Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win32/Alureon.H


  • Please log in to reply
1 reply to this topic

#1 BenBishop

BenBishop

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 12 October 2010 - 11:55 AM

Wife's computer (home business), and I am the tech support. For the most part, I have been able to help here through some of the following issues:

- toolbar downloads
- virus scan popups on the internet that she has accepted (and subsequently downloaded malware)
- malwaredoctor (hated this one!)

---

But now we have an issue with Win32/Alureon.H - redirects only in firefox and has not allowed microsoft security essentials to update (error: 0x80072efe). Whether these two are related, I cannot say.

For Alureon, I have not done much of anything except to run SUPERantispyware.

For the lack of update for MSE, I verified that the internal clock was correct, fiddled with auto updates and re-ran, and a couple of other unsuccessful attempts.

---

Thanks for all advice and help.

BC AdBot (Login to Remove)

 


#2 MidwestTech

MidwestTech

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Location:Rockford, Illinois
  • Local time:09:35 PM

Posted 12 October 2010 - 12:33 PM

Hi,

Here is a link to instructions to remove the Alureon/TDSS rootkit.

http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller

I have seen this rootkit attach itself to a PC through two methods, corrupting a base driver (i.e. atapi.sys) or changing the MBR (Master Boot Record) of the boot hard disk. FYI, I have used the TDSSKiller utility referred to in the link to successfully remove the rootkit from a driver infected PC, but haven't been able to use the utility to successfully remove it from a MBR infected PC. But YMMV.

If after following the instructions in the link you still have symptoms of the rootkit on your PC, I would suggest going to this link and following the instructions to post on the Virus, Trojan, Spyware, and Malware Removal Logs forum.

http://www.bleepingcomputer.com/forums/topic34773.html

Good luck,
Todd




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users