This issue needs a solution.

USB Flash Drive Shortcut Virus

Created: 09 Aug 2012 • Updated: 10 Aug 2012
Login to vote
-2 6 Votes

Hi, I do not know why I can't access to my external memory after it had been diagnosed with the virus. I tried to use attrib -r -a -s -h/  command to rescue, but it was not successful. When I tried to run this command, the command was denied. The worse part was, I also cannot access to those shortcut folders which I used to access despite being a shortcut.

I have got this virus for a few times on all my external storages. Ususally, I used Antivirus scan from other engine provider like AVG and Avast. This time, I was using the Symantec Endpoint Protection.

Would you kindly advise, what should I do to restore & gain access to my folders again? Thank you so much.

Filed Under

Comments

Ashish-Sharma
Accredited
09
Aug
2012

Hi, you can check this fourms

Thanks In Advance

Ashish Sharma

 

 

10
Aug
2012

Hi Ashish,   I will try it

Hi Ashish,

 

I will try it out. Thanks for your sharing.

 

B Regards,

Mithun Sanghavi
Symantec Employee
Accredited
13
Aug
2012

Hello, In your case, it is

Hello,

In your case, it is advisable to follow few important steps:

1) Make sure all these machines are Patched with ALL Latest MS security patches and service packs.

2) Make sure the machines are installed with the Latest Symantec virus definitions.

3) Disable the Autorun Feature on the machine.

Preventing a virus from using the AutoRun feature to spread itself

http://www.symantec.com/business/support/index?page=content&id=TECH104447

Later, incase of suspicious activity still happening, then follow the steps provided in the Article below:

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Check the below articles on handling infections.

Best practices for troubleshooting viruses on a network 

http://www.symantec.com/docs/TECH122466

Security Best Practice Recommendations 

http://www.symantec.com/docs/TECH91705

How to Use the Web Submission Process to Submit Suspicious Files

http://www.symantec.com/docs/TECH102419

Security Response recommendations for Symantec Endpoint Protection settings 

http://www.symantec.com/docs/TECH122943

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

cus000
Partner
Accredited
13
Aug
2012

You mean external hard

You mean external hard drive?

 

What is the virus name? What error you get when you tries to access it? "Acces denied" ?

Fabiano.Pessoa
Partner
Accredited
13
Aug
2012

Hi Try running this command

Hi

Try running this command in safe mode, if you can run, it is certain that some record of the virus is still on your machine.
Soon after it executable, try performing a scan with your protection in the same safe mode, so that the virus does not become invisible in his compositions.
It's too bad to have to follow many steps or read many things to find a solution, even when you're having problems like that. I know very well that while you may be reading a tutorial an attacker to steal your data. then go to the solution ok?
If you follow the steps and work out, let me know, any questions I am available.

Big hug.

 
 

 

Fabiano Pessoa

Systems Analyst - Forensic Expert

13
Aug
2012

does you external hd gets

does you external hd gets detected on the system? if not then does it load in the Devicemanager ,and when you try to access what happens?

21
Aug
2012

The strange part is that, I

The strange part is that, I realised that my folders are still not accessible after I scan for virus. I checked on the properties of the folder, I saw that the path had gone wrong. But, I can't reset it back.

I did considered to do a backup, before I format. But, the folders failed to get copied. All these, after I used Norton Endpoint. I not sure what went wrong.

 

Kindly advise, thank you so much.

 

Regards,

Screenshot.JPG
Ashish-Sharma
Accredited
21
Aug
2012

Do you have check USB Flash

Do you have check USB Flash Drive another system are you able to accessible ?

 

Thanks In Advance

Ashish Sharma

 

 

21
Aug
2012

How?

How?

Ashish-Sharma
Accredited
21
Aug
2012

You can attached your usb

You can attached your usb Flash drive another system and try are you able to Open /take folder back up ?

Thanks In Advance

Ashish Sharma

 

 

21
Aug
2012

I have not tried it.

I have not tried it. Previously, I encountered the same virus. I used the Avast to solve it easily on a different computer without trouble. Now, I not so sure did Norton Endpoint made any system file changes to my Flash Drive during or after the scan.

Fabiano.Pessoa
Partner
Accredited
21
Aug
2012

Hi Ho19 Check in safe mode

Hi Ho19

Check in safe mode windows you can access your folders normally.

Fabiano Pessoa

Systems Analyst - Forensic Expert

Fabiano.Pessoa
Partner
Accredited
21
Aug
2012

Hi Try giving the command

Hi

Try giving the command ATTRIB-H-R-SC: \ your folder name \ *. *

Fabiano Pessoa

Systems Analyst - Forensic Expert

Fabiano.Pessoa
Partner
Accredited
21
Aug
2012

Hi, is good to use a data

Hi,

is good to use a data recovery as MiniTool Power Data Recovery. This program, however, goes beyond the simple act of helping you recover deleted files, it is also able to recover damaged or lost partitions as well as data on portable devices (such as USB drives and MP3 players) and media (CDs and DVDs).
The free version of MiniTool Power Data Recovery is suitable for home users and organizes its five different retrieval functions in a menu. You choose what kind of action you want to perform, configures the task and you can recover what was lost
According to the developers, this is the most powerful feature of MiniTool Power Data Recovery. It is indicated for times when you try to access a disk or partition and receives a message like "You want to format this drive?". Before leaving for the formatting, you can try to correct the mistakes to avoid losing any data.
The MiniTool Power Data Recovery displays all partitions and drives present on the computer, then just select one and start scanning for everything that is damaged and can be recovered. This module supports MBR partitions, Windows Dynamic, simple volumes, RAID-5 and more.

 
 
Desfazer ediçõeshugs
 

 

Fabiano Pessoa

Systems Analyst - Forensic Expert

Ashish-Sharma
Accredited
21
Aug
2012

Hi Kindly run this and check

Hi Kindly run this and check are you able to open or not Drive.

ATTRIB [+R | -R] [+A | -A ] [+S | -S] [+H | -H] [[drive:] [path] filename] [/S [/D]]

 

+ Sets an attribute.
- Clears an attribute.
R Read-only file attribute.
A Archive file attribute.
S System file attribute.
H Hidden file attribute.
/S Processes files in all directories in the specified path.
/D Process folders as well.

Same Issue https://www-secure.symantec.com/connect/forums/my-local-disk-do-not-open

Thanks In Advance

Ashish Sharma

 

 

Ashish-Sharma
Accredited
21
Aug
2012

HI, I have found some

Thanks In Advance

Ashish Sharma