Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 6247 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

W32/Autorun-AMP

Fazlur_SDTL

Hi,

We are infected by W32/Autorun-AMP malware. SOPHOS can detect and can clean partially. It shows reboot required which we have done several times but no luck.

Attached I have given several screenshots. Suggest how to clean those?

:45821


This thread was automatically locked due to age.
virus status.pdf
Parents
  • 0
    Hi,

    We tried to run source of infection tool in 2 PCs with different parameters to see whether the files are recreating/dropping from remote computers or from local machine (locally).
     
    We found that the files are generating/dropping locally by svchost.exe process.

    Attached please find screenshots, SDU and the log file of SOI (source of infection).

    Suggest how to solve the issue.

    :45873
Reply
  • 0
    Hi,

    We tried to run source of infection tool in 2 PCs with different parameters to see whether the files are recreating/dropping from remote computers or from local machine (locally).
     
    We found that the files are generating/dropping locally by svchost.exe process.

    Attached please find screenshots, SDU and the log file of SOI (source of infection).

    Suggest how to solve the issue.

    :45873
Children
No Data