How to remove Alureon rootkit on XP

How to remove Alureon rootkit on XP

xp logo.pngIf you’re a Windows XP user and have been having trouble installing the latest Microsoft security update, then it’s probably because you’re infected with the Alureon rootkit. As a result, Microsoft have stopped issuing the update to XP users infected with the rootkit because trying to apply it results in endless crashes for the user according to the BBC.

However, it’s very important that XP users install the security updates because the latest ones, released on 16 April, address some major security issues in the core kernal of Windows. That’s not to mention the fact that the Alureon rootkit steals private information such as user names, passwords and credit card numbers.

If you’re using an anti-virus package then you should be OK but if you’re unsure, or would rather be safe than sorry, then the good thing it’s easy to remove by performing a boot-scan using Avast! or by scanning your system using Microsoft’s Malicious Software Removal Tool.

If you’re one of the unlucky users who has experienced the security update trying to install and the rootkit is preventing your PC starting properly, then the best thing to do is perform a System Restore. To do this you’ll need to start in Safe Mode with Command Prompt and perform a System Restore which will roll-back your system to an earlier state which worked properly.

To do this:

1. Press the F8 key as Windows starts

2. Select Safe Mode with Command Prompt the arrow keys

3. At the command prompt type: %systemroot%\System32\restore\rstrui.exe

4. System Restore will now open and you can choose a restore point

Note that any files, folders or programs installed after the date of this restore point will be removed. When the restore is complete, you should then perform a boot scan with Avast! or run the Microsoft Malicious Software Removal Tool as mentioned earlier.

If the security update doesn’t apply automatically for any reason, you can find it here at the Microsoft Download Center.

Loading comments