Warning: count(): Parameter must be an array or an object that implements Countable in /srv/users/serverpilot/apps/eken/public/th_main/class/Single/SinglePost.php on line 1081
I bet I am not the only person who frequently come across email and pen drive or USB viruses and worms. The maximized use of removable flash/USB disk are the pure 1 less to a percent source of the tyranny that enforce most of the Microsoft’s XP users to fully format the hard disk. And what I found, how I removed autorun virus and worms and what you should be aware of, I just tried to figure it up here. Risk yourself!
I didn’t know Mahesh’s 1GB Kingston’s Data Traveler was fully loaded with autorun worms when he handed it to me for copying the latest version of iTunes. I had the up-to-date home edition of Avast antivirus package, but it failed allowing those small chunky malware codes to rule my system. By heart, I removed the registered version of the damn antivirus and installed the latest version of Kaspersky and it’s still on, though KAV was also unable to clean those autorun codes. Finally, I got the idea from the TuneUp Process Manager, a sub-function of TuneUp Utility 2007.
Having found my locked access to registry, folder option, gpedit and task manager, I got the sudden lightening- “What’s the use of TuneUp baby?” And What else, I ran… ran and ran to discover which currently running/active processes in my system are actually by those autorun.exe or autorun.vbs. I found, detected, sensed and deleted from their current activity, so that I could permanently erase the scvhost.exe file from Widows installation folder ie in my case C:/Windows/scvhost.exe and C:/Windows/system32/scvhost.exe. Fortunately, it worked and is still working. On the next boot, pop up windows appeared saying there was no scvhost.exe and this annoying window followed subsequent boots unless I copied one from the unaffected system of my friend.
I extremely suggest you that please be sure which file you are deleting, if you delete the scvhost.exe manufactured by Microsoft, you run into a serious trouble. So, observe the property of all the scvhost file/processes and those which display the info Generic Host Process for Win32 Services are safe as far as I know. Backing up data before working on system files is always a safe idea.
I think this way can remove problems caused by autorun.exe or autorun.vbs or any other similar problems, and easy browse your system. Again, you’re there to double/single click your drive icon to open it without running into some Chinese words.
Dislaimer: I am not a tech support guy, so I don’t insist you on doing this thing. This is all what I did, I am not responsible for any damaged caused but always ready to help you if you want, just comment on this post. Happy auto running!