Virus autorun.inf recycle

To check if the virus is in your computer:

1. Go to command prompt.
2. Type CD\ in drive C to go the root directory
3. Type DIR /AH and press ENTER key. This will display all hidden files in your drive C
4. If you see a file AUTORUN.INF and a folder Recycled, then your system is infected.
5. Try doing this to your USB drive and check if your USB stick contains the same folder and AUTORUN.INF, if it does then your system is really infected.

To remove the virus:
1. Boot your system in Safemode
2. Go to command prompt, in Drive C do the following commands.
3. Type -> ATTRIB -H -R -S AUTORUN.INF then press enter
4. Type -> DEL AUTORUN.INF then press enter
5. Type -> ATTRIB -H -R -S Recycled then press enter
6. In Windows Explorer in Safemode, remove the folder Recycled in drive C use Shift-Delete to delete the folder.
7. Repeat Step 3 to 6 for all drives of your system including the USB drive.
8. Search for CTFMON.exe in your system using the Search of Windows found in Start Menu. If you find a file that is not located in C:\WINDOWS\SYSTEM32, delete it immediately. Dont forget to empty the recycle bin afterwards (Usually the virus will copy itself in the Startup folder of the Startmenu. Check if the file is present there and delete it then.)

To disable autorun of drives (i.e. everytime you double-click a drive or cd or usb, it is auto open) follow the following step:
1. Click Start->Run->type REGEDIT.exe
2. Go to this key from the register HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
3. Look for the entry NoDriveTypeAutoRun, double click the entry
4. Type a new value : 03ffffff for the NoDriveTypeAutoRun and press ENTER
5. Reboot the system.