Unlock For Us

(Access denied) Removing Autorun.inf file Virus from the hardisk

Sharing files from one media to another is probably usual nowadays. We need flash drives or removable media, internet and network drives to install, copy and share files from computer to another. Each medium has it’s own configuration to make it more usable. However, what can we get if not restricted to a form that we could accept – a worm virus.

Worm virus is a software program capable of reproducing rapidly from one computer to another using different storage media like portable hard disks, over the network and the internet. Worms take advantage of automated configuration or tasks by inserting codes to reproduce itself rapidly across the network.

One of these configuration files is Autorun.inf. Autorun is very useful in adding icon to the drive and launching setup files once the removable media is read, so instead of these programs being run, the inserted virus will be launch and create several techniques to be able to infect the computer and makes it very difficult to be remove.

Sample autorun.inf

[Autorun]
open=setup.exe
icon=setup.exe,0

If you see an autorun.inf to your drive, try to read the code first by using the command:

e:\>type autorun.inf

If the autorun looks the same like the sample version above, there is nothing to worry. If not… try to use “attrib” command to remove the hidden, read only and systems attribute as shown below.

access_is_denied_permissions

However, if “access is denied” is returned, you need to reboot your computer and press F8 to log into SAFE mode.

Find the file and allow “Full control” for the security permission as shown. Use right-click, choose Properties and click the Security Tab.

permission

Afterwards, use now the attribute command to remove the hidden, read only and system attribute to the file as shown and your done. You’ll be able to delete the file easily.

attrib_del_autorun

By the way, you can use Mcafee command-line scanner to detect if the virus was activated in one of the processes while clicking the drive.

At the command prompt, type:

SCAN /ADL /ALL /CLEAN /WINMEM /STREAMS /PROGRAM

and wait until its finish.

Keep on reading!

0 Comments:

 

© Naga Heavy Industries (NHI) @2024| Blogger| License Agreement