Autorun.inf Virus
Removing AUTORUN.INF Virus
There are several viruses that uses the autorun.inf to spread itself such as the Bacalid (hides itself in ctfmon.exe) and the RavMon.EXE. These viruses set its file attributes to System+Hidden+Read-Only attributes so some anti-viruses will have a hard time detecting or finding them. These viruses save itself in the root directory of every available drives of the current infected computer and runs itself every time you Double-Click the drive. In USB Sticks and CDs that are infected by the virus runs automatically especially if drive autorun is enabled for the current drives (which is usually by default, autorun for drives are enabled).
Autorun.INF is usually used by CD Installers to autoplay their installations but Hard disks by default should not have AUTORUN.INF in the drive.
Now, it is possible that your computer is infected by those viruses if you try to display the content of the your computer through command prompt, using the dir /ah command.
Now to erase this, restart your window to Safe Mode Command Prompt. (Do this by rebooting your computer and pressing F8 before windows go out and select from the boot menu). On drive C and other drives type the following commands:
1. attrib -h -r -s autorun.inf
2. del autorun.inf
Do this steps to other drives to disable the autorun.inf .
Disable AUTORUN from Registry
Now you can disable the AUTORUN for all drives by configuring the registry. Open the registry by typing regedit.exe to the command prompt (if your still at the command prompt) or execute it in Run. Look for the HKEY_CURRENT_USER\Software\ Microsoft\Windows\CurrentVersion\Policies\Explorer
Double-click the NoDriveAutorun DWORD entry and type the value HEX: FF (255 in Decimal). (If the NoDriveAutorun does not exists, you can creat it by right-clicking the right side area of the regedit window, then click New->DWord Value -> type NoDriveAutorun) Close the registry and restart the computer. This procedure will disable all the autorun for all drives of your computer and at least will prevent the autorun function of infected USB drives or CDs and avoid the infection of viruses like the Bacalid and RavMon.exe.
1 comments:
Computer viruses are really irritating, I experienced autorun.inf virus in my PC, as an iPhone user I went to upgrade my iOS through USB but got an error called iPhone Error 4013
Post a Comment