I can't remove trojan:DOS/Alureon.A- it's being quarantined,help!!

I'm trying to remove completely from my computer this trojan called 'DOS/Alureon.A' that MSE is detecting only each time I click remove they is an error, code 0x80070032 and instead the trojan is quarantined and I'm asked to restart my computer for complete clean-up. Even after restarting the trojan is still quarantined and not removed . I suspect this trojan to be responsible for the redirecting of my searches on goggle  but I'm not sure.

What should I do? I will be very grateful of some assistance and info.
 

Question Info


Last updated May 16, 2018 Views 10,704 Applies to:
Answer
Answer

Hi Asalma,

 

First, try the following programs if you haven't as they should do the trick: I recommend you download, install, update, and run full scans with Malwarebytes:http://www.malwarebytes.org/ and SuperAntiSpyware:http://superantispyware.com/ and then run a full Security Scan from Microsoft:http://www.microsoft.com/security/default.aspx.

 

If that doesn't work, try the somewhat manual (but mostly using a different program) methods suggested here:http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller.

 

But in truth, doing it yourself isn't entirely certain, so to be safe and sure, I recommend the following (especially if it is showing they are being allowed):

 

Please follow these recommendations compliments of JimR1 - MVP:

 

Start here - https://support.microsoftsecurityessentials.com/ and select the link that says - I think my computer is infected - and then select the support option for phone, chat or email (options will vary by Region).

 

If you are in North America, you can call 866-727-2338 for free help from Microsoft for virus and spyware infections.

 

If that doesn't work or they can't help, try one of the following malware-removal forums compliments of PA Bear - MVP:

 

I can recommend the expert assistance offered in these forums:http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,http://www.spywarewarrior.com/viewforum.php?f=5,http://www.dslreports.com/forum/cleanup,http://www.bluetack.co.uk/forums/index.php, andhttp://aumha.net/viewforum.php?f=30

 

I hope this helps.

 

Good luck!

MVP(7/2012-6/2015),MCSE,MCSA,MCC2011,xCMM,xCAM,A+,Net+,Security Expert, xInfluencer. See Profile.

W10Prox64 Fast 16299rs3; Ofc Insider 1710/8613.1000; Edge,IE11,Chrome.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Answer
Answer

Asalma follow Kosh's suggestions first.

Kosh, sorry, guess we were posting at the same time.

 

Have you tried removal in Safe mode (on reboot tap on F8 key and with the arrow key select the mode and then hit enter) Check you LAN settings  by going to Control Panel>Internet Options>Connections tab and then hit the LAN settings button. Ensure that the box next to "Use a proxy server for your LAN"  is not checked then click OK and OK. Clean Temporay Internet files in Internet Options>General tab Browsing History.

Also, consider downloading TDSSKiller and/or HitmanPro (free trial version)

TDSSKIller

http://support.kaspersky.com/viruses/solutions?qid=208280684

HitmanPro

http://www.surfright.nl/en/downloads/

Note: TDSSKiller can be run in Safe mode, HitmanPro being a cloud scanner requires Safe mode with Networking.

If still experiencing redirects or other malware symptoms contact MSE Support.

 Start here - https://support.microsoftsecurityessentials.com/

and select the link that says - I think my computer is infected - and then select the support option for phone, chat or email (options will vary by Region)

If you are in North America, you can call 866-727-2338 for free help  from Microsoft for virus and spyware infections.

Hope this helps.

 

CET, MCC 2011

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.