Top Tip! How to remove Virus from USB Drives
One of the ways by which a virus can infect your PC is through USB/Pen drives. Common viruses such as ’Ravmon’ , ‘New Folder.exe’, ‘Orkut is banned’ etc are spreading through USB drives. Most anti virus programs are unable to detect them and even if they do, in most cases they are unable to delete the file, only quarantine it. Here are the things which you can do if you want to remove such viruses from your USB drives
Whenever you plug a USB drive in your system, a window will appear similar to the one shown below
Don’t click on Ok , just choose ‘Cancel’. Open the Command Prompt by typing ‘cmd‘ in the run box. In the command prompt type the drive letter: and press enter . Now type dir /w/a and press enter.
This will display a list of the files in the pen drive. Check whether the following files are there or not
- Autorun.inf
- Ravmon.exe
- New Folder.exe
- svchost.exe
- Heap41a
- or any other exe file which may be suspicious.
If any of the above files are there, then probably the USB drive is infected. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious. To be on a safer side, just scan the USB drive with an anti virus program to check whether it is free of virus or not. Now remove the drive and plug it again. In most of the cases, the real culprit turns out to be the “Autorun.inf” file which mostly gets executed when someone clicks Ok in the dialog window which appears above. Thus the infections can spread
Security Tip
Disable the Autoplay feature of USB drives. If you disable the Autoplay feature of USB drives, then there are lesser chances of the virus spreading. A tool which can perform such a function is Tweak UI. Download it from here install it.
Run the program. Now you can disable the Autoplay feature of the removable drives as shown above. By following the above steps, you can keep your USB drives clean. If there are any other methods which you use, then share it with me through comments.
a Tip, when changing the attributed of these units, make sure to run the attrib -r -a -s -h also in uppercase, e.g. attrib -R -A -S -H this will reveal more files…
is this applicable with virus – RECYCLER?
I have a similar virus although in my case the autorun.inf can’t be opened or removed. Windows says it’s in use. Also the first time it appeared I couldn0t find any executable but I noticed a executable process runing with the name of my login. THE ONLY WAY TO REMOVE IT WAS strart the pc in safe mode typing start->run-> msconfig and looking for unknown starting processes in my case fernando.exe wich was my username. After searching for it I found it in my user folder (Documents and Settings\Fernando) I had to remove the option “hide windows protected files” option available in windows explorer menu tools and folder options. Then I deleted autorun.inf from the pen along with another copy of the virus found in recycler folder. If you have any doubts contact me adelinojoc@iol.pt
Thanks guys you really saved me a massive head ache
Really a good article. My pen drive was infected with some virus and was not allowing to format it. I used the free version of AVG to scan it and now the drive is working fine.
Thanks for the post.
Regards,
Abhishek
Rishikesh
[...] follow info on each page The last link has an app that you can run to remove it through software How to remove Virus from USB Drives Autorun Virus Removal – How to Remove Autorun Virus in Minutes | Raitucarp Magazine Autorun Virus [...]
Hello Folks!!
Finally!!
I have get the useful software to prevent from Autorun.inf infected to you USB or you system.
The software is called GEEKZ Virus Remover.
This software can block Autorun and remove Autorun.inf from your USB
or your system.
This system has been tested by myself, and it works on Windows Xp.
~Sorry, I did not test yet on Vista or other Windows~
Here’s the link to download this software.
http://www.mediafire.com/download.php?kwjdmzmlo2j
Happy Trying!!
Any problem, please post your problem at my email..
> hazim93_zim@hotmail.com
> sonic_underground2@yahoo.com
~Please do not spam~
Hello,
I tried the windows version of it which is in the comments, and it worked fine. Thanks a lot.
Nan
I personally use USB Threat Defender. They claim that it has a unique technology(Proactive + Definiton scan) which not only prevents USB viruses from spreading but also detects and removes exisitng viruses from systems which not even the best Anti-Viruses can detect. It also fixes damages done to system.
Disabling AutoRun or using a AutorunVirus remover wont help
Read here: http://www.arzoosoft.com/usbthreats.html
All my office computers have this insatlled and it does a great job.
