As the use of flash drives have increased so has increased the spreading of many viruses, trojans. Use of many popular Virus Scanners such as Norton Antivirus, NOD32, Kaspersky, Bit defender or any another software wont help you much.

I say “None of antivirus softwares available today is as great as you are, you have the ability to remove virus with your own hands. The only thing is that you dont know how”

Following steps will empower you to remove any virus that affects your PC( WIndows XP Professional)

Following guide will show you how to make sure that Autoplay/Autorun is disabled for all devices on your computer.This will work only on Windows XP professional, to work this out on a Win XP home you will have to edit registry( will show you in a later post)

1. Click Start > Run

2. Type “gpedit.msc”

3. Computer Configuration > Click “Administrative Templates” > Click “System” > Double-Click “Turn off Autoplay”

4. Setting tab > Check “Enabled” > Select “All drives” from the drop down menu > Apply > Ok

There 4 easy steps to making sure that Autoplay (Autorun) is disabled on all your drives including the USB. That would remove the ability of people to insert a USB drive and automatically run a .exe on your computer by using a *.inf file.

The last thing that you can do to protect yourself is to make sure that you have “Hide extensions for known file types”. This will help you from accidentally clicking on a file that is on a USB drive that looks like it is safe to look at, but is not really. This is one aspect of social engineering that is dependent on the user to make the right decision.

Many criminals will try to mask the presence of a malicious file by adding on .exe to the end of a common file type. For instance .doc.exe or .xls.exe or .jpg.exe would be some examples. The file that you click on is not what you expect it to be rather a virus or a program used to compromise your system. Most anti-virus programs will catch this file after you execute it, but to be on the safe side it is best not to click on it in the first place.

Open a local folder in Windows Explorer (not IE) like My Documents > Click Tools > Click Folder Options > Click “View” Tab > Uncheck “Hide extensions for known file types

Once you have reached step you can easily remove(delete) virus from your pendrive using the helpful MSDOS Command Prompt

1. Click Start–> Run

2. Using My Computer locate the drive letter on which your removable drive is mounted on.

My USB drives get mounted on G drive.This may be different on your PC.

3. when the command prompt appears type G:

4. when the prompt changes to G:

search for hidden, system files since most of the virus replicate while being hidden

type DIR /ah

this will put forward a list of hidden and system files

5. Now if there would be any virus present you can easily view them. They can be of many names and would have varieties of extensions. Sometimes even RECYCLER contains virus.

6. These hidden system files cannot be deleted by using the simple del command and you would end up getting an access denied response.

7. In order to delete these files first we will have to change their attributes.

syntax:

attrib -h -r -s <filename>

example :

attrib -h -r -s autorun.inf

8. These files can now be easily deleted

simply type

DEL filename

example

del autorun.inf

9. Directories such as Recycler can be also deleted with ease in a single line

del /s Recycler

The above was a method to delete and remove virus from a removable drive such as a USB stick.Now you can easily remove viruses like autorun.inf, New Folder.exe, amvo.exe or its various forms amvo.dll, isetup.exe,kinza.exe,knight.exe and many others

Further I will also update and show you how to remove virus through command prompt from an already infected system.

Please feel free to comment and ask questions