|23 Dec 2012||#2|
| || |
This is to make the hidden files in your My Documents and on your hard drives reappear.
a) Go into Windows and ignore all messages and suggestions however dire they seem to be!
b) Click on the Start/Windows button (bottom left) and go to Run (you may have to type 'run' for this).
c) Type: http://download.bleepingcomputer.com/grinler/unhide.exe (if you are on another computer with a flash drive then you could save it onto the flash drive and run it on your infected machine from that).
2. To stop it redirecting your searches on the Internet:
a) Go into My Computer and right click the C: drive. Choose 'Properties'. Then click the 'Dis'k Cleanup' button.
b) Make sure that Temporary files and Temporary Internet files are selectd and click OK. This will remove the redirecting agent and you will be able to actually find places on the Internet again.
DO NOT RESTART YOUR COMPUTER DURING THESE PROCESSES
3. Cleaning up registry entries and trojan files:
a) Download SuperAntiSpyware SUPERAntiSpyware - Downloads
and choose the 'Free Edition' download button.
b) Run this and choose the quick scan option (otherwise it will demand that you purchase the product before removing anything). It was recommended to me that I do this in 'Safe Mode' but I am not sure it was worth the effort.
4. The most important bit! Remove the root partition inserted by the virus:
a) Click on the Start/Windows button (bottom left) and right click My Computer/Computer. Choose 'Manage' from the list. This will open an mmc window after a moment or two.
b) Click on 'Disk Management' - do take care here!
i) At the top you should find a list of the "Volumes" that have been created on your disk drives. Alureon will have created a small volume which will be the first or second one in the list - a few MB in size rather than the big GB volumes that your files and Windows are stored on. Check in the diagramatic display underneath to see which one is which. The C: volume will be the C: drive for Windows normally and needs to be left well alone.
ii) Select the small, unnamed volume and right click it. Choose 'Delete Volume'.
5. Finally, restart your computer and with any luck you will be free of the wretched thing! I would run a full scan with your anti-virus software as soon as you are back up and running to check it is clear.
Hope this helps.
|My System Specs|
|23 Dec 2012||#3|
| || |
Maxie thank you so much for your reply and in depth fix-it for my problem.
I did all you said and when I came to removing the small volume, Delete Volume, , a pop-up said "Windows cannot delete the active system partition on this disk"
Maybe after I reboot I can delete this small unnamed volume.
Sincerely, Dr Joe
|My System Specs|
|Similar help and support threads for2: Trojan severe active|
|Computer slowdown - not severe||Performance & Maintenance|
|Java severe issue on Seven||Software|
|Severe Graphics Issue||BSOD Help and Support|
|severe registry errors???||System Security|
|Severe eye fatigue||General Discussion|
|severe problem,need urgent help!!!||Hardware & Devices|