I was searching the web for solutions to remove the Alureon-K Virus, but couldnt find any. I saw some people removing it sucessfully with the help od essexboy, I wounder if he could help me too. I’m not an expert in malware removal but i trying some software already. I cant run some .exes in my computer so its much harder to do anything.
[*]Extract it to your desktop
[*]Double click TDSSKiller.exe
[*]when the window opens, click on Change Parameters
[*]under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
[*]click OK
[*]Press Start Scan
[*]Only if Malicious objects are found then ensure Cure is selected
[*]Then click Continue > Reboot now
[*]Copy and paste the log in your next reply
[*]A copy of the log will be saved automatically to the root of the drive (typically C:)
I know you already ran it but I need to see what is on it so that we can give you the correct instructions. Please run TDSSKiller according to the instructions that I provided and attach the log created.
It’s nice to make progress! Jeffce will give the all clear when all elements of the infection are gone, and gone for good. He is so smart, he makes it look easy; but the same problem in the wrong hands can result in your computer becoming useless. If any file remnants are not completely removed, you could be back here once more with another infection, so…
@mchain
Thanks for helping out here. The more eyes on a topic the better.
@n3utraliz3r
Thanks for getting me that log. You still have an entry for that particular infection still on your system. I good rule of thumb is to remember that the absence of symptoms does not necessarily mean the absence of the infection.
Run TDSSKiller again.
When you get to this entry >> \Device\Harddisk0\DR0 ( TDSS File System ) delete it.
Then attach the new log made by TDSSKiller.
P2P - I see you have P2P software Limewire and uTorrent installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation.
Please note: Even if you are using a “safe” P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
I would strongly recommend that you uninstall these now. You can do so via Control Panel >> Programs and Features.
Please download ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.
Run OTL.exe
[*]Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot when it is done
[*]Then run a new scan and attach a new OTL log ( don’t check the boxes beside LOP Check or Purity this time )