Transforming your FM to a U3 one!

[Google]

Quote:

Originally Posted by MARX 92

thanks alot man, bas ba3ed ma jarrabta coz im having some troubles in my flash, coz la2ta shi 10000000000000000000000000000000000000000000000000 000000000000000000000000000000 virus

You can simply delete these viruses using CMD.
I can put a tutorial for this if you want.

[Sogelec]

Quote:

Originally Posted by 454447415244

You can simply delete these viruses using CMD.
I can put a tutorial for this if you want.

Let It Be Ur Next Tutorial

[MARX ®]

Quote:

Originally Posted by 454447415244

You can simply delete these viruses using CMD.
I can put a tutorial for this if you want.

eh please, and i'll be very thankful man,

by the way i liked alllll of your tutorials and actually i wait for them, also i have a question, one of the computers i use at home has tons of such usb viruses, so each time i plug in my flash drive, a batch file is saved on it (or something similar, i dont know exactly) so what should i do??

[Tawa]

Quote:

Originally Posted by 454447415244

I don't want to talk now if this may or may not be done with a virus, but for now I didn't face such a virus...
Are you sure that this virus infected your U3 without even opening it?!
can you give the name of this virus so i can study it and test it?

In A Week!!!, I understand that Kaspersky accidently found it when it was scaning the pc after a week, but i don't understand that it took Kaspersky a week to disinfect it

I always keep the anti-virus off on my pc, I don't use it...
I installed recently Kaspersky 8.0 Beta (8.0.0.219) but it has many bugs and problems so i uninstalled it, i have no anti-virus right now on my pc

I Really Don't Remember But It Created A File Called 80avp80.com, Or Something Like That

[Google]

Ok guys, so let's begin the second tutorial and this time it is on how to DELETE viruses with CMD without using an anti-virus.

There are 2 cases:
1-The first case is where the pc is not infected with viruses.
2-The second case is where the pc is infected with viruses.

The second case is more complicated because we have to make sure that the flash memory cleaned at the moment will not be infected again after a second because of the virus checking routine (It is a waste of time, we are turning around the goal without reaching it...)

The true solution is:
1-kill the explorer.exe process by the task manager.
2-FILE=>RUN=>CMD (from the task manager windows)
3-Jump to the flash memory drive by writing the drive letter followed by ':' example:'G:'
After we wrote this and pressed 'Enter', we now gained access to the flash memory in DOS environment.
4-Type 'ATTRIB' and press enter to see the files in the memory drive.
We will see something similar to this:

G:\>attrib
A SHR G:\autorun.inf
A H G:\DOCUMENT.doc
A G:\game.exe
A SHR G:\game1.exe
A SHR G:\MS32DLL.dll.vbs
A G:\SONG1.MP3
A G:\SONG2.MP3
A G:\SONG3.MP3
A SH G:\xxx.com

How do we know which files are the viruses or for the viruses?

A = Archive file
S = System file
H = Hidden file
R = Read-only file

The viruses usually are those files of attributes 'S'|'H'|'SH'|'SR'|'SHR'
The programmer of the virus use these attributes to make his files unseen and can't be edited by the victim.
Lets's take the example above, there are 3 files we are going to delete:
-autorun.inf
-MS32DLL.dll.vbs
-xxx.com

There are 3 mp3 files and 1 document that can't be a virus.
Suppose that we made the file DOCUMENT.doc hidden because it contains secret information we don't want to show.
Suppose that we have a game called game.exe
Suppose that we have a game called game1.exe that we made its attributes be SHR because of a certain reason...
What i'm pointing here is that not every file of attributes 'S'|'H'|'SH'|'SR'|'SHR' is certainly a virus! , so we should know well what are our files on the flash memory...
5-Now we want to delete the 3 files listed above, we type:

ATTRIB -S -R -H FILE_NAME
DEL FILE_NAME

We can't just type 'DEL FILE_NAME' because the file we are going to delete is either System file or Hidden file or both so the DOS won't find them to delete them...
The command 'ATTRIB -S -R -H FILE_NAME' will erase the SHR attribute so the virus will be naked and ready to be destroyed by the DEL command!

Note:
ATTRIB -S -R -H FILE_NAME ( for SHR )
ATTRIB -S -R FILE_NAME ( for SR )
ATTRIB -S -H FILE_NAME ( for SH )
ATTRIB -S FILE_NAME ( for S )
ATTRIB -R -H FILE_NAME ( for HR )
ATTRIB -H FILE_NAME ( for H )
ATTRIB -R FILE_NAME ( for R )
We should respect the order ( S => R => H )

6-After we finished deleting all the 3 files we type again ATTRIB to check if everything is going well and we didn't forget something...
7-We close the CMD and we run the explorer.exe again (FILE=>RUN=>explorer.exe [from the task manager windows])
Now,if the pc is infected with viruses we don't open the flash memory drive and destroy all what we have done before.In case we want to use the flash memory we can use it from CMD and do whatever we want.
if the pc is not infected with viruses then we can go blindly and open it without any fear.

Some tips:
1-We can use these techniques on our pc drives to disinfect it from viruses, but be carefull when checking in the windows directory and don't delete needed files!
2-use the 'Tab' key as a shortcut when dealing with files names in DOS.

That's all guys, I hope you enjoyed this tutorial...
Any question?
...