Thursday 26 April 2012

How to Remove shortcuts virus from pen drive

What is Autorun.inf?

Autorun.inf is a file which starts automatically whenever you insert your pen drive or a compactdisk(CD). So when this file is replaced with a coding which when started , can disable your antivirus and run other virus program from your pendrive or CD without your knowlegde.
Nowadays there is a recent shortcut autorun virus which will make your files in the pendrive into shortcut files. Well I shall explain you how to disable that virus :

  • Disable the autoplay function in your system. 
  • Install an updated antivirus program.
Disable Autorun (Windows XP) :

  1. Download TweakUI powertoy for XP : Click Here.
  2. Install it.
  3. Go to Start -> Powertoys for Windows XP -> Tweak UI.
  4. Expand 'My Computer' Tree in Tweak UI.
  5. Expand Autorun Tree.
  6. In Drives Section, Unselect all the drives.
  7. In Types Section, unselect all the drives.
  8. Click on Apply.
  9. Select OK.

Disable Autorun (Windows 7) :
  •  Launch the Run dialogue box by pressing Win + R, then type Gpedit.msc and press     Enter. 
  • In The Local Group Policy Editor go to: 
Computer Configuration > Administrative Templates > Windows Components.
  • Locate the autoplay option and open it.  
  • Click the enabled button and select all drives from option  and apply .
 Preventive Measures:
  • Disable the Autorun
  • Install an Antivirus!!!!!
  • Before opening any drive, scan it with a well known antivirus(listed at the end)
  • If you want to open it without scanning or if you do not have an antivirus installed (Not Recommended), then do the following :
  • Open My Computer
  • Go to Tools -> Folder Options
  • Go to View Tab -> Unselect 'Hide Extensions for Known File Types'
  • Then select the required drive, right click -> EXPLORE. Do not double click to open the drive. This will activate the autorun file inturn activating the virus....
  • Do not files of type .lnk or .exe(unless you scan with antivirus).
  • Only open document files. 
  • Some files may contain double extension such as 'xxx.doc.exe' with a Document Icon. Those are definitely viruses. Delete them.
Removing the virus :
  • Launch the RUN dialogue box by pressing win + r , then type cmd .
  • In the command prompt type the below commands one by one 
               attrib -h -r -s /s/d g:*.*   
Replace the g with the drive name of your usb path.
Here h denotes hidden files, r is for read only files and s for system. -h -r -s are used for making them to remove those properties. /s is to process all files and /d is to process all folders as well.*.* denotes all files with any extension.
You simply change the letter g to your usb drive letter and run the above highlighted command and then run the below command :
              drive name:\\ del autorun.inf
              drive name:\\ del *.lnk
Replace drive name with your usb drive letter . 
  • Done with this for now.
Always have a antivirus installed and update it regularly.nod32 , avira , avast and many more powerfull antiviruses are available in the internet for free and prevent your system from Viruses.

For any help free to say.....
 
at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Comments System