Can you open the autorun.inf in an editor? I wonder what the content ist. But by it's small size of 1KB it's probably not much...
Hi pato..thank you for your responds.
In the .inf view from Notepad, there is this autorun.exe in there.
I have just attached the screen grab on my post.
Below list was detected by Symantec too..
Filename Virus Name Autorun.exe Packed.Generic.307
This autorun. exe troubles me.
Open the autorun.inf file in a notepad.....delete all the content in the notepad.....save the changes.....close the file and shift+delete it.
Once you done this restart the machine.......you wont face this problem again.
I don't think, you will be able to delete/modify the contents of Autorun.inf because it will be locked by some other Malicious process.
Rather than this, I will suggest you to submit it (Autorun.inf) and exe in it.
From the snap, I see that the file 'Autorunme.exe' in it when opened with Notepad.
Please submit both the file (Autorun.inf and Autorunme.exe) to McAfee labs.
Use "Safe Mode"
First, Disable "system restore".
Then Restart your computer, Press F8.
One your in the BOOT menu, Choose "safemode"
Then Manually Run McAfee complete virus scan
*Note: if your Mcafee doen't appear in you tray, then go to "Start" Menu and open your Mcafee application.
When you complete those steps above, restart again in "Normal Mode"
Try it. good luck
You may also delete the suspicious folder or file manualy by following those steps above.
Hi all, thank you for your reply.
Yes, indeed I am unable to delete the file nor change the content in the notepad follow by saving the file.
Problem is be it in SAFE mode or Normal mode, I can't find this autorun.inf file? It is only when I plug in a removeable drive (formatted clean) these two files appears shortly after (couple of seconds).
I will try to run McAfee in Safemode to see if it can detect.
Try it first.
If it still fails then u might have to use another method. I will tell you how if this one fails.
I am unble to boot up on any of the SAFE MODE options. I get the blue screen with messages asking me to check for virus or do a CHKDSK.
I did a CHKDSK on normal mode, seems ok.
But no way I can get into any SAFE MODE to perform the scan.
There are 2 reasons to make your pc vulnerable:
1. You are using a profile that given an "administrator credidentials"
It means YOU as the USER or the VIRUS/UNWANTED APPLICATION, could make any changes
to the computer. such as: creating registry entries, install new programs, create system startup list, or any
permission that's given to an administrator's account.
*In this case, the antivirus program wont be able to identify the Virus or its running processes,
because the Virus would pretend to be the "current user". The virus wont install anything NEW,
but it will UNPACK the files from it's CACHE DIRECTORY.
It will run a very common thing; "THE BATCH" (.bat file)
2. By letting your computer idle+online, then it will be easy for the Virus to start it's work/tasks.
Now the easiest way to fix this problem:
Go to your control panel, select user accounts, then create a new limited user with password.
Then restart your computer and login to you new limited-user account, the Virus wont be able to do anything on this Limited account because The User itself not given much permissions. If the Virus try to do anything drastically then the antivirus program will stop it.
Then after 5 or 6 days you can try to login to the infected account and run the full system scan again.
Do it.. i had this problem before, and now my pc works smooth after following those steps above..
Relax, take time to do it... NOTHING IS IMPOSSIBLE
Ask me again if you dont understand..