Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

how to remove auto.exe virus

Posted on 2008-11-02
8
Medium Priority
?
2,148 Views
Last Modified: 2013-11-22
I got a file auto.exe which includes a virus and each time trying to delete it not able, so please how to delete and remove that virus, I tried Mcfee 2009 but couldn't remove it. any suggestions?
0
Comment
Question by:ashrafsalah
  • 4
  • 3
7 Comments
 
LVL 12

Expert Comment

by:jazzIIIlove
ID: 22862736
let's try for it malware bytes after disabling system restore...

then malware bytes...then a hijackthis log...

if not successful, try for the process at safe mode...
0
 
LVL 2

Expert Comment

by:m3tech
ID: 22862810
If you know the name/location of the file you need to delete Pocket killbox does wonders. (download it here: http://oca.microsoft.com/en/windiag.asp) Try the different options involving delete on reboot and replace with dummy file.

In addition (or alternatively) download malwarebytes (http://www.malwarebytes.org/mbam.php - ignore the buy button it is free for our purposes), and run it. I would not recommend disabling system restore until after you have confirmed the virus is removed. Doing so will delete all system restore information and prevent you from using system restore to help remove the virus (or recover the system if removal causes problems or otherwise damages system files).

It is impossible for viruses to get out of system restore unless you perform a system restore. After the system is clean and stable, disable system restore, reboot, re-enable it, and manually create a system restore point. This will delete any traces of the virus in system restore and allow for future use of the system restore feature.
0
 
LVL 12

Expert Comment

by:jazzIIIlove
ID: 22862825
>>After the system is clean and stable, disable system restore, reboot, re-enable it, and manually >>create a system restore point.

On contrary, before everything applied disable the system restore...

Best regards...
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 12

Accepted Solution

by:
jazzIIIlove earned 150 total points
ID: 22862832
and send us a hijackthis log before the scan by malwarebytes and after the scan...Then have a scan with kaspersky...

hijackthis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Kaspersky:
http://www.kaspersky.com/virusscanner

Best regards...
0
 
LVL 2

Expert Comment

by:m3tech
ID: 22863148
We could debate on when to disable system restore for a while :p I have no use for system restore so disable it when starting to clean a system because it needs to be at some point anyway and it will speed scan times. However, I also know how to recover the operating system from nearly any corruption viri and their removal can cause. Not all end users have that experience to fall back on.

Either way, skip the McAffee scan, and use the online virus scanner mentioned above. I would also suggest a second online scan, such as Eset's (NOD32 antivirus) - www.eset.com/onlinescan.

If you have problems with these online scans let us know and I'll find the links to the standalone version of NOD32 and others.

0
 
LVL 12

Expert Comment

by:jazzIIIlove
ID: 22863279
Hi there;

>>We could debate on when to disable system restore for a while :p I have no use for system restore >>so disable it when starting to clean a system because it needs to be at some point anyway and it will >>speed scan times.

Ok, let's debate...Suppose one has scanned and fix the problems and THEN disable the restore...But what if the virus keeps active even in system restore and copy himself to directory during the scanning progress that the AV has passed scanning that directory...So, after disabling will ease the solution...Definitely not, because, the virus/trojan has copied himself alreadily...When you search for any reputable AV solution, you can see their warning to disable the system restore first...

An old scanner and reputable one: Norman

http://www.norman.com/Virus/Articles/Articles_previous_years/25782/en

best regards...
0
 
LVL 2

Expert Comment

by:m3tech
ID: 22863405
Files located in system restore do not execute, nor have the ability to move themselves out of the  operating system protected system restore folder. AV software will successfully scan all areas of the OS that may contain active (or potentially active) code. As long as the user (or some automated routine that would be caught by AV software) does not actually perform a system restore there is absolutely no way for any virus to 'hide' in system restore and subsequently escape.

I don't doubt that 'reputable' viris removal instructions suggest turning it off first (again it decreases scan times). However, I know of several reputable viri removal instructions that make the same statement I did..it's safe to leave it on during cleaning in case you need it.

I work for a break-fix computer repair and consulting firm and have seen many hundred infected systems, trust me on this one - there is absolutely no danger in leaving system restore on during viri removal. However, if any virus is detected it is absolutely vital to toggle system restore off and reboot the computer before re-enabling it. This will prevent some unexpecting user from doing a system restore and restoring a virus (once again the only way it will ever get out of system restore).
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question