I recommend this to everyone for home and office.
http://www.arzoosoft.com/utdefender.html
naevius usb antivirus deletes usb-pen viruses:)
To Rajpal Chouhan,
I think the virus use a special character to make it hard to delete. When you say of space between ‘New’ and ‘Folder’ command window is unable to recognize and execute it. Maybe you try this one ‘H :\>Del NewAlt+255Folder.exe’ Alt+255 is a special character it looks like a space.
Thanks Mark, I’ll try it..
The GVR works fine to me..
But I wanna my computer become safer..
You all know that virus nowadays become modern, till hard to remove it..
Yikes I hate that!!
It was very helpful. Now my USB is cured and I can plug it on my computer comfortably. Thanks.
This was invaluable information, after I got a virus on my usb stick which I used to help clear a virus from their computer I was almost going to re-format it but the clear and helpful advice you posted was just what I needed.
Thank you for sharing
will this remove only the virus or all the files in the usb?
One more thing about re-formating pc..
Do not make backup on your file that infected with virus or other spyware/adware/trojan..
This will cause your pc getting crash again after re-format pc and use the backup one.
If you want your pc become more safe, I suggest you use Avira AntiVir.
This anti virus will delete all trojan/spyware/adware or virus..
Some anti virus did not detect some program as trojan or spyware..
I have a program patch that Avira will detect as Trojan but other anti virus did not detect it.. I’ve already try it with AVG and Kapersky.
I need more information about computing.. If anybody can teach me some,
please tell me okay..
Here’s my email, if you volunteer want to teach me..
hazim93_zim@hotmail.com
Thank you if you help me..
how can i remove iostream.exe and autorun.inf virus pleas help me my usb has it virus
everytime i use a pc its always reboot after i insert my USb. huhuhuhu please help me i tried these tips but nothing happen the file i wanted to delete is still there i use command prompt and avg antivitus even prevx pls HELP ME ASAP….. tnx
It was very helpful. Now my USB is cured and I can plug it on my computer comfortably.
Hi
please provide tips for removing virus from laptop in windows xp
due to virus my lappe is very slow
hi, where can I find the “comand prompt” by typing ‘cmd’? I cannot proceed to the instruction becuase I don’t know ehere I am going to start. I got “win32 usb service” in my usb and it hidden some of the siles that stored there. Please help me. thanks
hi, where can I find the “comand prompt” by typing ‘cmd’? I cannot proceed to the instruction because I don’t know where I am going to start. I got “win32 usb service” in my usb and it hidden some of the files that stored there. Please help me. thanks
Sorry for the inconviniece, I didn’t able to type the words correctyl but sure you can understand the message… I tried to correct the words but it has been detected by the server and avoided it to accept.
=====================================================================
Disadvantage of using AVG Anti virus & AVG Internet Security
–>If your pc RAM is lower than 512Mb<–
¤ Slow startup run
¤ Slow loading files/folders
¤ Scanning too long [about 1hr 30min ~ 3hr]
If you want AVG Internet Security full [plus 3 choices]
• Internet Security + Firewall
• Anti Virus + Firewall
• E-mail.. (I don’t know what it named) + Firewall
I can give you. [Full license 28/02/2018]
But I need some time for uploading the installer..
=====================================================================
Disadvantage of using Kapersky Internet Security
¤ Slow starting application
¤ Slow loading installer [sometimes can hanging about 1min]
=====================================================================
Disadvantage of using Avira AntiVir (any type of Avira)
¤ Some program will detect as Trojan/Ad-ware.
*Solution if want run detected program*
1. Close Avira Guard
2. Run the program
3. After done, close the program
4. Open Avira Guard.
*Do not leave Avira Guard close for too long, this will cause Avira will not work anymore if not open back Guard..
You will need re-install back if this happens*
=====================================================================
What I write is based on my experience..
I just wanna share my experience at here…
Sorry cause my text out of this topic..
Anyway, if want AVG please contact me..
•hazim93_zim@hotmail.com
Those who are using GEEKZ Virus Remover (GVR),
thanks for using!
try to install linex in your system and then remove the virus from the commond prompt .
http://www.freeutube.org – donot open it .
Hi
This is kamalakar from hyderabad i am getting the problem from USB/PEN DRIVE how to remove from pen drive virus aotometically with out scaning (R) it should not to dectect the pendrive when in this virus why means some of virus R giving me a so probleam i am formating mine pc number of times to this type of problems plz help me
my pendrive viruses are not remove as according to your method. the wiondow of run is rapidly closed when i enter the command also when command is enter then it not remove viruse please help me.
