[faithandmel]

Been trying to solve a virus problem on my own since 12/20/09 & finally got help from your Malware Removal Forum. Was running a fix suggested by Rorschack112 when an Avast warning popped up with:

File: C:\windows\system32\drivers\atapi.sys
malware name: win32:Alureon-EU

Waited till the fix was done & then took the Avast recommendation to move the virus to the vault/chest. Apparently I shouldn't have done that - I just got so excited to finally find something! Now, I can't reboot. None of the options will work. Rorschack112 said to come to this forum to get help & then go back to the malware site. Thank you for any help you can give me. Faith.

[Advertisements]

Please read this Malwarebytes site on the problem.

http://www.iishacks....alse-positives/

Beyond this someone from the malwarebytes forum tried this successfully.

1) I made an Ultimate Boot CD for Windows. You will find downloads and instructions here:

http://www.ubcd4win.com/howto.htm

You'll need a Windows CD and the package you download from the UBCD4Win website. If you have a laptop (or a friend's computer), you can do this easily. It was a very smooth process.

2) I started my poor desktop computer and went into BIOS by pressing DEL immediately. I then changed the boot order of the machine so that the DVD/CDROM is the first boot device.

3) I restarted the machine with the UBCD in the drive. This takes some time, but eventually, you will have a Windows OS running entirely from the CD. This will allow you access to your hard drive(s) and other media, like a USB drive.

4) I navigated to the MalwareBytes log files folder, C:\Documents and Settings\*your user name*\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs, and opened the most recent log file using the UBCD text editor. This contained a list of the registry keys deleted.

5) On my laptop, I opened RegEdit by clicking Start>Run and typing regedit. I navigated to the \atapi keys that had been deleted on my desktop. I right clicked on each key and chose "Export," then gave each exported file a descriptive name like "currentcontrolset". Regedit will save these keys and their subvalues as ".reg" files.

6) I put these files on a jumpdrive and plugged it into my desktop. UBCD's OS had no problem reading the drive. From there, in the UBCD OS, I chose Start>Program Files>Registry Editors>Regedit (remote). I was prompted to select from the User names on my system; I chose Administrator. This opened up a Regedit window.

7) I confirmed that the \atapi keys were, in fact, missing. Then, using Regedit's File>Import feature, I imported each of the .reg files on the jumpdrive.

8) I closed the programs and restarted and it started up normally.

I personally do not know if this will work but i put it here because it is from a good info forum.

SRX660

[SRX660]

Please read this Malwarebytes site on the problem.

http://www.iishacks....alse-positives/

Beyond this someone from the malwarebytes forum tried this successfully.

1) I made an Ultimate Boot CD for Windows. You will find downloads and instructions here:

http://www.ubcd4win.com/howto.htm

You'll need a Windows CD and the package you download from the UBCD4Win website. If you have a laptop (or a friend's computer), you can do this easily. It was a very smooth process.

2) I started my poor desktop computer and went into BIOS by pressing DEL immediately. I then changed the boot order of the machine so that the DVD/CDROM is the first boot device.

3) I restarted the machine with the UBCD in the drive. This takes some time, but eventually, you will have a Windows OS running entirely from the CD. This will allow you access to your hard drive(s) and other media, like a USB drive.

4) I navigated to the MalwareBytes log files folder, C:\Documents and Settings\*your user name*\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs, and opened the most recent log file using the UBCD text editor. This contained a list of the registry keys deleted.

5) On my laptop, I opened RegEdit by clicking Start>Run and typing regedit. I navigated to the \atapi keys that had been deleted on my desktop. I right clicked on each key and chose "Export," then gave each exported file a descriptive name like "currentcontrolset". Regedit will save these keys and their subvalues as ".reg" files.

6) I put these files on a jumpdrive and plugged it into my desktop. UBCD's OS had no problem reading the drive. From there, in the UBCD OS, I chose Start>Program Files>Registry Editors>Regedit (remote). I was prompted to select from the User names on my system; I chose Administrator. This opened up a Regedit window.

7) I confirmed that the \atapi keys were, in fact, missing. Then, using Regedit's File>Import feature, I imported each of the .reg files on the jumpdrive.

8) I closed the programs and restarted and it started up normally.

I personally do not know if this will work but i put it here because it is from a good info forum.

SRX660