Flashdrive infections

As I live in the South East Asia region, I notice that there are thousands of variants of flash drive infections.

In a nutshell, these infections spread through flashdrives, Ipods, 

external hardrives, digicams etc. --Basically, any removable drive could get infected.

Once an infected flashdrive is inserted in the pc's usb port, the pc itself is immediately infected and any other removable drives inserted in the infected machine becomes infected too. That's what's so annoying with these. When you disinfect, you need to disinfect both at the same time or you risk re-infection. Moreover, most of these flashdrive infections tend to add some restrictive policies like disabling your registry, disabling folder options and more.

One sign that the machine is infected is that when a user tries to double click the removable drive through windows explorer, error messages like "Can't find ??.vbs" "G:\ is not accessible" etc. Also, the presence of a file called autorun.inf in the root directory of every partition the system has shows that the machine is infected. 

How to clean the infection or at least add preventive measures to your machine?

Well, a known Security Expert built this tool to clean some variants or at least add some preventive measures so the machine doesn't get infected when a infected flashdrive is inserted.

The following tool basically cleans some of these flashdrive infection variants and it adds a certain policy in the system. This policy is the "Nodrivetypeautorun" policy which stops the machine from autplaying inserted removable drives. Therefore, if autoplay is disabled, infection is not possible. It also fixes some "bad" policies that are added by some flashdrive infections.

At the end of the run, you may also notice autorun.inf folders in the root of your partitions. This is so that you can prevent future flashdrive infections in that machine.

Tool: Flash_Disinfector