[Gordon]

Will reinstall Windows XP this afternoon after taking a backup. Any idea on a good pen drive / USB drive / memory card scanner or cleaner?

I got this after using a pen drive. After this, all other USB drives connected to my PC used to be affected. The folders on the drive would be converted into .EXE and its attributes to Read-only, system and archive.

[wildon]

Every antivirus can do the scanning/cleaning job of external inputs. Its depends up on settings/configuration you have done in antivirus for external device inputs.

[Gordon]

I knew that. But is there something that is 'specifically' designed to wipe out viruses / worms / trojans / malware on pen drives? Because I had AVG when the PC was affected. All you need to do is put in the pen drive. Even if you do not use it, it'll automatically be affected (PC-to-pen drive) or affects (pen drive-to-PC) in a matter of seconds.

[aaggoswami]

Quote:

Originally Posted by Gordon

I knew that. But is there something that is 'specifically' designed to wipe out viruses / worms / trojans / malware on pen drives? Because I had AVG when the PC was affected. All you need to do is put in the pen drive. Even if you do not use it, it'll automatically be affected (PC-to-pen drive) or affects (pen drive-to-PC) in a matter of seconds.

Very very small step is to enable Turn off autoplay. When I had to bring a lot of data from lab to my home PC, I too was suffering. The above method did help a bit. I used to format my PC 4-5 times a month due to this and turning off autoplay reduced it to 2-3 times.

Though much of it depends on what type of virus you have. Also pendrive is biggest source of virus. Certain things are unavoidable and if using pendrive is one of it, I will still recommend you Kaspersky Internet Security or Bitdefender. These are probably the best and are really effective.

In any case, turning off autoplay helps.
Go to windows Run > type gpedit.msc > a new window will open, in that go to user configuration > Administrative template ( last option under user configuration tree ) > Go to systems > Here you will see " turn off Autoplay ". Go to properties of this and click on Enabled. In the drop down menu, select all drives.

I dont know how effiective it will be in your case, but just give it a try. Its matter of 1 min or so.

[wildon]

Quote:

Originally Posted by Gordon

I knew that. But is there something that is 'specifically' designed to wipe out viruses / worms / trojans / malware on pen drives? Because I had AVG when the PC was affected. All you need to do is put in the pen drive. Even if you do not use it, it'll automatically be affected (PC-to-pen drive) or affects (pen drive-to-PC) in a matter of seconds.

ok. Go to this page

Portable Antivirus & Security Blog: Download

Download :

1. Portable Antivirus 1.6 Build 421
2. VDEF Updates (10 August 2009)
3. Download Portable Antivirus 1.6 Help Document

This is specifically for portable device.

[benbsb29]

Quote:

Originally Posted by aaggoswami

In any case, turning off autoplay helps.
Go to windows Run > type gpedit.msc > a new window will open, in that go to user configuration > Administrative template ( last option under user configuration tree ) > Go to systems > Here you will see " turn off Autoplay ". Go to properties of this and click on Enabled. In the drop down menu, select all drives.

I dont know how effiective it will be in your case, but just give it a try. Its matter of 1 min or so.

Gordon, I suppose turning off Autoplay is good to start with. This was also part of a rollout from my company which made this applicable to all systems on the network.

I have been on Kaspersky internet security since the past 2 years, and it has been quite effective, right from disinfecting my already infected PC, as well as warding off any attacks from what could be an infested pen drive my cousin usually gets home. Ofcourse, i ensure noone other than my wife, uses the home PC or connects anything without my permission. I truly recommend this product, but look out for the original version.

[tsk1979]

I think the correct term for this trojan is "polymorphic file infector"
Problem with this dude is that it infects all your exe, .scr, etc., executable files.
If you google the above term, you will get to know that reinstall is the only way to completely clean your computer.

Basically do this
1. Back up all documents - Remember, only documents and images
2. Burn ISO of gparted(Partition manager, linux based)
3. Re Format, and Re make partition table, this will completely clean your system.
4. Reinstall windows.

Though 99% of windows infections have an anti viral cure, there is that remaining 1% which require a reformat and a reinstall.

[Gordon]

Didn't do the reinstall yet since my friend couldn't find the Windows Setup CD. Anyways this is what I intend doing:

• Backup images, videos, documents and some driver setup files from C:
• Reboot with the XP CD. Format/Delete current C: partition and create it again.
• Install a fresh copy of Windows XP.
• Reinstall all drivers and other daily softwares I require (Messengers / Winzip / etc)
• Download anti-virus softwares as recommended here and update each of them

[Gordon]

Done.

