AVG Antivirus detected the Generic.lhk worm when I scanned my friend's USB files. There was only one file shown in windows explorer, and it was a shortcut with a size of a few kilobytes. But when I right-click on the drive, the pie shows that about 20% of the drive space was still being taken up by files. The files were still there. There was hope of recovering them. So I let AVG remove the threat and then I moved on to the next step.
I usually use the DOS command, attrib -r -a -s -h to be able to see the missing files. Sadly, virus and malware makers-methods are getting more and more sophisticated and this approach no longer seemed to work in this particular case.
After doing a search on Google, some sites recommend using WinRAR to recover the files. But WinRAR is not completely free. So I opted using 7-zip instead, which was completely free at the time I downloaded it. I opened the program, then looked for the USB drive with the problem. There were only 3 files initially, the shortcut, and two additional files which showed up after running the attrib command. After checking these three files, 7-zip found the files in the shortcut. I extracted these files to my hard drive, formatted the USB, then copied the files back to the USB. I also rerun the AVG scan on the USB drive, just to be on the safe side.
Virus and malware makers will continue making our lives more and more difficult. Time spent fixing the problem could have been spent on something more worthwhile. I just hope I can keep up with finding solutions to more sophisticated attacks.
No comments:
Post a Comment