{"id":3736,"date":"2012-01-03T06:31:30","date_gmt":"2012-01-03T01:01:30","guid":{"rendered":"http:\/\/windowsvj.com\/wpblog\/?p=3736"},"modified":"2012-01-03T06:31:30","modified_gmt":"2012-01-03T01:01:30","slug":"remove-dosalureon-e-virus-from-windows","status":"publish","type":"post","link":"http:\/\/windowsvj.com\/wpblog\/2012\/01\/remove-dosalureon-e-virus-from-windows\/","title":{"rendered":"Remove DOS\\Alureon.e virus from Windows"},"content":{"rendered":"<p>Recently, when I checked out my home computer after several months I found it does not have Microsoft Security Essentials (MSE) installed, The first thing I did was to install MSE and scan whole system. After the scan I kept getting a Trojan:DOS\/Alureon.E threat in MSE Potential Threat details.&#160; Even after clicking <em>Clean to remove this<\/em>, it encounterd an error all the time and puts the infection into quarantine.&#160; The error code was 0x80501001. And even after several restarts and cleanup MSE was showing this virus. <\/p>\n<p><a href=\"http:\/\/windowsvj.com\/wpblog\/wp-content\/uploads\/2012\/01\/malwar.jpg\" class=\"thickbox\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: block; float: none; margin-left: auto; border-top: 0px; margin-right: auto; border-right: 0px; padding-top: 0px\" title=\"malwar\" border=\"0\" alt=\"malwar\" src=\"http:\/\/windowsvj.com\/wpblog\/wp-content\/uploads\/2012\/01\/malwar_thumb.jpg\" width=\"244\" height=\"83\" \/><\/a><\/p>\n<p>Alureon is difficult to remove, is considered a rootkit (it may morph and change identity on your OS) and many IT professionals recommend a reinstall of the OS to ensure the rootkit is removed. <b>DOS\\Alureon.e <\/b>enables its controller to learn your browsing habits, as well as extract other data from your computer system. In particular, any version of the infection&#160; extracts from your PC&#160; the following information:<\/p>\n<ul>\n<li>Websites visited lately<\/li>\n<li>Operating system technical details<\/li>\n<li>Most frequently used browser<\/li>\n<\/ul>\n<p><a class=\"thickbox\" href=\"http:\/\/windowsvj.com\/wpblog\/wp-content\/uploads\/2012\/01\/image.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; padding-left: 0px; padding-right: 0px; display: block; float: none; margin-left: auto; border-top: 0px; margin-right: auto; border-right: 0px; padding-top: 0px\" title=\"image\" border=\"0\" alt=\"image\" src=\"http:\/\/windowsvj.com\/wpblog\/wp-content\/uploads\/2012\/01\/image_thumb.png\" width=\"522\" height=\"505\" \/><\/a><\/p>\n<p>Removal of DOS\\Alureon.e is rated as rootkit extermination which implies the highest complexity many a times. I have seen several forums that help user by asking them to execute a tool on their computer and post the reports. <\/p>\n<p>This virus generally corrupts the MBR. After the analysis of my disc management partitions I found a faked partition. The partition was 2MB size and was not created by me. To remove this rootkit all you have to do is delete any extra small partitions that live on your hard drive using windows disk management. Those are the virus. After the deletion of partition, you can use MSE to confirm removal of the virus. <\/p>\n<p>A few infected Windows computers have been recovered by <a href=\"http:\/\/support.kaspersky.com\/faq\/?qid=208283363\">Anti-rootkit utility TDSSKiller<\/a> utility as well. In case deletion of the partition does not work, this may be given a shot. <\/p>\n<p><a href=\"http:\/\/www.microsoft.com\/security\/portal\/Threat\/Encyclopedia\/Entry.aspx?Name=Win32%2fAlureon\">More Information about the Virus<\/a><\/p>\n<p>Microsoft has released an advisory to help prevent infection on your computer:<\/p>\n<ul>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Enable a firewall on your computer.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Get the latest computer updates for all your installed software.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Use up-to-date antivirus software.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Limit user privileges on the computer.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Use caution when opening attachments and accepting file transfers.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Use caution when clicking on links to webpages.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Avoid downloading pirated software.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Protect yourself against social engineering attacks.<\/font><\/h5>\n<\/li>\n<li>\n<h5><font style=\"font-weight: normal\" face=\"Verdana\">Use strong passwords.<\/font><\/h5>\n<\/li>\n<\/ul>\n<h5><font face=\"Verdana\"><font style=\"font-weight: normal\">These tips if followed can help make your Windows secure. <\/font><\/font><\/h5>\n","protected":false},"excerpt":{"rendered":"<p>Recently, when I checked out my home computer after several months I found it does not have Microsoft Security Essentials (MSE) installed, The first thing I did was to install MSE and scan whole system. After the scan I kept getting a Trojan:DOS\/Alureon.E threat in MSE Potential Threat details.&#160; Even [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[85,67,83],"class_list":["post-3736","post","type-post","status-publish","format-standard","hentry","category-internet","tag-mse","tag-security","tag-virus"],"_links":{"self":[{"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/posts\/3736","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/comments?post=3736"}],"version-history":[{"count":1,"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/posts\/3736\/revisions"}],"predecessor-version":[{"id":3737,"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/posts\/3736\/revisions\/3737"}],"wp:attachment":[{"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/media?parent=3736"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/categories?post=3736"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/windowsvj.com\/wpblog\/wp-json\/wp\/v2\/tags?post=3736"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}