| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 85852 | 2007-12-24 07:26:00 | Usb autorun.inf file problem!!! | JOYBEBA6679 (10686) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 624258 | 2007-12-25 08:00:00 | Right mouse / properties, on my computer on the desktop if its there. System restore tab. Tick the option If you want to reformat, the system may have a partition on it to restore it. You'll have to reinstall all of the updates after. Or you'll need the XP cd, or whatever cd to reinstall Windows. Then you'll have to reinstall the updates after. |
Speedy Gonzales (78) | ||
| 624259 | 2007-12-25 08:53:00 | Ive got some ideas, but rather than confuse the issue Ill let speedy continue. You're in good hands with Speedy, but if he runs out of ideas Ill tag in and try mine. |
beama (111) | ||
| 624260 | 2007-12-25 20:33:00 | Ok, this is what the damnn infiected autorun.inf file has: [AutoRun] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; open=usdeiect.com shell\open\Command=usdeiect.com shell\open\Default=1 shell\explore\Command=usdeiect.com Any ideas? |
JOYBEBA6679 (10686) | ||
| 624261 | 2007-12-25 20:43:00 | I would disable system restore first. Then reboot, then see if its still there. If you havent disabled SR yet. |
Speedy Gonzales (78) | ||
| 624262 | 2007-12-25 21:35:00 | Ok, I dissable system restore and reboot but it is turned back on when I reboot. Also, what is AMVO.EXE ?? | JOYBEBA6679 (10686) | ||
| 624263 | 2007-12-25 21:41:00 | Get ccleaner if you havent got it yet. It might be running on startup. Then go to tools / startup. Highlight and delete the amvo.exe entry. That amvo.exe looks like it belongs to a trojan (www.prevx.com) I would also get trojan remover in my sig, install it, update it, then click on scan. See if that picks whatever up and removes it. Or post a hijackthis log. Leave system restore disabled for now. |
Speedy Gonzales (78) | ||
| 624264 | 2007-12-25 21:59:00 | If there's an entry in add/remove programs called trojan.covert.sys-exe uninstall it too. If Trojan.Covert-Sys-Exec is running press ctrl-atl-del and kill its process. |
Speedy Gonzales (78) | ||
| 624265 | 2007-12-26 08:09:00 | Ok, well looks like I fixed the problem, many thanks to you guys who helped me! | JOYBEBA6679 (10686) | ||
| 624266 | 2007-12-26 08:13:00 | Good to hear ! | Speedy Gonzales (78) | ||
| 1 2 3 | |||||