ashrafsalah
asked on
how to remove auto.exe virus
I got a file auto.exe which includes a virus and each time trying to delete it not able, so please how to delete and remove that virus, I tried Mcfee 2009 but couldn't remove it. any suggestions?
If you know the name/location of the file you need to delete Pocket killbox does wonders. (download it here: http://oca.microsoft.com/en/windiag.asp) Try the different options involving delete on reboot and replace with dummy file.
In addition (or alternatively) download malwarebytes (http://www.malwarebytes.org/mbam.php - ignore the buy button it is free for our purposes), and run it. I would not recommend disabling system restore until after you have confirmed the virus is removed. Doing so will delete all system restore information and prevent you from using system restore to help remove the virus (or recover the system if removal causes problems or otherwise damages system files).
It is impossible for viruses to get out of system restore unless you perform a system restore. After the system is clean and stable, disable system restore, reboot, re-enable it, and manually create a system restore point. This will delete any traces of the virus in system restore and allow for future use of the system restore feature.
In addition (or alternatively) download malwarebytes (http://www.malwarebytes.org/mbam.php - ignore the buy button it is free for our purposes), and run it. I would not recommend disabling system restore until after you have confirmed the virus is removed. Doing so will delete all system restore information and prevent you from using system restore to help remove the virus (or recover the system if removal causes problems or otherwise damages system files).
It is impossible for viruses to get out of system restore unless you perform a system restore. After the system is clean and stable, disable system restore, reboot, re-enable it, and manually create a system restore point. This will delete any traces of the virus in system restore and allow for future use of the system restore feature.
>>After the system is clean and stable, disable system restore, reboot, re-enable it, and manually >>create a system restore point.
On contrary, before everything applied disable the system restore...
Best regards...
On contrary, before everything applied disable the system restore...
Best regards...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
We could debate on when to disable system restore for a while :p I have no use for system restore so disable it when starting to clean a system because it needs to be at some point anyway and it will speed scan times. However, I also know how to recover the operating system from nearly any corruption viri and their removal can cause. Not all end users have that experience to fall back on.
Either way, skip the McAffee scan, and use the online virus scanner mentioned above. I would also suggest a second online scan, such as Eset's (NOD32 antivirus) - www.eset.com/onlinescan.
If you have problems with these online scans let us know and I'll find the links to the standalone version of NOD32 and others.
Either way, skip the McAffee scan, and use the online virus scanner mentioned above. I would also suggest a second online scan, such as Eset's (NOD32 antivirus) - www.eset.com/onlinescan.
If you have problems with these online scans let us know and I'll find the links to the standalone version of NOD32 and others.
Hi there;
>>We could debate on when to disable system restore for a while :p I have no use for system restore >>so disable it when starting to clean a system because it needs to be at some point anyway and it will >>speed scan times.
Ok, let's debate...Suppose one has scanned and fix the problems and THEN disable the restore...But what if the virus keeps active even in system restore and copy himself to directory during the scanning progress that the AV has passed scanning that directory...So, after disabling will ease the solution...Definitely not, because, the virus/trojan has copied himself alreadily...When you search for any reputable AV solution, you can see their warning to disable the system restore first...
An old scanner and reputable one: Norman
http://www.norman.com/Virus/Articles/Articles_previous_years/25782/en
best regards...
>>We could debate on when to disable system restore for a while :p I have no use for system restore >>so disable it when starting to clean a system because it needs to be at some point anyway and it will >>speed scan times.
Ok, let's debate...Suppose one has scanned and fix the problems and THEN disable the restore...But what if the virus keeps active even in system restore and copy himself to directory during the scanning progress that the AV has passed scanning that directory...So, after disabling will ease the solution...Definitely not, because, the virus/trojan has copied himself alreadily...When you search for any reputable AV solution, you can see their warning to disable the system restore first...
An old scanner and reputable one: Norman
http://www.norman.com/Virus/Articles/Articles_previous_years/25782/en
best regards...
Files located in system restore do not execute, nor have the ability to move themselves out of the operating system protected system restore folder. AV software will successfully scan all areas of the OS that may contain active (or potentially active) code. As long as the user (or some automated routine that would be caught by AV software) does not actually perform a system restore there is absolutely no way for any virus to 'hide' in system restore and subsequently escape.
I don't doubt that 'reputable' viris removal instructions suggest turning it off first (again it decreases scan times). However, I know of several reputable viri removal instructions that make the same statement I did..it's safe to leave it on during cleaning in case you need it.
I work for a break-fix computer repair and consulting firm and have seen many hundred infected systems, trust me on this one - there is absolutely no danger in leaving system restore on during viri removal. However, if any virus is detected it is absolutely vital to toggle system restore off and reboot the computer before re-enabling it. This will prevent some unexpecting user from doing a system restore and restoring a virus (once again the only way it will ever get out of system restore).
I don't doubt that 'reputable' viris removal instructions suggest turning it off first (again it decreases scan times). However, I know of several reputable viri removal instructions that make the same statement I did..it's safe to leave it on during cleaning in case you need it.
I work for a break-fix computer repair and consulting firm and have seen many hundred infected systems, trust me on this one - there is absolutely no danger in leaving system restore on during viri removal. However, if any virus is detected it is absolutely vital to toggle system restore off and reboot the computer before re-enabling it. This will prevent some unexpecting user from doing a system restore and restoring a virus (once again the only way it will ever get out of system restore).
then malware bytes...then a hijackthis log...
if not successful, try for the process at safe mode...