Avast finds Alureon-FZ over & over.

May 12, 2011 at 16:15:33
Specs: Windows XP
Avast finds Alureon-FZ over & over. Run Windows in Safe Mode ( F8 while booting ) then run Avast and delete the infection. Replace the file with a copy from another computer. Reboot, it should be gone. My file was C:\windows\system32\drivers\rasacd.sys
Bob Crownover

See More: Avast finds Alureon-FZ over & over.

May 12, 2011 at 19:38:27

Well, that has to be one easy removal of Alureon!! It is normally a pain.

Are you absolutely sure it is gone?

If you have any doubts, and I would, download TDSSKiller from the following link:
Save it to the Desktop.

Once the file is on the Desktop, right-click on the TDSSKiller.exe icon and select: Rename.
Name it a random name with a .com extension. For example: jaws.com

Before you run TDSSKiller, be aware that Anti-virus and Anti-malware programs may prevent the tools we need to use from fixing an infected system. Please disable (temporarily) any Anti-virus and Anti-malware programs you have running, or, permit them to allow changes when prompted.

Now, double-click on the renamed file to launch it. If you receive a warning from Publisher: Kaspersky Lab asking if you want to run the file, click on the Run button to allow TDSSKiller to run.

When TDSSKiller starts, it displays the welcome screen.
Click on the Start Scan button.

When the scan finishes it displays a results screen stating whether or not the infection was found on your computer.

To remove the infection, click on the Continue button. If it does not say Cure on the results screen, leave it at the default action of Skip, and press the Continue button. Do not change to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.

If TDSSKiller requires a reboot to finish the cleaning process, click on: Reboot Now

When TDSSKiller finishes cleaning the infection, a report stating whether or not it was successful is shown.

A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller. is created and saved to the root directory (usually Local Disk C:).

Also, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:

Double-click mbam-setup.exe and follow the prompts to install the program. (For Vista/Windows 7, select: Run as Administrator)

Run Malwarfebytes’ AntiMalware and update the program.
Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

>>Please post the TDSSKiller and the Malwarebytes logs in your reply so we can see if Alureon is gone.<<

Report •

May 13, 2011 at 09:08:32
Yes, I'm sure it's gone. No more Generic Host Process errors. No more redirects. No more trying to go to bad web pages.
73 W3TFI

Report •
Related Solutions

Ask Question