I’ve recently had a struggle trying to remove some viruses from a laptop. It was initially presenting with a pop-up advising that the security software was out of date and that it was necessary to purchase the latest version – all designed to look like an official Windows warning. I was able to remove this with Malwarebytes’ Anti-Malware, but Avast was still alerting about something trying to access a malicious URL.

After unsuccessfully scanning with various programs, I next tried using Radix Anti-Rootkit.

Radix Anti-Rootkit in action
Radix Anti-Rootkit in action

This gave warnings about several processes that had been ‘hooked’, including Windows Live Messenger and ATI’s Catalyst Control Center. I uninstalled these (assuming that they had been infected) which cleared the warnings after scanning again, but there were still warnings which Radix couldn’t fix.

I tried scans with various other programs, but the one that finally did the trick was actually Microsoft’s Malicious Software Removal Tool, which after downloading and running gave the information that the laptop was infected with Alureon, and that it had been partially removed. Whilst not completely clearing the problem, knowing the cause of it was very helpful.

I finally removed Alureon using Kasperky’s TDSSKiller. This tool performed a scan then removed Alureon completely.

Kaspersky's TDSSKiller
Kaspersky's TDSSKiller

After rebooting, the laptop was finally clear of viruses. All that remained was to update everything to the latest version to try and prevent future exploits. I believe the cause was a dodgy PDF file – the laptop only had Adobe Reader 7 installed, but I’ve now updated this to version 10/X. I’ve also updated Flash and Java. Since then everything has been running smoothly!

Leave a Reply

Your email address will not be published. Required fields are marked *