Results 1 to 6 of 6

Thread: Infected by Win32:Alureon-EU

  1. #1
    Join Date
    Jul 2009
    Posts
    77

    Infected by Win32:Alureon-EU

    Hey friends i need some help, i am facing a virus problem and want solution to get rid from this virus. On my system i am running Windows XP SP2 OS. The anti-virus which i am using is AVAST Home edition. My antivirus has been detecting this Win32:Alureon-EU virus which was found on my C:\WINDOWS\system32\drivers\atapi.sys.... I tried to remove this virus various from my system by using several anti malware/virus/spyware but none of the tool can find this virus. The warnings which i am getting from over 30 times and it's really frustrating. I keep on deleting this virus but the same message reappears. Sometimes i do a restart of my system, but it stops on the black screen with options such as ''Start Windows in Safe Mode'', etc. The only thing which works for me is when i choose the ''Last Known Good Configuration''... Please help me.

  2. #2
    Join Date
    May 2008
    Posts
    2,945

    Re: Infected by Win32:Alureon-EU

    I think that you are having false message of detection by your antivirus. The Atapi.sys which is legitimate driver and the path defined by you defines the right location of Atapi.sys. You can do double-check to check that it is not infected by rootkit or by any malware. I think the virus did not do the infection that you are facing, but to see a black screen is not an critical problem it is normal to see if atapi.sys or any important drivers of Windows has been removed. I wolud like to suggest you that you should restore the system file from your antivirus chest after updating your antivirus.

  3. #3
    Join Date
    May 2008
    Posts
    3,516

    Re: Infected by Win32:Alureon-EU

    The following necessary steps are applied to remove Win32:Alureon virus and it is quite simpler. This was found through trial and error. Do a fresh installation of avast home edition trial version. Let the antivirus continue with its heuristic scan. I was not able to see such kind of option to do this; it just started running itself. The antivirus found the virus's drivers in the windows/system32 directory and it wanted to do a boot-time scan. After rebooting the PC, it found that all the files which were associated with the virus and they were removed. Problem was solved and no more infection was found in my system.

  4. #4
    Join Date
    Jan 2006
    Posts
    4,221

    Re: Infected by Win32:Alureon-EU

    I have a good suggestion for you, there would be a chance for your atapi.sys which has been patched but like most of the malwares they have dirivatives and variants. There is one easy way by which you can find out that you have a patched Atapi.sys which has to run on the latest GMER Anti-RootKit. When you'll open GMER it will run a quick fast scan. If you are able to find any entries like \DEVICEHARDDISK\Atapi or Atapi.sys "suspicious modification", then i think you are having this problem by a rootkit.

  5. #5
    Join Date
    Feb 2008
    Posts
    2,635

    Re: Infected by Win32:Alureon-EU

    Hi,
    I wonder that you are not using Multiple Anti-virus Programs. If you are using multiple Anti-virus programs in your computer which runs in memory. Anti-virus programs they take up large amount of computer resources when they scan your computer. I you run two anti-virus programs running at the same time can effect your computer to run very slow, unstable and also in rare cases, crash. If you are using two antivirus my suggestion would be to remove one of them. To remove the program you can go to Control Panel where you will find Add/Remove Programs from there you can remove the program. I will request you to download combofix.

    Save the ComboFix.exe file to the Desktop:

    Disable all your antiVirus and antispyware programs, you can do it by doing right click on the System Tray icon. After that right-click on ComboFix.exe there choose Run as Administrator & follow the following prompts. After finishing all the steps, it shall produce a log file. Please include the log files content of C:\ComboFix.txt in your next reply.

  6. #6
    Join Date
    Apr 2008
    Posts
    3,339

    Re: Infected by Win32:Alureon-EU

    I also came through this kind of virus but was able to solve it. Its unbelievable that most of the antivirus do not pick up any malware. There is a only way which i found and that the labiyvl which was a virus, i submited it to virus total by going online and on their site the scanners were able to pick it up as a virus. For this i had to use a program which is called a-squared and finally it was able to detect the stuff. There is a only problem that the scanner a while to scan. So try it to solve your problem.

Similar Threads

  1. Win32/Alureon.gen
    By elander in forum Windows Security
    Replies: 3
    Last Post: 03-11-2010, 10:25 AM
  2. Virus:Win32\Alureon.H Code=0x80501001
    By pent-x in forum Networking & Security
    Replies: 4
    Last Post: 28-10-2010, 05:46 PM
  3. Not able to remove win32/Alureon.H
    By Calebs in forum Networking & Security
    Replies: 4
    Last Post: 18-07-2010, 05:10 AM
  4. Information about Win32/Alureon family.
    By Sandy22 in forum Networking & Security
    Replies: 5
    Last Post: 27-11-2009, 03:22 AM
  5. Trojan: Win32/Alureon.CT on Dell Studio
    By KAMANA in forum Networking & Security
    Replies: 6
    Last Post: 27-11-2009, 12:18 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,713,436,462.72236 seconds with 17 queries