Computer Security & Viruses/Autorun.inf Virus

Advertisement

Expert: Doug Woodall - 3/11/2008


Question
QUESTION: Sir,
I am caught by a vicious virus 'autorun.inf' in my USB drive. This virus is hidden and cannot be deleted. I am unable to format my USB as it gives message that disk is 'write protected'. I tried 100 ways to get rid of this virus but in vain. My USB has become virtually useless as it does nothing, niether copies files nor deletes them. I scanned it through AVG, Norton, NOD32. All of them did nothing. Please help me.
Thanks.

Yasir.

ANSWER: Have you tried AVG free AntiVirus ? After installing it, In Windows Explorer, right click on the USB memory stick drive and select 'Scan for virus'. Allow the program to complete it's scan and then delete any infected files that have been found.
I read this at a forum a while back.
What have you tried so far?


---------- FOLLOW-UP ----------

QUESTION: I scanned it through AVG Free too, but it did nothing. None of the antivirus has detected it.

Answer
Do you have your Win XP CD? if so, try this
PROCEDURE:
1. While the computer is still off;
2. Plugin the USB Drive
3. Insert the Windows XP CD-ROM into the CD-ROM drive. It must be the bootable Windows XP Installer
4. Start the computer from the CD-ROM drive. It will start Windows Setup screen
5. When the “Welcome to Setup” prompt appears.Press “R” to start the Recovery Console
6. If asked “Which Window installation would you like to logon to” select the number. Type “1? then Enter, if only one installation of Windows is present
7. Enter the administrator password, press Enter
8. It will bring you to command prompt, C:\Windows>
9. Proceed with the following command:
- Type d: (This is the drive letter of USB. It can be e: or f: defending on how many hard disk or cd drive is installed)
- Type attrib -hrs autorun.inf
- Type “edit autorun.inf” it will open DOS Editor and display contents as follows
==========================
[autorun]
open=file.exe
shell\Open\Command=file.exe
shell\open\Default=1
shell\Explore\Command=file.exe
shell\Autoplay\command=file.exe
==========================
Take note on the file that it called to open (in above example it is file.exe)

10. Exit DOS Editor and return to command prompt, D:\>
11. Delete the file that was called to open on DOS Editor
- Type -shr file.exe
- Type del file.exe
12. Exit Recovery Console by typing exit.

Ive seen this posted in several sites and it seems to work.
Let me know.

Computer Security & Viruses

All Answers

Answers by Expert:

Ask Experts

Volunteer

Doug Woodall

Expertise

I can answer questions pertaining to threats to Online Security. I cant answer questions as to when, if ever IE will ever be secure.

Experience

I have 20+ years of experience learning the intricaticies of online safety.

Education/Credentials
Self taught

©2012 About.com, a part of The New York Times Company. All rights reserved.