The most popular media to spread virus is USB drive and it is faster to spread virus and very effective. But do you know, if you know how to remove the virus in your USB drive, you can save not even your computer but the whole organization. What is the most important thing is at the moment you open your USB drive.
Opening USB
Usually we always just double click the USB drive but after this you need to open it using adress bar. Address bar is on the top of your window at about 1.5 cm from the title bar. But if there is no address bar, you can enable it by click view> toolbars> address bar. By opening your USB drive using this way, you can prevent the virus from autorun.
After you open your USB drive, you need to enable hidden and super hidden file. To do this, click on Tools> Folder Options.
Click on view tab and scroll down and thick on Show Hidden Files and Folders radio button and uncheck the Hide protected operating systems and Hide extensions for known file type. After that click apply. After this step you will see all the hidden and super hidden in your computer but remember, don't remove blindly files in other drive because some of it is important systems file.
After that, if your drive is infected, you can see a file named autorun.inf. Double click the file to know what the virus file. In my USB drive the files contain:
[autorun]
Open = wscript.exe \VirusMawar.js
shellexecute = wscript.exe \VirusMawar.js
shell\Open\command = wscript.exe \VirusMawar.js
shell\Explore\command = wscript.exe \VirusMawar.js -Clicked
shell\AutoPlay\command = wscript.exe \VirusMawar.js
shell\Scan for Viruses\command = wscript.exe \VirusMawar.js
shell\Scan with Norton AntiVirus\command = wscript.exe \VirusMawar.js
shell\Scan with AVG\command = wscript.exe \VirusMawar.js
shell = Explore
The suspected virus is VirusMawar.js and find the virus in you USB drive and hightlight the virus file and press shift+delete to permanently remove the file. Now you can be a hero. :) Hopefully you enjoy this tutorial.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment