By using our site, you agree to our cookie policy. Cookie Settings. Learn why people trust wikiHow. Download Article Explore this Article methods. Tips and Warnings. Related Articles. Method 1. Open command prompt. Go to Windows, then Run, and type "cmd". Press enter. Repeat the same process with other drives, type "d: " and do the same thing.
Then next "e:" and restart your computer. Restart your computer and it's done. Enjoy the freedom to open hard drives on a double click. Method 2. Go to any folder. A window pops up after you click on folder options. In that window go to View tab and select the option Show hidden files and folders. Now un-check the option Hide protected Operating system files.
Click "OK". Now open your drives By right click and select Explore. Don't double click! Delete autorun. Now open the group policy editor by typing gpedit. A system configuration utility dialogue will open. Note: This article is intended to illustrate how malware can be identified on a home laptop or PC. For identifying and removing malware within an organization your Incident Response plan should be followed.
Autoruns is a Microsoft tool that identifies software configured to run when a device is booted, or a user logs into their account. Legitimate software will often launch when a machine is powered on — Outlook is a prime example as users checking their email is often the first thing people do when logging onto their device.
If a device has been compromised, then any installed malware will also need to be able to survive a reboot. Once a machine is powered down, the malware needs a mechanism to continue running on the device. To do this, it can make use of many legitimate Windows features that allow the software to launch at boot. In the image below, we can see that Autoruns is made up of multiple tabs that each contain data regarding an autostart mechanism. The Logon tab displays information for standard startup locations for all users on the device.
This includes program startup locations and also relevant run keys. Scheduled Tasks displays tasks that are configured to start at boot or login and is a common technique used by various malware families. The Services tab displays all Windows services that are scheduled to run automatically when a device boots. The Drivers tab in Autoruns displays all registered drivers on the device except the ones which have been disabled.
Image Hijacks are quite sneaky in that the Windows registry has a key to launch a certain process but instead is redirected to launch a different malicious process. The Boot Execute tab displays startup locations that are associated with the session manager subsystem smss. Known DLLs in Windows are kernel Winlogon is used when a user logs into a Windows device.
This tab displays DLLs that register for notifications of Winlogon events. The Winsock Providers tab shows registered Winsock protocols. But, they can help in avoiding disasters from happening. If you are already facing Windows data loss problems, we highly recommend using a third-party tool and the best one suggested by IT professionals is Kernel for Windows Data Recovery.
Windows 10 systems enabled with AutoPlay or AutoRun feature are vulnerable to malware attacks that cause data losses and corruption if a USB drive containing malicious program is inserted to your computer even if it is locked. So, always turn off the default Windows AutoPlay settings to keep your computer and your crucial data safe and secure.
Your email address will not be published. Home Products Offers Contact. Pooja Chaudhary Updated On - 11 Jun Sean says:. May 24, at
0コメント