• Reinstalled a fresh copy of XP.
• Installed and updated Avira Antivir Personal.
• Installed all necessary software and utilities.
• Installed CCleaner.
• Disabled all startup items using CCleaner.

Thank you all

[omishra]

Quote:

Originally Posted by Gordon

Done.

• Installed CCleaner.
• Disabled all startup items using CCleaner.

Thank you all

Be careful of this guy. It screwed up my system twice, once on Desktop and once on laptop. System used to hang after a while. I removed CCleaner and stopped using that.

• Do keep minimum software ( minimum required) installed and only from valid source.
• As far as possible, try to live without free plug-ins.
• Have good AV, configured firewall and secured modem (if applies to you).
• One more problem with Windows is that if you install something and uninstall then its not cleaned 100% always. Further it repeated few times, registry is messed up. Be aware of this too.

[wildon]

Quote:

Originally Posted by Gordon

Done.

• Reinstalled a fresh copy of XP.
• Installed and updated Avira Antivir Personal.
• Installed all necessary software and utilities.
• Installed CCleaner.
• Disabled all startup items using CCleaner.

Thank you all

Once you installed all necessary software create another user account with Limited option and use this for day to day basis. This will avoid changes in master setting, deletion of files etc. In Limited account user only have the power to read only, so any automatic installation from various sources can be avoided.

[Gordon]

Quote:

Originally Posted by omishra

Be careful of this guy.

CCleaner has two options that may mess the system. The Registry Cleaner and the Advanced Cleaner. The other options are quite mild to make any wild changes.

Quote:

Originally Posted by omishra

•As far as possible, try to live without free plug-ins.

Always hated plug-ins except for the usual DivX, Flash, etc.

The worst things are Free Toolbars, never install them. Also there are a lot of trojans and malware that come through Facebook too (for example, Tattoon Fast Browser Search). Its malware and the source is some of the Facebook applications.

Quote:

Originally Posted by wildon

Once you installed all necessary software create another user account with Limited option and use this for day to day basis. This will avoid changes in master setting, deletion of files etc. In Limited account user only have the power to read only, so any automatic installation from various sources can be avoided.

I like it when the PC starts and it comes directly to the desktop. With an added user account, it stops at the User Login Screen. Any way it can logon directly to a specified user account.

[wildon]

Quote:

Originally Posted by Gordon

I like it when the PC starts and it comes directly to the desktop. With an added user account, it stops at the User Login Screen. Any way it can logon directly to a specified user account.

Your System now already having a user name that is given by you. imagine you have named it as 'X' which having administrative privileges and you have not given any password to that. so every time you switch ON the pc it boots up and you are able to see the desktop.

Now create a user name as per your choice for e.g 'Y' and assign it as LIMITED account, don't put any password to that. Go to the control pannel > User accounts > Change the way user log on or off >> tick the Use welcome screen and then APPLY.

Go to start button > Log off and then you will get the Welcome screen with multiple user name selection option. Use CTRL+ALT+DELETE so you will get a pop up window to enter your user name and password. Enter the user name as Administrator and leave the password blank.

Now you are in to the Administrator account. and you can see the desktop. Go to Control Panel > User account and delete the account which you created first i.e with administrative power.

Go to the user account again and change the way user log on or off >> uncheck Use welcome screen and then APPLY.

Restart the computer you will be now in the LIMITED account 'Y'

If you think this is too complex please ignore the post.

[aaggoswami]

Quote:

Originally Posted by wildon

Go to start button > Log off and then you will get the Welcome screen with multiple user name selection option. Use CTRL+ALT+DELETE so you will get a pop up window to enter your user name and password. Enter the user name as Administrator and leave the password blank.

Make sure that you have not entered Administrator password during installation of Windows. I usually enter the Administrator password so that nobody can log into my PC.

[Gordon]

@wildon:
No that wasn't complex. Just a few doubts.

• If I do delete my current user account, will it affect any softwares I have recently installed? Like the Messengers, etc.
• What is restricted for the limited profile user account?
• Isn't there any way I can retain the current account AND have the limited account log in automatically?

@aaggoswami
Should I enter an Administrator password? Or leave it blank?