We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Trojan.Alureon.Gen
fordmanchester
Posts: 215 Forumite
Hi
I'm posting this just in case it's of some use to someone who is experiencing the horrible Alureon trojan. It causes you to be redirected to random web pages, stops you from accessing the Microsoft "Windows Update" webpage, and can seriously compromise the security of your computer.
In my case I experienced the redirection to random web pages when performing Google searches, the frequent appearance of error messages saying "Generic Host Process for Win32 services encountered a Problem and needs to close" - which would totally freeze my computer and I would need to reboot it, and then have great difficulty in actually getting it to reboot. Access to Microsoft's Windows Update page was also blocked.
Last weekend I clicked on a website which seemed to start off the Alureon infection. I think it was a website posted (innocently) on one of the forums here, and I've left a message in that forum just to warn people in case I am right.
I was immediately alerted to the fact that there was some kind of problem by Ad-Aware's "Ad-Watch Live!" feature.
Straight away I ran my AVG antivirus which found 2 infections but could only remove one of them.
I then ran a full Malwarebytes scan which detected the "Trojan.Alureon.Gen", which I fixed - resulting in it being "Quarantined and deleted successfully" according to the Malwarebytes log.
I thought that was the end of the matter, however later that night and into the following day I was still being redirected to random websites, and still experiencing the other problems mentioned above.
Repeated (and updated) scans with Ad-Aware, AVG, Spybot, & Malwarebytes all came up clear and showed no problems.
Finally I searched Google to see if anyone else was experiencing the same things as me, and on one forum someone recommended software called Hitman Pro 3. In desperation I downloaded it from the CNET site.
I ran the Hitman Pro scan and it detected the "Trojan.Alureon.Gen" (even though Malwarebytes etc. said that my computer was clean), and it seems to have removed the trojan totally.
I can now access the Windows Update page, I'm not redirected to any dodgy websites, and have had no more problems with error messages, computer freezes or rebooting.
Sorry if this has been rather long-winded, but if anyone discovers they have the wretched Trojan.Alureon.Gen and find that their exisiting software or other advice doesn't fix the problem, then give Hitman Pro 3 a go.
fordmanchester
I'm posting this just in case it's of some use to someone who is experiencing the horrible Alureon trojan. It causes you to be redirected to random web pages, stops you from accessing the Microsoft "Windows Update" webpage, and can seriously compromise the security of your computer.
In my case I experienced the redirection to random web pages when performing Google searches, the frequent appearance of error messages saying "Generic Host Process for Win32 services encountered a Problem and needs to close" - which would totally freeze my computer and I would need to reboot it, and then have great difficulty in actually getting it to reboot. Access to Microsoft's Windows Update page was also blocked.
Last weekend I clicked on a website which seemed to start off the Alureon infection. I think it was a website posted (innocently) on one of the forums here, and I've left a message in that forum just to warn people in case I am right.
I was immediately alerted to the fact that there was some kind of problem by Ad-Aware's "Ad-Watch Live!" feature.
Straight away I ran my AVG antivirus which found 2 infections but could only remove one of them.
I then ran a full Malwarebytes scan which detected the "Trojan.Alureon.Gen", which I fixed - resulting in it being "Quarantined and deleted successfully" according to the Malwarebytes log.
I thought that was the end of the matter, however later that night and into the following day I was still being redirected to random websites, and still experiencing the other problems mentioned above.
Repeated (and updated) scans with Ad-Aware, AVG, Spybot, & Malwarebytes all came up clear and showed no problems.
Finally I searched Google to see if anyone else was experiencing the same things as me, and on one forum someone recommended software called Hitman Pro 3. In desperation I downloaded it from the CNET site.
I ran the Hitman Pro scan and it detected the "Trojan.Alureon.Gen" (even though Malwarebytes etc. said that my computer was clean), and it seems to have removed the trojan totally.
I can now access the Windows Update page, I'm not redirected to any dodgy websites, and have had no more problems with error messages, computer freezes or rebooting.
Sorry if this has been rather long-winded, but if anyone discovers they have the wretched Trojan.Alureon.Gen and find that their exisiting software or other advice doesn't fix the problem, then give Hitman Pro 3 a go.
fordmanchester
0
Comments
-
AVG is useless as you may have experienced. Remove it from your computer and run: http://www.avg.com/download-tools
to remove all bits.
Install either avira, avast or MSE:
Avira AntiVir Personal - FREE Antivirus I personally use avira.0 -
Thank you for your reply, Grandmaster.
I've removed AVG and am trying Avast. Should there be any problems with it then I'll try Avira.0 -
so glad to find this post, I have exactly the same problem to the letter.
Am scanning at the moment but will follow the steps you've suggested, will defo be removing avg aswell!0 -
ok hitman stated possible variant of DL3 (alureon) rootkit detected . But it says:
'the device stack of the hard disk is referencing a hidden driver, this could affect detection of malicious files'
I still can't access microsoft update which suggests its still lurking....
what to do now ?
0 -
I have had the exact same problem, hitman pro showed it the exactly the same as yours, i ran malware scan, hitman pro, anti virus and the only think that seemed to get rid of it was combofix.
my thread on here is. "having all sorts of virus problems"
have a go at combo fix as it has seemed to be the only thing that has got rid of mine, and it was saying the exact same thing as yours
good luck
http://download.bleepingcomputer.com/sUBs/ComboFix.exe0 -
adviceforall wrote: »I have had the exact same problem, hitman pro showed it the exactly the same as yours, i ran malware scan, hitman pro, anti virus and the only think that seemed to get rid of it was combofix.
my thread on here is. "having all sorts of virus problems"
have a go at combo fix as it has seemed to be the only thing that has got rid of mine, and it was saying the exact same thing as yours
good luck
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
No disrespect, but you should NEVER suggest to anyone to run combofix when you dont know how it works or what it does:idea:0 -
Please open malwarebytes, goto LOGS and post the WHOLE of the last log
reboot
Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
Click MAIN MENU then DO A SYSTEM SCAN AND SAVE A LOGFILE(Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log)
If you get a message that you cant write to the hosts file then Press the SHIFT key, and whilst holding it RIGHT CLICK and select RUN AS (admin):idea:0 -
will post as soon as its done, thank you0
-
Hi,
Alienrik I was only offering the same advice to what you had told me to do when I had the exact same trouble yesterday, he said he had already run scans that you had recommended to me first and it was still there.
I was only trying to help him as you had me yesterday, it was the only thing that seemed to have got rid of it..
I wont recommend it again,0 -
pug_in_a_bed wrote: »will post as soon as its done, thank you
I was talking to the original poster
Please start a new thread with any relevant logs:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.5K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.5K Spending & Discounts
- 245.5K Work, Benefits & Business
- 601.4K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards