Today pendrives are becoming popular for their portability and high capacity.
As every coin has 2 sides we know that these devices are being used to spread virii rapidly as most of the viruses are targeted to the pendrives..
Active viruses infect your windows system as soon as you double click on the Pen Drive icon in your my computer. As virus always creates a autorun.inf file which is a system ,hidden and a read only file on your pen drive. It point to the main virus file which is also located on the pen drive. When user double clicks on the pen drive files pointed by the autorun.inf got executed which copies the virus files on your system.
tips to defend ourselves from pendrive viruses
Click Start
-->> click on Run or press windows key + r
* Enter GPEDIT.MSC press enter
* Double-click Computer Configuration to open submenu
* Double-click Administrative Templates to open submenu
* Double-click System to open submenu
* Double-click Turn autoplay off option which will be near the bottom of the list in
the right panel.
and u hav 2 tweak ur settings a bit to delete the pesky virus present in your pendrive
Open My Document> Tools> Folder Options>View or control panel folder options>view
click on Advanced Setting
Files and folders > Hidden files and folders
Enable the Show hidden files and folders
deselect hide extensions for known file types
now we are ready to rock
goto run or command prompt
type the drive name
eg: type g:\ in run
now ur pen drive will open up .
look for any files with doubles extensions such as hai.jpg.exe or
ps.bat or any files which u feel are doubtful
select all of them and press shift+delete
removing thru registry
1.New Folder.exe virus disables task manager, disables registry editor, disables folder options, and disables run option from start menu. Virus creates exe files like the icon of folders with the same name as the name of the folder, it also consumes more than 50 % of your processor usage so slows down your computer.
Let’s see how we can remove this virus without formatting the drive.
Fix:
In order to remove the newfolder.exe
You need delete a file named svichossst.exe where ever you find this file on your system
Remove the following keys from registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“@”=[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Yahoo Messengger”=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“Shell”=”Explorer.exe “
-------------------------------------------------------------------------------------
when we autoplay cds there may e chance that our system gets infected
hence disabling cd-autorun from registry is the best bet to protect ourselves
copy the below code to a notepad and save it as any file but with .reg extension and after saving double click it
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CDRom]
"Autorun"="0"
-------------------------------------------------------------------------------------
