Instructions to detect and delete EXE folder viruses. This virus has an extension of .exe corresponding to the folder name in the drive.

For example if a folder has subfolder called as exam there will be an equivalent exam.exe existing too.

In the windows explorer, these exe files will appear as an folder and user is tricked onto click them hence helping it spread to the host machine.

Well, there comes the solution.(OK its for the privileged, but try finding a linux machine in the vicinity, well even Osx for that matter!)

Open a terminal (Usually gnome-terminal or konsole (kde).

* Proceed to the mount location of the usb drive.
$ cd /media/disk

* Look for exe files which have the file size 496
$ find -i iname “*.exe” | xargs -i du {} | grep 496

* Now if you have a listing, do confirm if they resemble the folder names.

* Now proceed to delete them without mercy. Actually a good idea will be to move
them all to a single folder instead of deleting them.
$mkdir /media/disk/quarantine

$ find -i iname “*.exe” | xargs -i du {} | grep 496 | cut -f 2 | xargs -i mv {} /media/disk/quarantine

* Now after verifying that all those exe’s are the culprits, u can purge them all.

Simillarly look for Autorun.inf in the root folder of the drive. Read the contents, most probably it will be a virus file to initiate a trigger .exe