Although I’m no expert on Viruses etc. I too have suffered from one of these Autorun.Inf Trojans. The trojan will lock the device OPEN to protect itself – hence the reason you could not safely disconnect.
Note: You WILL have to copy & paste the internet links into your browser – no Direct Links !
<b>Firstly I recommend you lose Mcafee & install the trial version of ESET’s NOD32.</b>
THIS IS FREE FOR TRIAL PERIOD ( 30 days I think ).
<b>Update the Virus Deffs & then run a complete scan.</b>
IF you are able – use the following settings in the “On-Demand Scanner Setup”.
Scans SHOULD include :
ARCHIVES ( Zip / Rar files etc. )
SELF-EXTRACTING ARCHIVES ( .exe versions of above files )
Alternative NTFS Streams
Scanning Options :
Virus Signatures /
Advanced Heuristics x
( Only because this can produce FALSE POSITIVES )
Potentially Unwanted Apps /
Potentially Unsafe Apps x
( If you have any keygens etc. this option will show them as
“HACKTOOL VIRUSES” otherwise tick this option )
Now use the following settings in the “On-Demand Scanner Actions”
For EACH of the above SCANS you should
First attempt to CLEAN the file & if this fails – I recommend you RENAME the file. This will change an .Exe to .Vexe – thus preventing the file from ever activating. And because you have kept the file rather than deleting it – down the line a fix may be found to clean the virus & make the file useable again & then all you have to do is rename the extension from .Vexe back to .Exe !!!
<b>Secondly I recommend you Install COMODO Internet Security.</b>
THIS IS the complete software ( FIREWALL & or ANTI-VIRUS ) PERMANENTLY FREE – there is a £30 PRO option available BUT THE SOFTWARE IS EXACTLY THE SAME – you get backup support 24/7 on the PRO version !!!
This way you can safely uninstall NOD32 before trial end ! *** DO NOT RUN BOTH Anti-Virus Softwares at the same time –
A: it slows down your PC &
B: IF BOTH programs catch a Virus at the same time – THEY WILL BOTH LOCK IT – meaning NEITHER can delete it – coz it’s LOCKED OPEN by the other A/V !!! IF you want to run NOD32 until it expires – Disable the Anti-Virus in COMODO until you are ready to switch. BUT I recommend you don’t get to used to NOD32 & try to get used to COMODO ASAP instead !!!
I reckon COMODO is easily as good as the paid-for rivals like Norton etc. BUT it’s 100% FREE FOREVER ! OK – it’s not great to look at BUT how often do you need to look at it ? So long as it does the job WELL !!!
<b>As Before – Update the Virus Deffs & then run a complete scan.</b>
This scan WILL FIND ANY keygens etc. you may have & show them as different types of threat. So long as you are SURE they are safe – these files can be EXCLUDED from scan & so WILL NOT BE DELETED !
<b>Thirdly I recommend you Install SUPER AntiSpyware</b>
<b>AGAIN Update the Virus Deffs & then run a complete scan.</b>
<b>Finally I recommend you Install MalwareBytes Anti-Malware</b>
<b>AGAIN Update the Virus Deffs & then run a complete scan</b>
In a couple of weeks ( when I get time ) I will be hosting these FREE SOFTWARES on MY WebSite ( COMODO already on it ! )
If you require any further help on the softwares – ie install / setup etc. please e-mail me @ <i><b>”Mike.Macs-PC@NTLworld.Com”</b></i>
Thanks & I HOPE I have been of SOME HELP !!! :o)
<b> – M!ke –
( M@CS PC )</b>
When you say that McAfee detected and blocked the Trojan, I wonder if you were adversely effected at all. A good antivirus package (McAfee and many others) will prevent the malware that spreads through an AUTORUN.INF mechanism from running although it may not be able to delete the files from the removable media.
It sounds like your next step should be to disable Autorun and delete the malicious files.