Monday, January 5, 2009

How to totally remove a virus from pendrive

Removing virus from pendrive normally requires 2 steps:

Step 1: Scan the pendrive using Antivirus software.
Step 2: Remove the hidden file autorun.inf

***********************

Step 1: should be handled by the antivirus software. So I won't talk on this. As suggested by some people on the net, you can always refer to below link.

1) Superantispywhere
http://www.superantispyware.com/superant...
it will possible detect and get rid of the Trojan. It gets rid of some of the toughest problems.

2)Smitfraudfix
http://siri.geekstogo.com/SmitfraudFix.p...
this tool should be launched in safemode. To learn how to do that look here
http://www.pchell.com/support/safemode.s...
run this tool and choose to clean. it will get rid of pop-ups trying to sell you fake things

3)Vundofix
http://www.atribune.org/content/view/24/...
this tool gets rid of Vundo trojans and more.
the site shows how to use it.

4)Combofix
http://download.bleepingcomputer.com/sUB...
this is a last resort
Combofix is a general tool that helps the helper cleaning up a Hijackthis log.
It is able to remove some common infections and helps a user detect files that general scanners cannot find. It also lists registry keys such as the key keys, the desktop keys, and other areas where malware hide. The tool has some rootkit detectors too, allowing a helper to see if a rootkit is present on the PCsmi

**********************

2) Step 2: However, you normally have to perform step 2 manually since antivirus will not remove autorun.inf since there is nothing wrong with the file in the first place since the bad thing actually the script written into the file, not the file itself.

Now, follow this steps.

1 - Start windows command prompt. If you use XP, type "cmd" in the Run textbox in Start > Run to start the program.

2 - While in the command prompt, type your pendrive drive letter such as "E:" and press Enter
3 - type attrib -r -h -s autorun.inf
(Now, if you type dir you will able to see the file. I normally, open this file as notepad to see what is actually written inside. Actually, the content here is the script that will automatically execute once you double click your pendrive.)
5 - type del autorun.inf to delete the file permanently.
6 - Eject and Plug in back your pendrive.

Your pendrive should now work fine.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)