06-22-2010, 05:47 PM
Removable drivers are one of the main sources of virus, worm & trojan infections. Normally they are trigged by autorun.inf files residing on the drive itself. Autorun.inf is what loads in Windows when you insert the USB drive. It is essential to remove the malicious autorun.inf files not only from fixed drives but also from the source, and that is pen drive.
For a security point of view, you can always disable autorun and autoplay features on removable media.
How to disable the Autorun functionality in Windows on Microsoft Knowledgebase. This article lists all the various methods you can perform to disable autorun on different flavors of windows.
If you are sure you have a virus in your pen drive, perform the following steps to remove autorun.inf virus & its payload. Don't just rely on your antivirus, my AVG free version failed to detect it completely when I scanned the drive.
Insert the drive, don't just click or open it via Windows explorer, assuming your Pen drive is assigned letter L.
- Go to start, run, type "cmd" without quotes. It'll get you to dos prompt.
- Type attrib -h -r -s L:\autorun.inf (this will set attributes to file and unhide and make it readable if it is hidden)
- Type del L:\autorun.inf
If the commands executes successfully, your autorun.inf in the pen drive has been deleted. You can safely open your drive and scan it with a good antivirus or delete any unnecessary files or folders that smell as malware.
For a security point of view, you can always disable autorun and autoplay features on removable media.
How to disable the Autorun functionality in Windows on Microsoft Knowledgebase. This article lists all the various methods you can perform to disable autorun on different flavors of windows.
If you are sure you have a virus in your pen drive, perform the following steps to remove autorun.inf virus & its payload. Don't just rely on your antivirus, my AVG free version failed to detect it completely when I scanned the drive.
Insert the drive, don't just click or open it via Windows explorer, assuming your Pen drive is assigned letter L.
- Go to start, run, type "cmd" without quotes. It'll get you to dos prompt.
- Type attrib -h -r -s L:\autorun.inf (this will set attributes to file and unhide and make it readable if it is hidden)
- Type del L:\autorun.inf
If the commands executes successfully, your autorun.inf in the pen drive has been deleted. You can safely open your drive and scan it with a good antivirus or delete any unnecessary files or folders that smell as malware.