Printable View
My computer seems to infected by the WinNT/Alureon.D Trojan, which is detected by my McAfee anti virus. But the anti virus is not able to delete it stating that close other applications using this program. Even though I do not have any applications running the anti virus still gives the same message as close other applications using this program. How do I remove this trojan. Even it gets transfered to the removable media connected to my computer. I am using Windows Vista operating system.
WinNT/Alureon.D trojan is a member of the malicious Win32/Alureon family. The tojan WinNT/Alureon.D is intended to derive the infected user's information for the attacker. It also observes the network traffic of the infected host to steal sensitive data by intercepting the network traffic. This can be the user name, account information or even the credit card number and password.
Trojan:WinNT/Alureon.D may be installed by other malware. When run, Trojan:WinNT/Alureon.D hooks the System Service Descriptor Table(SSDT) and system Application Programming Iinterfaces(API). This trojan may be present by such filenames as the following:
Quote:
%systemroot%\system32\drivers\UACD.sys
%systemroot%\system32\drivers\UAC<random letters>.sys
%systemroot%\system32\drivers\TDSS.sys
%systemroot%\system32\drivers\TDSSserv.sys
%systemroot%\system32\drivers\TDSS<random 4 letters>.sys
The Trojan probably is using some third party program to apply it self and therefore you are not able to delete it. I thus recommend you to use the Safe Mode of Windows to scan your computer. Press F8 key when you restart your computer. The Safe Mode will disable any third party program which the Trojan may be using. Now scan your computer to delete the Trojan.
If the Trojan is not getting deleted I would prefer you to perform system restore. The reason being the this will restore your computer to a restore point where the Trojan was not present. Thus the computer settings will be restored. I had Trojan which would pop-up unwanted advertisements when I connected my Sony laptop to internet. The system restore solved the problem for me.
To protect your computer from any such threats in future you should always use Firewall. To turn the Windows Firewall on following settings are to made on Windows Vista:
- Go to the Windows Orb and click.
- Go to Control Panel.
- Select Security.
- Take your cursor to Turn Windows Firewall on or off and click on it.
- The On option is to be selected to turn the Windows Firewall On.
- Finally to apply the settings Click on OK.