Recently, when I checked out my home computer after several months I found it does not have Microsoft Security Essentials (MSE) installed, The first thing I did was to install MSE and scan whole system. After the scan I kept getting a Trojan:DOS/Alureon.E threat in MSE Potential Threat details. Even after clicking Clean to remove this, it encounterd an error all the time and puts the infection into quarantine. The error code was 0x80501001. And even after several restarts and cleanup MSE was showing this virus.
Alureon is difficult to remove, is considered a rootkit (it may morph and change identity on your OS) and many IT professionals recommend a reinstall of the OS to ensure the rootkit is removed. DOS\Alureon.e enables its controller to learn your browsing habits, as well as extract other data from your computer system. In particular, any version of the infection extracts from your PC the following information:
- Websites visited lately
- Operating system technical details
- Most frequently used browser
Removal of DOS\Alureon.e is rated as rootkit extermination which implies the highest complexity many a times. I have seen several forums that help user by asking them to execute a tool on their computer and post the reports.
This virus generally corrupts the MBR. After the analysis of my disc management partitions I found a faked partition. The partition was 2MB size and was not created by me. To remove this rootkit all you have to do is delete any extra small partitions that live on your hard drive using windows disk management. Those are the virus. After the deletion of partition, you can use MSE to confirm removal of the virus.
A few infected Windows computers have been recovered by Anti-rootkit utility TDSSKiller utility as well. In case deletion of the partition does not work, this may be given a shot.
Microsoft has released an advisory to help prevent infection on your computer:
Enable a firewall on your computer.
Get the latest computer updates for all your installed software.
Use up-to-date antivirus software.
Limit user privileges on the computer.
Use caution when opening attachments and accepting file transfers.
Use caution when clicking on links to webpages.
Avoid downloading pirated software.
Protect yourself against social engineering attacks.
Use strong passwords.