Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Solution (Given) to removing Alureon !gen A trojan

12 Jun 2015   #1
kkellogg

Windows 7 Home Premium 64 bit
 
 
Solution (Given) to removing Alureon !gen A trojan

Hey Everybody,
I joined this forum last night to seek help resolving a terrible crash of my Windows 7 Home Edition home desktop that resulted after Microsoft Security Essentials (MSE) detected, and then failed to remove the Alureon gen!A Trojan many times.


For about a month or two, MSE, which was set up to run a daily full scan, excluding no folders, programs, or external drives, and to automatically remove all threats, was telling me about 10 times a day that it detected threats (only one, Alureon gen!A), and removed them, and that I had to restart my computer. I did this several times, with no luck. I spent some time online and followed instructions to remove this Trojan (removing its keys from the registry, emptying the temp files, running the Windows Malicious Software Removal Tool), with no luck. Finally, last night, I went out and bought some DVDs and wrote a Windows Offline Defender boot disk.


I restarted my computer, ran a full scan with Windows Offline Defender, and Alureon gen !A was the only threat detected, just like MSE. I removed it. It said the removal was successful, and asked me to restart the machine. I restarted the machine, removed the boot disk, and started windows normally. The "Starting Windows" black screen with the flags showed up, but immediately afterwards, a blue screen of death showed for a fraction of a second and my system restarted.


I tried safe mode boot, startup repair, system restore, startup repair from an install disk, and disabling "automatically restart after system fails to boot." This last thing caught my attention, since it only worked after the first restart after disabling it, and I could see the blue screen of death for a longer time.


I did some searches on my tablet, and found that if I pressed F10 during boot and removed "/MININT" from the line reading /NOEXECUTE=OPTION /MININT, and pressed enter, my computer booted just fine, and the Trojan was no longer detected by MSE.


I hope someone finds this helpful (I spent 6 hours trying to fix this problem with a 5 second fix).


My System SpecsSystem Spec
.
12 Jun 2015   #2
kkellogg

Windows 7 Home Premium 64 bit
 
 

I'd like to add a bit more information. I restarted my computer shortly after making this post. It turns out the issue wasn't entirely resolved, and that I'd have to hit F10 on every boot and remove "/MININT" and correct "OPTIN" to "OPTION" on every boot. I followed the following steps to resolve the issue (hopefully) for good:

"PinellasComputers replied on
September 17, 2011


SOLVED!

After 3 hours of troubleshooting, I have found the solution to this problem!
It is caused by a corrupt or damaged boot option in the MBR.
It is especially common on hard drives that contain multiple partitions (ie. almost all OEM installs).
Sometimes the MBR just becomes damaged, other times a boot virus is the cause.

In any case, heres what fixes it:
Boot into recovery manager via a Win7 DVD or via the built in system repair option.
If you use the Win7DVD, click next and then choose the option to Repair your computer.
If you use the built in system repair option, cancel any automatic repairs that may start.
Choose the advanced recovery options, and then choose the command prompt.
Enter the following command: bcdedit /enum

This is the tricky part. Your boot manager may be different depending on the OEM or installer.
Identify all the installation references. There should be more than one. Mine had 2.
One of these is a valid record, the other is corrupt/invalid. We need to delete the invalid record and then rewrite it.
My 2 records were {bootmgr} and {default}
I'm not sure about this, but I believe it will always be the {default} record that is corrupt. (It was for me)
So, let's assume I'm correct and the {bootmgr} record is always generic and the {default} value tends to be corrupted.

Enter the following command: bcdedit /delete {default}
The command should complete successfully.

Now that we've deleted the corrupted record, we need to allow windows to identify and rebuild the correct one.
Enter the following command: bootrec.exe /scanos
Windows should scan for any Windows installations on all drives, and it should indentify at least 1.
Choose y to add it to the boot manager.
The command should complete successfully.

Now lets clean up and make sure Windows has some defualt boot settings.
Enter the following command: bootrec.exe /fixboot
The command should complete successfully.
Enter the following command: bootrec.exe /fixmbr
The command should complete successfully.

Restart. Done! Let me know if it worked for you!

Ryan Malize
Pinellas Computers, LLC."
My System SpecsSystem Spec
Reply

 Solution (Given) to removing Alureon !gen A trojan




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Trojan Alureon.A Detected After Clean Win7 Install
A brief intro: I'm working on a family friend's laptop. It's a Dell Vostro 3550. After doing a factory reset, I was still getting tons of BSODs. You can find info on all that in this thread. I did a Clean Windows 7 install because all signs pointed to hardware issues, but we wanted to be sure. ...
System Security
BSOD after removing Alureon.a
I'm currently unable to access the computer that has the issue but I was haivng some blue screen stop error issues and went to the blue screen forum for help. I had removed my old norton 360 to get Microsoft security essentials and malware bytes. The MSE initial scan found the alureon trojan on my...
System Security
Alureon.E (virus)trojan
Hello everyone, i'm Brato and i need help with this virus - Alureon.E. My laptop (VAIO - W7 Home Premium x64) has been infected with it a couple of months ago, i've searched the internet but didn't find a solution. My MSE antivirus keeps telling me the system is infected with this particullary kind...
System Security
boot:\physicaldrive0\partition3 (type 17) Alureon.E (virus)trojan
Good afternoon/evening, Sevenforums professionals:o My name is kyle and I'm looking for help to remove/cure some issues I'm having with my desktop Gateway PC. This is on a Windows 7 home premium 64bit, i3 processor. Here are the problems detected by Microsoft Security Essentials: ...
System Security
Trojan:DOS/Alureon.A
I've had this incredibly annoying infection for the last few weeks. I've done some searching online and don't get many clear answers about this one. It got to the point that i formatted my hdd, which was due anyway, but after a fresh install of Win 7 i still get prompts from MSE. I've gathered...
System Security
Alureon Bootkit Trojan - Crossing the 64 bit Barrier
UAC is there for a reason!
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:41.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App