Alureon Virus on My Computer

**KayfabeMan** · 04-08-2012, 11:22 PM

Here's the thing.

Other night, using the computer - on a totallylookslike page - computer just shuts down. Totally shuts down. Then it restarts. So I used the Windows Defender program [as I dont have any other virus software], and it comes up with Alureon.gen!k

It says it removed it but it is still there because I actually tried to shut down the computer the other day and it said STILL RUNNING ALUREON, SHUT DOWN OR WAIT FOR PROGRAM TO STOP RUNNING?

The other thing is that now I can't get on the internet via the computer. I am having to use my brothers computer to get online. It shows my internet connection as available and connected - yet on the little WLAN icon, it shows an exclamation point and says that I am online but on a public network. Would not let me sign on on AOL or bring up explorer.

I shut off my wireless adapter so that it hopefully keeps anyone from stealing my data, etc for the time being. But dont know what to do next. I am assuming maybe I should go to the store and buy a McAfee software and download it and run it, but unsure if that will work with this vius already there or also if that removes this type of virus.

Any help would be great. Will check back here later. Thanks in advance guys,

**Purgatory** · 04-09-2012, 05:42 PM

http://en.wikipedia.org/wiki/Alureon

So yeah, looks like a fairly major one.

"While the rootkit is generally able to hide itself very effectively, circumstancial evidence of the infection may be found by examining network traffic and outbound connections (Netstat). The "FixMbr" command of the Windows Recovery Console and manual replacement of atapi.sys may be required before some anti-virus tools are able to find and clean an infection."

I'm almost positive a total reformat will fix this...At least, that's how I would fix it. If my AV can't fix something, then a total reformat is in order...unfortunately.

**Dark One** · 04-11-2012, 02:20 AM

Try downloading TDSS Killer or Norton Power Eraser and burning it to disc to run on your machine. It will catch a lot of rootkits and trojans, and is fairly simple to use. It's likely that your networking isn't working because the virus is trying to redirect network traffic through its own servers. Purchasing software from a store is unlikely to do much at this point. The only one that might be worthwhile would be Kaspersky, as you can boot from its disc and do some repairs outside of Windows, where the infection is active; however, if you don't have much in the way of a technical background, this may not do you much good.

I would be hesitant to restore/reformat, as some of these rootkits now come with a separate hidden boot partition, which can persist through a format/restore if not done properly.

04-09-2012, 05:42 PM	#2
Purgatory You're Welcome. Posts: 7,242	http://en.wikipedia.org/wiki/Alureon So yeah, looks like a fairly major one. "While the rootkit is generally able to hide itself very effectively, circumstancial evidence of the infection may be found by examining network traffic and outbound connections (Netstat). The "FixMbr" command of the Windows Recovery Console and manual replacement of atapi.sys may be required before some anti-virus tools are able to find and clean an infection." I'm almost positive a total reformat will fix this...At least, that's how I would fix it. If my AV can't fix something, then a total reformat is in order...unfortunately.

04-11-2012, 02:20 AM	#3
Dark One King of Suplexes/Oxy Posts: 18,466	Try downloading TDSS Killer or Norton Power Eraser and burning it to disc to run on your machine. It will catch a lot of rootkits and trojans, and is fairly simple to use. It's likely that your networking isn't working because the virus is trying to redirect network traffic through its own servers. Purchasing software from a store is unlikely to do much at this point. The only one that might be worthwhile would be Kaspersky, as you can boot from its disc and do some repairs outside of Windows, where the infection is active; however, if you don't have much in the way of a technical background, this may not do you much good. I would be hesitant to restore/reformat, as some of these rootkits now come with a separate hidden boot partition, which can persist through a format/restore if not done properly.