them as directed:

Please download Malwarebytes' Anti-Malware from the link below:

http://www.majorgeeks.com/Malwarebyt...are_d5756.html

Double Click mbam-setup.exe to install the application. (If the file won't run correctly, try renaming it to something else, like "gogetup.exe", then double click it to install it. Some variants of malware will prevent the "mbam-setup.exe" file from running.)

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full System Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
_____________________

If you can't download or install the program from the infected machine, then please use a friend or family member's "clean" computer and download the Malwarebytes tool and it's manual update from the link below.. Once downloaded, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

Malwarebytes Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe

Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/dat...mbam-rules.exe

If the program installs correctly but then won't run, please access the "C:\Program Files\ Malwarebytes Antimalware folder and rename the "mbam.exe" file to something else.. Make sure it has a .exe file extension and then double click on the newly named file. Malwarebytes should run correctly now..
___________________

After running the scan with Malwarebytes, then download, install, update, then run a full system scan with a second tool below:

As before, attempt to download and install on your current computer but if it's unable to do so, you'll need to download the program on a different "clean" computer, then transfer it to your machine.. After it's installed on the problem machine, update it, then restart the computer into "Safe Mode" and run a full system scan and delete all it finds. While you're in Safe Mode, then run a second scan with Malwarebytes. (As before, it be necessary to rename the installer and program files to get the program installed and running.)

SUPERAntispyware Removal Tool

After doing so, restart into "normal" windows and run another scan with both tools.. It frequently takes multiple scans till the scan comes up clean.

Hope this helps.

Grif

Collapse -
I did help.
by nykommer / December 9, 2008 5:43 AM PST

Thank you very much for your help. The computer is now clean for all the trojans and viruses it was infected with. Again thank you for your great help.

Collapse -
(NT) Good Job & Thanks For Posting Back!
by Grif Thomas Forum moderator / December 9, 2008 1:18 PM PST
In reply to: I did help.
Collapse -
Malware Refusal
by lriecks / December 21, 2008 2:17 AM PST

I tried using the link in your post and it will not download. Ask me to be sure that I have access. What's up? I'm using a Sony VGC-VA10G running Windows XP MCE Svc. Pk-3, using IE8.

Collapse -
Which Link?
by Grif Thomas Forum moderator / December 21, 2008 5:05 AM PST
In reply to: Malware Refusal

There are three links, one of which is not correct. (My mistake.) The "manual updater" link is correctly listed below and as before, when you click on the link below, the download dialogue window will load immediately.:

http://www.malwarebytes.org/mbam/database/mbam-rules.exe

Still, all the other links should work fine UNLESS you happen to have an infected computer.. IN that case, follow the instructions I gave to use a separate clean computer to perform the downloads.

Hope this helps.

Grif

Collapse -
second confirmation
by ddbabich / April 19, 2009 5:58 PM PDT

I had Win32/Alureon on my HTPC and spent the better part of a weekend attempting to remove it using various tools that claimed that they would remove it (including Microsoft's Malicious Software Removal Tool).

I followed the instructions posted here, and I did have to rename both the installer, and the executable for Malwarebytes' before I could get it to install, and then run. However, once I was able to run the software, it was successful in cleaning this problem out for me. Thanks so much for posting a legitimate solution (and not just a link to more spyware/malware).

Collapse -
Try Panda....
by mgk57 / December 9, 2008 7:51 AM PST

Another way to clear the badies is to use Panda software. Very good at getting trojans where others can't.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?