Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trojan severe active


23 Dec 2012   #1

windows 7 home premium 64 bit
 
 
Trojan severe active

I have a Trojan: (Dos/Alur eon.A) Microsoft Security Essentials wants me to download, Windows Defender Offline for additional cleaning. The last time I did this my PC crashed. Any suggestions please?

My System SpecsSystem Spec
.

23 Dec 2012   #2

windows 7 home 64bit
 
 

This is to make the hidden files in your My Documents and on your hard drives reappear.
a) Go into Windows and ignore all messages and suggestions however dire they seem to be!
b) Click on the Start/Windows button (bottom left) and go to Run (you may have to type 'run' for this).
c) Type: http://download.bleepingcomputer.com/grinler/unhide.exe (if you are on another computer with a flash drive then you could save it onto the flash drive and run it on your infected machine from that).
2. To stop it redirecting your searches on the Internet:
a) Go into My Computer and right click the C: drive. Choose 'Properties'. Then click the 'Dis'k Cleanup' button.
b) Make sure that Temporary files and Temporary Internet files are selectd and click OK. This will remove the redirecting agent and you will be able to actually find places on the Internet again.
DO NOT RESTART YOUR COMPUTER DURING THESE PROCESSES
3. Cleaning up registry entries and trojan files:
a) Download SuperAntiSpyware SUPERAntiSpyware - Downloads
and choose the 'Free Edition' download button.
b) Run this and choose the quick scan option (otherwise it will demand that you purchase the product before removing anything). It was recommended to me that I do this in 'Safe Mode' but I am not sure it was worth the effort.
4. The most important bit! Remove the root partition inserted by the virus:
a) Click on the Start/Windows button (bottom left) and right click My Computer/Computer. Choose 'Manage' from the list. This will open an mmc window after a moment or two.
b) Click on 'Disk Management' - do take care here!
i) At the top you should find a list of the "Volumes" that have been created on your disk drives. Alureon will have created a small volume which will be the first or second one in the list - a few MB in size rather than the big GB volumes that your files and Windows are stored on. Check in the diagramatic display underneath to see which one is which. The C: volume will be the C: drive for Windows normally and needs to be left well alone.
ii) Select the small, unnamed volume and right click it. Choose 'Delete Volume'.
5. Finally, restart your computer and with any luck you will be free of the wretched thing! I would run a full scan with your anti-virus software as soon as you are back up and running to check it is clear.


Hope this helps.
My System SpecsSystem Spec
23 Dec 2012   #3

windows 7 home premium 64 bit
 
 

Maxie thank you so much for your reply and in depth fix-it for my problem.
I did all you said and when I came to removing the small volume, Delete Volume, , a pop-up said "Windows cannot delete the active system partition on this disk"
Maybe after I reboot I can delete this small unnamed volume.
Sincerely, Dr Joe
My System SpecsSystem Spec
.


Reply

 Trojan severe active




Thread Tools



Similar help and support threads for2: Trojan severe active
Thread Forum
Computer slowdown - not severe Performance & Maintenance
Java severe issue on Seven Software
Severe Graphics Issue BSOD Help and Support
Solved severe registry errors??? System Security
Severe eye fatigue General Discussion
severe problem,need urgent help!!! Hardware & Devices

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:23 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33