Solved

how to remove auto.exe virus

Posted on 2008-11-02
8
2,134 Views
Last Modified: 2013-11-22
I got a file auto.exe which includes a virus and each time trying to delete it not able, so please how to delete and remove that virus, I tried Mcfee 2009 but couldn't remove it. any suggestions?
0
Comment
Question by:ashrafsalah
  • 4
  • 3
8 Comments
 
LVL 12

Expert Comment

by:jazzIIIlove
ID: 22862736
let's try for it malware bytes after disabling system restore...

then malware bytes...then a hijackthis log...

if not successful, try for the process at safe mode...
0
 
LVL 2

Expert Comment

by:m3tech
ID: 22862810
If you know the name/location of the file you need to delete Pocket killbox does wonders. (download it here: http://oca.microsoft.com/en/windiag.asp) Try the different options involving delete on reboot and replace with dummy file.

In addition (or alternatively) download malwarebytes (http://www.malwarebytes.org/mbam.php - ignore the buy button it is free for our purposes), and run it. I would not recommend disabling system restore until after you have confirmed the virus is removed. Doing so will delete all system restore information and prevent you from using system restore to help remove the virus (or recover the system if removal causes problems or otherwise damages system files).

It is impossible for viruses to get out of system restore unless you perform a system restore. After the system is clean and stable, disable system restore, reboot, re-enable it, and manually create a system restore point. This will delete any traces of the virus in system restore and allow for future use of the system restore feature.
0
 
LVL 12

Expert Comment

by:jazzIIIlove
ID: 22862825
>>After the system is clean and stable, disable system restore, reboot, re-enable it, and manually >>create a system restore point.

On contrary, before everything applied disable the system restore...

Best regards...
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 12

Accepted Solution

by:
jazzIIIlove earned 50 total points
ID: 22862832
and send us a hijackthis log before the scan by malwarebytes and after the scan...Then have a scan with kaspersky...

hijackthis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Kaspersky:
http://www.kaspersky.com/virusscanner

Best regards...
0
 
LVL 2

Expert Comment

by:m3tech
ID: 22863148
We could debate on when to disable system restore for a while :p I have no use for system restore so disable it when starting to clean a system because it needs to be at some point anyway and it will speed scan times. However, I also know how to recover the operating system from nearly any corruption viri and their removal can cause. Not all end users have that experience to fall back on.

Either way, skip the McAffee scan, and use the online virus scanner mentioned above. I would also suggest a second online scan, such as Eset's (NOD32 antivirus) - www.eset.com/onlinescan.

If you have problems with these online scans let us know and I'll find the links to the standalone version of NOD32 and others.

0
 
LVL 12

Expert Comment

by:jazzIIIlove
ID: 22863279
Hi there;

>>We could debate on when to disable system restore for a while :p I have no use for system restore >>so disable it when starting to clean a system because it needs to be at some point anyway and it will >>speed scan times.

Ok, let's debate...Suppose one has scanned and fix the problems and THEN disable the restore...But what if the virus keeps active even in system restore and copy himself to directory during the scanning progress that the AV has passed scanning that directory...So, after disabling will ease the solution...Definitely not, because, the virus/trojan has copied himself alreadily...When you search for any reputable AV solution, you can see their warning to disable the system restore first...

An old scanner and reputable one: Norman

http://www.norman.com/Virus/Articles/Articles_previous_years/25782/en

best regards...
0
 
LVL 2

Expert Comment

by:m3tech
ID: 22863405
Files located in system restore do not execute, nor have the ability to move themselves out of the  operating system protected system restore folder. AV software will successfully scan all areas of the OS that may contain active (or potentially active) code. As long as the user (or some automated routine that would be caught by AV software) does not actually perform a system restore there is absolutely no way for any virus to 'hide' in system restore and subsequently escape.

I don't doubt that 'reputable' viris removal instructions suggest turning it off first (again it decreases scan times). However, I know of several reputable viri removal instructions that make the same statement I did..it's safe to leave it on during cleaning in case you need it.

I work for a break-fix computer repair and consulting firm and have seen many hundred infected systems, trust me on this one - there is absolutely no danger in leaving system restore on during viri removal. However, if any virus is detected it is absolutely vital to toggle system restore off and reboot the computer before re-enabling it. This will prevent some unexpecting user from doing a system restore and restoring a virus (once again the only way it will ever get out of system restore).
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now