AutoRun.inf Trojan infection

15 pts.
Tags:
malware
Trojans
Viruses
can a trojan (autorun.inf)affects the performance an MP3 player.Yesterday my computer got infected with this trojan Mcafee said that it detected and blocked and removed but this trojan was still there.and when i was trying to safely remove the device it was saying that i cannot do this action.

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi
Although I’m no expert on Viruses etc. I too have suffered from one of these Autorun.Inf Trojans. The trojan will lock the device OPEN to protect itself – hence the reason you could not safely disconnect.

Note: You WILL have to copy & paste the internet links into your browser – no Direct Links !

<b>Firstly I recommend you lose Mcafee & install the trial version of ESET’s NOD32.</b>

.

<i><b>http://www.eset.com/download/free_trial_download_int.php</b></i>

THIS IS FREE FOR TRIAL PERIOD ( 30 days I think ).

<b>Update the Virus Deffs & then run a complete scan.</b>

IF you are able – use the following settings in the “On-Demand Scanner Setup”.
Scans SHOULD include :
ALL FILES
BOOT SECTORS
MEMORY
ARCHIVES ( Zip / Rar files etc. )
SELF-EXTRACTING ARCHIVES ( .exe versions of above files )
Runtime Packers
E-Mail Files
Alternative NTFS Streams
Scanning Options :
Virus Signatures /
Heuristics /
Advanced Heuristics x
( Only because this can produce FALSE POSITIVES )
Adware/Spyware/Riskware /
Potentially Unwanted Apps /
Potentially Unsafe Apps x
( If you have any keygens etc. this option will show them as
“HACKTOOL VIRUSES” otherwise tick this option )
Now use the following settings in the “On-Demand Scanner Actions”
For EACH of the above SCANS you should
First attempt to CLEAN the file & if this fails – I recommend you RENAME the file. This will change an .Exe to .Vexe – thus preventing the file from ever activating. And because you have kept the file rather than deleting it – down the line a fix may be found to clean the virus & make the file useable again & then all you have to do is rename the extension from .Vexe back to .Exe !!!

<b>Secondly I recommend you Install COMODO Internet Security.</b>

<i><b>http://personalfirewall.comodo.com/</b></i>

THIS IS the complete software ( FIREWALL & or ANTI-VIRUS ) PERMANENTLY FREE – there is a £30 PRO option available BUT THE SOFTWARE IS EXACTLY THE SAME – you get backup support 24/7 on the PRO version !!!
This way you can safely uninstall NOD32 before trial end ! *** DO NOT RUN BOTH Anti-Virus Softwares at the same time –
A: it slows down your PC &
B: IF BOTH programs catch a Virus at the same time – THEY WILL BOTH LOCK IT – meaning NEITHER can delete it – coz it’s LOCKED OPEN by the other A/V !!! IF you want to run NOD32 until it expires – Disable the Anti-Virus in COMODO until you are ready to switch. BUT I recommend you don’t get to used to NOD32 & try to get used to COMODO ASAP instead !!!

I reckon COMODO is easily as good as the paid-for rivals like Norton etc. BUT it’s 100% FREE FOREVER ! OK – it’s not great to look at BUT how often do you need to look at it ? So long as it does the job WELL !!!

<b>As Before – Update the Virus Deffs & then run a complete scan.</b>

This scan WILL FIND ANY keygens etc. you may have & show them as different types of threat. So long as you are SURE they are safe – these files can be EXCLUDED from scan & so WILL NOT BE DELETED !

<b>Thirdly I recommend you Install SUPER AntiSpyware</b>
.

<b><i>http://www.superantispyware.com/superantispywarefreevspro.html</i></b>

<b>AGAIN Update the Virus Deffs & then run a complete scan.</b>

<b>Finally I recommend you Install MalwareBytes Anti-Malware</b>
.

<i><b>http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button</b></i>

<b>AGAIN Update the Virus Deffs & then run a complete scan</b>

In a couple of weeks ( when I get time ) I will be hosting these FREE SOFTWARES on MY WebSite ( COMODO already on it ! )

If you require any further help on the softwares – ie install / setup etc. please e-mail me @ <i><b>”Mike.Macs-PC@NTLworld.Com”</b></i>

Thanks & I HOPE I have been of SOME HELP !!! :o)
<b> – M!ke -
( M@CS PC )</b>

============

When you say that McAfee detected and blocked the Trojan, I wonder if you were adversely effected at all. A good antivirus package (McAfee and many others) will prevent the malware that spreads through an AUTORUN.INF mechanism from running although it may not be able to delete the files from the removable media.

It sounds like your next step should be to disable Autorun and delete the malicious files.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • SHWE
    Thanx alot for your help I will surely try these steps.....n i hope this is goin to help thanx again
    15 pointsBadges:
    report
  • MacsPC
    Hi No problem at all - I'm glad I could be of assistance :o) If you would like a more IN-Depth explaination & assistance - please e-mail me at Mike . Macs_PC @ NTLworld . Com Note - I’ve inserted SPACES to prevent this web page from Auto Formatting & turning the e-mail address into a mess of code ! THERE SHOULD BE NO SPACES IN THE E-MAIL ADDRESS Cheers for now !!! - M!ke - ( Macs PC )
    235 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following