How to detect and eliminate updated Alureon or TDSS rootkit on 64-bit system?

Not only 32-bit Windows PC systems, but 64-bit systems as well, can be easily infected now by a newly improved TDSS rootkit. Being called in many other ways – Alureon, or TDL, TLD3 and Tidserv – this rootkit is the first which was designed to be capable enough to infect 64-bit machines running Windows Vista or Windows XP and cause this blue screen window.
As we know, most of security applications have been already updated to catch this infection. However, it is normal that you would like to know that this rootkit has not been installed on your machine.

After Alureon rootkit infiltrates system, those who have Windows XP should immediately notice infiltration because computer simply fails to boot. However, if you have Windows Vista, it won’t be so easy. So, you should follow these two optional guides:

1) Open a COMMAND PROMPT with Windows-R: Write cmd and press enter.

Open DISKPART: In a new line window write a command diskpart.

In a new prompt enter lis dis. Your computer is infected with rootkit Alureon if it remains empty. If the disks display, it is not.

2) From the Computer Management pane, launch DISK MANAGEMENT.

Everything is fine if it shows disks. If it does not show disks, it means the system is infected with this rootkit.

If you find yourself being infected by this rootkit, use TDSSKiller.exe which supports 32-bit and 64-bit operation systems. You can download it from here.

Articles