How to remove Surabaya Virus
Symptoms -
Modified autoexec.bat to display a message upon system start: “Surabaya is my birthday”….."Don't kill me, i'm just send message from your computer"…and then some blah - blah in some Thai language I guess.
Your folder has file size 40K
All your hard disk partitions become autorun…if you right click on any partition or any drive letter it’ll give the “autorun” option instead “open”.
All your existing original folders become hidden and are replaced by another dummy folder with same file name but with size of 40KB. If you right click on any file, the menu which opens will show “test”, “configure”….etc options but no “open” option. Removal Steps:
Step 1:
Press Start -> Run -> cmd (or command) -> press Enter
Type in command box- cd\
Type again in command box- c:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
Repeat the same with your other hard drive partitions as well…say if you have 3 drive partitions viz. “C”, ”D” & ”E”…for this:
Type again in command box- d:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
Type again in command box- e:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
If you have any USB hard drive on pen drive connected, do the above procedure with its drive name. For example if your USB drive name is “G”…
Type again in command box- g:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
Type again in command box- exit
Symptoms -
Modified autoexec.bat to display a message upon system start: “Surabaya is my birthday”….."Don't kill me, i'm just send message from your computer"…and then some blah - blah in some Thai language I guess.
Your folder has file size 40K
All your hard disk partitions become autorun…if you right click on any partition or any drive letter it’ll give the “autorun” option instead “open”.
All your existing original folders become hidden and are replaced by another dummy folder with same file name but with size of 40KB. If you right click on any file, the menu which opens will show “test”, “configure”….etc options but no “open” option. Removal Steps:
Step 1:
Press Start -> Run -> cmd (or command) -> press Enter
Type in command box- cd\
Type again in command box- c:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
Repeat the same with your other hard drive partitions as well…say if you have 3 drive partitions viz. “C”, ”D” & ”E”…for this:
Type again in command box- d:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
Type again in command box- e:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
If you have any USB hard drive on pen drive connected, do the above procedure with its drive name. For example if your USB drive name is “G”…
Type again in command box- g:
Type again in command box- attrib -s -h -r /d /s -> press Enter
Type again in command box- del autorun.inf -> press Enter
Type again in command box- del thumb*.* -> press Enter
Type again in command box- exit
*************************************************************
No comments:
Post a Comment