i am unable to run full scan on unmanage client.whenever i run it, it is scan like a active scan.
I found "qazwsx/zaqxsw.exe" in my c drive.and i am facing a problem whenever I connect pen drive, automaticly a autorun.inf file i found in pen drive.i tried to delete it, but it is in process unable to delete.after formating pen drive, again i found the same file whenever i connect pen drive.
Looks like there is a threat on your computer.
Download NSS and run full scan in safe mode.
Disable autoplay aswell
and also check
Submit all the suspected files to https:..submit.symantec.com/gold
The most helpful part of entire Symantec connect is the Search button..do use it.
What happens when you try to do the full scan?
iot is acan like a active scan only for less then 1 minute
connect the pen drive
open the cmd prompt
navigate to pen drive ,say F:\>
type attrib -h -s -r
try to run the scan now
and the coding i found in inf file.....................
action=Open folder to view files using Windows Explorer
unable to delete the autorun.inf file. it is being used
Follow this forum discussion and remove autorun.inf
but still when i reconnect pen drive system rebuild the same autorun.inf file
have you disabled autoplay following the above article.You can download and run Malwarebytes it will surely clean all the virus from your computer
Check the autorun file on all your hard drives, delete those too.
try donig a full scan with latest virus defs.
seem like its coming from your system to pen drive.
If this computer is connected to LAN, then try to map the drive from the another computer and run full scan.
if the said virus not even detected by Symantec antivirus, it is highly recommended to submit this file to Symantec Security response team to analyze the file
if pen drive is affected by autorun.inf trojan,It is als associated with hidden files
size of zaqxsw.exe file is 211,968
use safe mode command prompt to delete it
del /a *
sometimes zaqxsw.exe affect your PC and sit under in C:\RECYCLER\S-1-5-21-8751926100-3516730847-449045751-7323
directory as czzi.exe
search the file czzi.exe in c:
dir /s czzi.exe
and delete it
del /a czzi.exe
make a autorun.inf directory in your pen drive root, set its attribute as hidden and system
attrib +r +h +s autorun.inf
ISSUE RESOLVED !
- Dennis Jaat