Author Topic: win32: Alureon-FZ  (Read 15111 times)

0 Members and 1 Guest are viewing this topic.

Offline homedog

  • Jr. Member
  • **
  • Posts: 40
win32: Alureon-FZ
« on: April 24, 2011, 10:20:58 PM »
avast5\arpot\883a92-1030-0.dat is infected by win32:Alureon-FZ

My internet browser started redirecting to mevio.com regardless of what I was trying to search for.  I deleted all temp files/history/etc, ran CCleaner and Advanced System Care.  I ran a Avast Quick Scan and found the virus.  It prompted me to perform a boot scan and that is where I am right now.  The boot scan found the virus above and I deleted it. 

Why doesn't Avast prevent this virus from gettng to the computer?

Anything else I need to do?

Thanks in advance for the replies.

Offline essexboy

  • Malware removal instructor
  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 40631
  • Dragons by Sasha
    • Malware fixes
Re: win32: Alureon-FZ
« Reply #1 on: April 24, 2011, 10:51:14 PM »
Could you upload that from the virus chest to Avast please as I think they will be very interested in getting it

Offline homedog

  • Jr. Member
  • **
  • Posts: 40
Re: win32: Alureon-FZ
« Reply #2 on: April 24, 2011, 11:00:59 PM »
Boot scan still running.  Will see what is in the chest when it finishes.  I selected Delete though so I'm not sure what is there.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36618
Re: win32: Alureon-FZ
« Reply #3 on: April 24, 2011, 11:06:31 PM »
if it is there, this is how

Submitting files from the Virus Chest to avast! Virus Lab
https://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=501&nav=0,1,22#idt_07

Offline homedog

  • Jr. Member
  • **
  • Posts: 40
Re: win32: Alureon-FZ
« Reply #4 on: April 25, 2011, 02:24:59 AM »
Not in the chest.

Online DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83009
  • No support PMs thanks
Re: win32: Alureon-FZ
« Reply #5 on: April 25, 2011, 03:16:26 AM »
Add it to the chest manually, open the chest and right click in it and select add. From the navigation window pop-up, navigate to the avast5\arpot\883a92-1030-0.dat file and add it.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.2.2401 (build 20.2.5130.570) UI-1.0.505/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline homedog

  • Jr. Member
  • **
  • Posts: 40
Re: win32: Alureon-FZ
« Reply #6 on: April 25, 2011, 03:28:14 AM »
Can't find the file.

Offline Ashish Singh

  • Poster
  • *
  • Posts: 437
  • Proud to be an Indian
    • Quick Heal
Re: win32: Alureon-FZ
« Reply #7 on: April 25, 2011, 04:44:36 AM »
Quote
found the virus above and I deleted it.

How can you find the virus then  ???
Windows 7 Ultimate(32 bit), avast! free (always latest released or beta), Intel Core2Duo, 2GB RAM, Outpost Firewall Pro 7.5,IE 9,TuneUp Utilities 2011,Diskeeper 2011

http://www.incredibleindia.org 

Caution! Online world is full of man made Aliens

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36618
Re: win32: Alureon-FZ
« Reply #8 on: April 25, 2011, 09:02:27 AM »
Quote
found the virus above and I deleted it.

How can you find the virus then  ???

Quote
The boot scan found the virus above and I deleted it.

Offline Ashish Singh

  • Poster
  • *
  • Posts: 437
  • Proud to be an Indian
    • Quick Heal
Re: win32: Alureon-FZ
« Reply #9 on: April 25, 2011, 10:37:28 AM »
Quote
found the virus above and I deleted it.

How can you find the virus then  ???

Quote
The boot scan found the virus above and I deleted it.

Thats what I am telling... Boot scan found a virus and he chose to delete it then how could he find it.. ???
Windows 7 Ultimate(32 bit), avast! free (always latest released or beta), Intel Core2Duo, 2GB RAM, Outpost Firewall Pro 7.5,IE 9,TuneUp Utilities 2011,Diskeeper 2011

http://www.incredibleindia.org 

Caution! Online world is full of man made Aliens

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5203
Re: win32: Alureon-FZ
« Reply #10 on: April 25, 2011, 10:47:17 AM »
Boot scan found a virus and he chose to delete it then how could he find it???
It's gone now.  If the action under Settings for the boot scan was set to "ask" or "move to virus chest" then you could see it and perhaps do something with it.  But once it is deleted...it's gone.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline homedog

  • Jr. Member
  • **
  • Posts: 40
Re: win32: Alureon-FZ
« Reply #11 on: April 26, 2011, 03:06:00 AM »
Just lost a big post because it said the attached file size was too large and not going to write it all again  >:(

Long story short, after deleting the Alureon problem yesterday and thinking I had my problem solved, my overnight scan found another problem (ftdisk.sys, Rootkit: Threat: system mofication) I ran another boot-time scan that found the Alureon again (infected a different file) and a Malware-gen problem.

I moved both files to the chest this time if someone can tell me how and where to send them.

I also have screen shots in a word file I can send of the scan logs.  File is only 664kb but too big to attach here.

Offline homedog

  • Jr. Member
  • **
  • Posts: 40
Re: win32: Alureon-FZ
« Reply #12 on: April 26, 2011, 03:25:13 AM »
Why isn't Avast catching these things coming in and blocking them?

Offline homedog

  • Jr. Member
  • **
  • Posts: 40
Re: win32: Alureon-FZ
« Reply #13 on: April 26, 2011, 03:38:30 AM »
if it is there, this is how

Submitting files from the Virus Chest to avast! Virus Lab
https://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=501&nav=0,1,22#idt_07

I submitted both files as directed in the link.  Thanks.

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5203
Re: win32: Alureon-FZ
« Reply #14 on: April 26, 2011, 10:07:40 AM »
I moved both files to the chest this time if someone can tell me how and where to send them.
You did it correctly with the posted link.  It will be uploaded with the next virus definitions update.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.