Sharing files from one media to another is probably usual nowadays. We need flash drives or removable media, internet and network drives to install, copy and share files from computer to another. Each medium has it’s own configuration to make it more usable. However, what can we get if not restricted to a form that we could accept – a worm virus.
Worm virus is a software program capable of reproducing rapidly from one computer to another using different storage media like portable hard disks, over the network and the internet. Worms take advantage of automated configuration or tasks by inserting codes to reproduce itself rapidly across the network.
One of these configuration files is Autorun.inf. Autorun is very useful in adding icon to the drive and launching setup files once the removable media is read, so instead of these programs being run, the inserted virus will be launch and create several techniques to be able to infect the computer and makes it very difficult to be remove.
Sample autorun.inf
[Autorun] |
If you see an autorun.inf to your drive, try to read the code first by using the command:
e:\>type autorun.inf |
If the autorun looks the same like the sample version above, there is nothing to worry. If not… try to use “attrib” command to remove the hidden, read only and systems attribute as shown below.
However, if “access is denied” is returned, you need to reboot your computer and press F8 to log into SAFE mode.
Find the file and allow “Full control” for the security permission as shown. Use right-click, choose Properties and click the Security Tab.
Afterwards, use now the attribute command to remove the hidden, read only and system attribute to the file as shown and your done. You’ll be able to delete the file easily.
By the way, you can use Mcafee command-line scanner to detect if the virus was activated in one of the processes while clicking the drive.
At the command prompt, type:
SCAN /ADL /ALL /CLEAN /WINMEM /STREAMS /PROGRAM
and wait until its finish.
Keep on reading!
0 comments:
Post a Comment