Does anyone know how to remove the Alureon.H virus?
MS Forefront has found the Alureon.H virus on Windows XP 32 bit and cannot remove it. I have also tried Malwarebytes to remove this as well with no luck. Teh web say this is a root kit. HELP!!! I checked Microsoft Malware Protection Center:https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Virus%3aWin32%2fAlureon.HAnd there are no instructions on removing this. If anyone out there knows a way please let me know.Thanks,Daniel8011 person needs an answerI do too
June 23rd, 2010 8:58pm

MS Forefront has found the Alureon.H virus on Windows XP 32 bit and cannot remove it. I have also tried Malwarebytes to remove this as well with no luck. Teh web say this is a root kit. HELP!!! I checked Microsoft Malware Protection Center:https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Virus%3aWin32%2fAlureon.HAnd there are no instructions on removing this. If anyone out there knows a way please let me know.Thanks,Daniel801Download this tool and run it:http://download.f-secure.com/estore/fseasyclean.exeDownload the Hijackthis and send the report to one ofmany forums for analysis and troubleshooting or you can send it to me on myemail provided at the bottom:HijackThis v2(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php ) If you would like more help, you can send me the log here:(to_you_ross)(yahoo.co.uk)Remove whatever to mail me.nass -- http://www.nasstec.co.uk
Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2010 9:16pm

This did not help. This is a waste of time and I had to just re-image the drive. I'm supprised that MS Forefront could not get rid of this. Thanks anyway.
July 9th, 2010 9:07pm

Ok well, I have found an aswer that seems to work.Use the following trial software to delete the varient of TDL3 (alias Alureon) rootkit:Hitman Pro is a second opinion scanner, designed to rescue your computer from malware(viruses, trojans, rootkits, etc.) that have infected your computer despite all the securitymeasures you have taken (such as anti virus software, firewalls, etc.).http://www.surfright.nl/en/hitmanproNow if you end up getting the BSoD (Blue Screen of Death) like the below:bowen43 Typed:Hitman Pro immediately found a possible varient of TDL3 (alias Alureon) rootkit detected, but it ended with the Blue Screen. From the message that starts with Driver_IRQL_Not_Less_Or_Equal it looks like atapi.sys might be missing. Start your computer in safe mode with command prompt (Do this by tapping the f8 key repeatedly until a screen of options comes up and use your arrow key to select "Start in safe mode with command prompt.")Log into your account, and then when command prompt comes up type inexplorer.exeFind hitman pro, open it, have it run the scan and delete the Alureon varient. Hopefully this will work. If it doesn't, there are only THREE other options you can choose. Keep in mind that you may loose some files with this (Method 1). With Method 2 and 3 you WILL loose any and all files you have on your computer.Method 1:You can try booting to Last Known Good Configuration Mode, which could resolve this issue. To do this. Tap the f8 key repeatedly until a screen of options comes up and use your arrow key to select "Boot to last known good configuration."Method 2:Startup Repair (If your computer manufacturer has preinstalled recovery options, Startup Repair might also be installed on your hard disk. If your computer does not include Startup Repair, your computer manufacturer might have customized or replaced the tool. Check the information that came with your computer or go to the manufacturer's website.)ORUse your Windows XP startup disk and use the Recovery Panel located on the disk.Method 3:System Restore (Turn back time on your PC: Undo system changes with System Restore). In the list of restore points, click a restore point that was created before you began to experience the issue. ALSO, if this ends up working. To keep this from happening AGAIN, download ALL three of these programs. Unless you already have good, Spyware, Antivirus, and Malware programs.http://www.malwarebytes.org/mbam.phpThis will check for malware, AND registry key errors, or so most of the forums say. >.>http://superantispyware.com/You can download the free version and it will check for spyware as well.http://www.avast.com/eng/download-avast-home.html Avast Anti-Virus is XP, Vista and Windows 7 compatible (32bit and 64bit Versions), FREE, auto-updating, and a low resources user of your computer.Chaos- Young and learning.If this post resolves your issue, please click the "Mark as Answer" or "Helpful" buttons. This helps other users with similar problems find the answer faster.
Free Windows Admin Tool Kit Click here and download it now
July 10th, 2010 12:15am

In cases like this you should first submit sample to:https://www.microsoft.com/security/portal/Submission/Submit.aspxAnd also decribe all error that you will see during removal.Then also contact Microsoft Support or your help desk about this, they would help you to remove this threat.
July 10th, 2010 1:03pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics