Thursday, June 3, 2010

Recover your Pendrive folders from the BronTok virus attack

Perhaps the most notorious virus that is spreading through all computers in bangladesh is the Win32 Brontok virus. It is possibly the sole reason that many people chose to switch to a Windows 7.

The virus is updating itself. Back in early days, it used to create a New Folder.Exe file and make the exe icon identical to the folder icon of windows. Unsuspecting user would double click, and his PC would be instantly infected. Now improved versions of this virus causes the task manager, folder options to disappear. The "Show Hidden files and folders" also does not work. Most annoyingly, the recent version of the virus locks all folders of the pendrive as hidden, and you cannot make them unhidden even from windows 7 folder options.



To fix such a pendrive, I created a batch file. It removes the folder lock and unhides all the hidden folders in your pendrive. The batch then deletes all exe files in the root directory (So please don't mistakenly keep any installers in root folder of pendrive.), Finally it deletes the autoexec.bat file causing the virus. Just keep the batch file in your pendrive, and double click on a non infected PC to recover folders.

THe code of the batch file:
rem Created by Sajid Muhaimin Choudhury
Echo off
attrib -S -H -R /S /D
del *.exe
del autoexec.bat /F /S /Q
del killvirus.vbs /F /S /Q
mkdir autoexec.bat
mkdir killvirus.vbs
attrib +R +A +S +H autoexec.bat
attrib +R +A +S +H killvirus.vbs
Echo on
Perhaps the most notorious virus that is spreading through all computers in bangladesh is the Win32 Brontok virus. It is possibly the sole reason that many people chose to switch to a Windows 7.

The virus is updating itself. Back in early days, it used to create a New Folder.Exe file and make the exe icon identical to the folder icon of windows. Unsuspecting user would double click, and his PC would be instantly infected. Now improved versions of this virus causes the task manager, folder options to disappear. The "Show Hidden files and folders" also does not work. Most annoyingly, the recent version of the virus locks all folders of the pendrive as hidden, and you cannot make them unhidden even from windows 7 folder options.

To fix such a pendrive, I created a batch file. It removes the folder lock and unhides all the hidden folders in your pendrive. The batch then deletes all exe files in the root directory (So please don't mistakenly keep any installers in root folder of pendrive.), Finally it deletes the autoexec.bat file causing the virus. Just keep the batch file in your pendrive, and double click on a non infected PC to recover folders.

THe code of the batch file:

rem Created by Sajid Muhaimin Choudhury
Echo off
attrib -S -H -R /S /D
del *.exe
del autoexec.bat /F /S /Q
del killvirus.vbs /F /S /Q
mkdir autoexec.bat
mkdir killvirus.vbs
attrib +R +A +S +H autoexec.bat
attrib +R +A +S +H killvirus.vbs
Echo on


2 comments:

  1. can you put up the file to download?

    ReplyDelete
  2. Hi,can u help me to programmed AT89C51 micro controllerHi,can u help me to programmed AT89C51 micro controller?

    ReplyDelete