locked
Trojan:Win32/Alureon.gen!D Cant remove or quarantine

    Question

  •  

    Subject virus keeps popping up on scan, I cant find it to manually remove and one care cant take care of it.  Can someone help?
    Tuesday, 27 November 2007 2:24 AM

Answers

All replies

  • If you are a onecare user please proceed to this link

    http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

     

    If you aren't a onecare live user please do contact 866 727 2338 ( Microsoft Security ) for a direct assistance with this concern for US/CANADA and for else where reply back here for other alternatives.  

    Tuesday, 27 November 2007 1:34 PM
  • I have a Worm.Win32.NetSky-virus; and i would like to know what software should I use to get rid of it? Please respond to

     

    epleenations1st@hotmail.com/donotspam

     

    Tuesday, 12 February 2008 9:26 AM
  •  5thave wrote:

    I have a Worm.Win32.NetSky-virus; and i would like to know what software should I use to get rid of it? Please respond to

     

    epleenations1st@hotmail.com/donotspam

     

    If  you are not using Windows Live OneCare, you are off topic for this forum. This is not a general forum for viruses, spyware, or Windows Help. For help with spyware issues, you may want to try the forums here: 

    http://aumha.net/ For help with virus removal, contact the maker of your Antivirus program.

    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.

     

    If you are using Windows Live OneCare and you have been infected, but OneCare did not detect or cannot remove the malware, please contact support to report this and for help with removal.

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    Tuesday, 12 February 2008 1:06 PM
    Moderator
  • I was infected with Alureon.gen!h and Delflob.I.  I suppose this is a newer generation of the Alureon.gen!d.  The OneCare scan kept finding and trying to remove this, but it seemed to keep returning.  I read several posts and tried everything within my limited technical abilities, but to no avail, even running scans with system restore turned off.  It seened as though I was being reinfected even while the OneCare scans were running.  I finally physically unplugged my computer from my internet connection and ran the scan again.  The trojan was found again and apparently sucessfully removed.  I ran the scan twice again before physically reconnecting the cable I access the internet through.  After reconnecting, I ran it again.  All seems clear.  What an ordeal this was.  My browser was being hijacked and taking me to places I didn't want to go, muchless places I didn't want my grandchildren going.  Windows updates that previously would not install are now installing fine.  The windows defragmentor that quick working a couple of months ago now works again. 

     

    The Norton products I had before OneCare couldn't even detect the threat.  Next I tried SpyHunter.  It would never install correctly.  This is a vicious little varmit and I pity anyone who has it. 

     

    Additional research indicates that even after the trojan is removed, other fixes may be needed, such as manual repairs to DNS settings or files.  I don't even know what these are.  Any suggestions?

     

    Tuesday, 4 March 2008 3:23 AM
  • If all is working well after your ordeal, I wouldn't be concerned about other steps needed to be taken. If, however, you are encountering strange behavior and believe the infection to still be present, contact OneCare support.

    -steve

     

    Friday, 7 March 2008 10:41 PM
    Moderator
  • Hi
    I had a problem with Alureon.gen!J. I use OneCare. It happen when it expired, I don't if it's related. While OneCare couldn't remove the trojan it located it. I was inside the Window>Temp folder as temporary file named Temp6.tmp. Their were also couple more tmp files there witht he same pattern name that I was able to remove easily. So I want inside the registry to remove the key for alureon, then I tried to delete Temp5.tmp. I couldn't because the process was still running. So I disconnected my computer without shutting down so that at the reboot the disk migh check for the indexe of the file. Then I rebooted my computer, the scan was telling that the key was being removed. And I never had the problem anymore. I went that radical because I don't have a boot disk. I could have tried to remove it manually in DOS mode I guess. Anyway, I don't have any problem any more. If this could help anybody. But the reward goes to OneCare for telling exactly where the file where located. If there is better method please contact me and share it. Thanks
    art.wyse11@gmail.com
    Ben Wyse (Bahiminin Benoit Dah)
    Thursday, 16 October 2008 8:06 PM
  • hi,I remove Win32/Alureon.gen through by this webpage

    http://www.xdelbox.com/how-to-remove-alureon-genu-or-win32alureon-gen/
    Monday, 30 November 2009 2:24 PM