Trojan DOS Alureon Removal Repair – Solved

Trojan:DOS/Alureon.A – Removal

 
 
Summary:
Trojan:DOS/Alureon.A is the detection for a variant of the Alureon malware family that infects the Master Boot Record (MBR).

Recently came across this Trojan:DOS/Alureon. A rootkit on a customers laptop. Customers laptop was badly infected with 168 virus and malware. All viruses & malwarte removed clean with the exception of this Trojan:DOS/Alureon. I tried several programs, including 3 boot rescue cd’s. All of them detected the remaining infection but failed at fixing or removing the rootkit. HitMan Pro also detected a Master Boot Record infection. I was hesitant on removing these 2 remaining infections before contacting the customer on a very possible reload of the operating system. After explaining what I had here, and the possiblity of ending up with a non boot computer, customer gave me the ok on wiping it clean if I had to.

Trojan:DOS/Alureon

Trojan:DOS/Alureon

So, I took a shot at this Trojan:DOS/Alureon.A rootkit with Kaspersky TDSSKiller. First time I ran Kaspersky’s TDSSKiller, it detected the rootkit and I used the “copy to quarentine” function, rebooted and re-scanned and rootkit was still there. Ran Kaspersky’s TDSSKiller one more time and used the “Cure” function……. rootkit gone. Computer booted up fine, ran all scans thru again nothing remaining.

NOTE: As always maintaining backups of all important data at all times is very important. These type MBR infections could result in disaster for the average user with a non boot computer even after removal. This particular one removed or “cured” clean with no boot problems afterwards. Perform at your own risk.

Followed up and checked with MBRCheck, all good

“MBRCheck hecks the legitimacy of the Master Boot Record (MBR) code of the hard drives on the computer.

So to summarize how this Trojan:DOS/Alureon was removed:

  1. Download Kaspersky TDSSKiller
  2. Run Kaspersky’s TDSSKiller with Administrator rights – Right Click – Run As Administrator
  3. When scan is complete, make sure to use the “Cure” function
  4. Reboot and rescan system, Trojan:DOS/Alureon should be gone

Followup to check the MBR with MBRCheck

Follow up scans with your regular security tools. HitmanPro is a good one to run thru, it is retail with a 30 day trial, but you ne able to get some good results. It is portable and a fast virus scanner, uses the “Cloud” utilizing several anti virus vendors. “Hitman Pro 3 combines a variety of anti malware programs without installing software on your PC. Hitman Pro 3 will not slow down your PC as it is using cloud technologyfor malware detection.”

I personally ran into this Trojan Alureon virus that my Eset Nod32 AntiVirus alerted me to. Would you like to know where? On 2 separate occasions, about 2 weeks a part watching an old tv show on Hulu. About 20 minutes into watching a tv show on Hulu, Eset Nod32 AntiVirus 5  blocked the virus. YES Hulu, I do not go there anymore! Eset Nod32 Anti Virus 5 blocked it both times!

Lightspeeds Computer Repair Augusta GA
 
 
 
 

Highly Recommended Anti Virus – Eset Nod32 Anti Virus 5

Eset Nod32 AntiVirus

3
  Related Posts

Comments

  1. Lightspeeds PC  October 19, 2012

    This website just went up 2 days ago, still setting up, might be why you cannot subscribe, not sure. Thank you!

    reply
  2. computer support services  April 12, 2013

    I all the time emailed this webpage post page to all my contacts, as
    if like to read it next my friends will too.

    reply

Add a Comment