How to fix the drive not getting opened upon double click in windows when infected with autorun.inf virus

We often see the disk drives such as USB's / Harddisk partitions do not get opened in windows when we double click on the disk icon in explorer after machine is infected with autorun.inf virus. This is due to hidden autorun.inf presence in the root directory of the drive ex: C:\autorun.inf or I:\autorun.inf where I:\ refers to a USB disk. The below said steps will help you in fixing this problem very easily

Scan and Clean the drives with a good antivirus and make sure all the disks are free from virus.
Now open Command Prompt (i.e. cmd.exe) by typing cmd, in Run ( To open it go to Start -> Run, enter cmd and press enter
Goto USB disk drive such as F: in your command prompt
Now run the command DIR /w /a to see all hidden files and folders.
Now run the command attrib to remove all special attributes associated with files and folders as attrib -R -S -H /S /D *.*
Now delete the autorun.inf with command del autorun.inf
Remove your usb disk and plug it again
Now you can open the drive by double clicking it in the explorer.

Note : After running the attrib command on files and folders, explorer will show all the hidden files and folders in your usb disk in the explorer. You can delete all unwanted files and folders in explorer itself.

Comments

How to find firmware or boot ROM version in Mac OS X

Firmware and boot ROM version of your mac can be found in two ways. Way 1 : 1. From "Apple" menu , choose "About This Mac" menu item. 2. Click " More Info " to open "System Profiler" application. 3. Under Contents -> Select Hardware Tree item. On the right side panel Under hardware overview section, we can see Boot ROM Version and SMC (Firmware) Version. Way 2 : Run the below command in terminal to get boot ROM version and SMC(firmware) version : $ system_profiler SPHardwareDataType | grep -i "Version" | awk -F ':' '{print $1 $2}'

How to extract signing certificates from macOS binary files

Code signing is a macOS security technology that you use to certify that an app was created by you. Once an app is signed, the system can detect any change to the app—whether the change is introduced accidentally or by malicious code. As Apple Developer site says ( click here for more details on code signing) : code signing allows the operating system to: Ensure that a piece of code has not been altered since it was signed. The system can detect even the smallest change, whether it was intentional (by a malicious attacker, for example) or accidental (as when a file gets corrupted). When a code signature is intact, the system can be sure the code is as the signer intended. Identify code as coming from a specific source (a developer or signer). The code signature includes cryptographic information that unambiguously points to a particular author. Determine whether code is trustworthy for a specific purpose. Among other things, a developer can use a code signature to s

What are the useful nvram settings in macOS ?

The OS X boot arguments are useful for troubleshooting problems with system startup and how the system behaves when running. sudo nvram boot-args="-v" : This command will set the system to always boot to verbose mode, so we do not need to hold Command + V at system startup. sudo nvram boot-args="-x" : This will set the system to always boot into Safe Mode. sudo nvram boot-args="-s" : This command will boot the system into single user mode without needing to hold Command-S at system startup. sudo nvram boot-args="iog=0x0" : when you close the display but connect the system to an external monitor and keyboard the system will stay awake. After running this command, when connecting an external monitor, the internal display will be disabled, which can be beneficial in some situations such as those where you are mirroring your desktop but wish to run the external display at a higher resolution than your laptop can run. sudo nvram b

Anand Pandit's Blog

Search This Blog