Hi all ,
Microsoft released patch to prevent this virus :
Apply to your PCS ..
http://tec-updates.blogspot.com/2009/09/autorun-virus-fix-microsoft-patch.html
Thanks for the tip
which antivirus is best to remove viruses from USB derives.
man ur the best ive been trying to delete the virus i cant beleive it man yo it had all my saves and reports and every thing how r u so smart bro?
gosh… it doesn’t work!!!!
i Wont to format my flash but windows dont want to. He said “Please insert a drive into Removable disk (G:)” He is also hidden, he also dont want open. Can you please help me!!
MY COMPUTER DRIVE DOES NOT SHOW ANY VIRUS WHEN I USED THE ABOVE TIP. BUT WHEN I USE NERO TO WRITE ANY CD FROM MY COMPUTER OR USB DRIVE. IT SHOWS THE ozwze.exe & autorun.inf VIRUSES IN MY DRIVES. BUT WHEN I RUN MY COMMAND PROMPT USED EACH AND EVERY STEP MENTIONED ABOVE BUT DOES NOT WORK AT ALL OR WHEN I OPENED ANY DRIVE IN MY COMPUTER IT DOES NOT SHOW THAT VIRUSES, BUT I HAVE SEEN IN HIDDEN FILES, THE SAME PROBLEM.
WHEN I INSTALL ANTIVIR ANTIVIRUS IN MY COMPUTER IT SHOWS ONE ERROR C:/DOCUMENT & SETTINGS/MANOJ K/LOCAL/TEMP/SETUP.EXE NOT FOUND.
dear guys in web.
I had logged in to your website short while ago it was very marvelous and handled easy too, i would like to deliver my comments via on this web in the near future.
Thank you……………………….
as soon as I try to delete regsvr.exe , I get a little window message down the bottom in the taskbar saying “cmd.exe – Corrupt File – the file or directory \regsvr.exe is corrupt and unreadable, Please run Chkdsk utility.”
So whats that ?
How do you know which ones are the viruses after you have entered the command attrib -r -a -s -h . Please tell me
Hello
Can u please give me some idea about how to remove README.txt virus from my pendrive which is still coming after deleting the file from command prompt…
please give me suggestions.
help me to remove the bitch “Autorun.inf” on my USB please….
thank you
please give me a new steps in removing Autorun.inf on my USB 4g, b’coz those step above is not working.Still the Autorun.inf is there.If I open my USB the Autorun.inf and then like a buble it will gone then it will come back…..HELP….
Thanks!!!
Your software worked great!
God bless u!
Thanks. very Nice Post.
Good new I have developed a USB anti-virus. It scan your whole USB stick when it is inserted into your PC. I named it USvIrus Scan. It has his own AV scanner from a2squared emsisoft company and a USB detector.
USB detector works when your USB stick is inserted and call the AV scanner to scan your USB.
This is not just like other USB anti-virus that scan only in the root of your USB stick. This anti-virus scans folder and sub folder that was stored in your USB stick. Because now a days viruses infect also the folders and subfolders.
This anti-virus can scan also your whole computer and have a Virus Signature updates from emsisoft virus signature server. What I mean is this anti-virus needs to be updated just like professional anti-virus do.
I am testing it now but I’ve not shown it yet to the public because it is under observation for the license to activate once it is expired. Because I am making this program as a shareware.
thanks for the tips bro!
if the pen drive is infected with autorun virus then we cant format it,
by running the sysytem in safe mode we can easily format the pen drive.
Tips of removing autorun.inf using command prompt. Other option than safe mode.
1. You must make sure that your computer is not infected. “If infected you must kil the virus process in task manager if you can find it or else your removal plan of autorun or virus in your pen is useless.” Finding virus process is really hard to do if the task manager is block or your a newbei doing this. The other option scan your pen in any anti-virus that is updated to the latest virus signature.
2. Click start select Run.
3. In run windows type in CMD. ” a command prompt will appear.”
4. Locate your pen drive letter. The command prompt window will appear with default folder destination.
For Ex: C:\Documents and Settings\Bluserver> “this is the default of my computer”
5. Just type in the letter of your pen drive assign by your computer followed by a colon.
So it’s look like this if my pen drive letter is E “C:\Documents and Settings\Bluserver>E:” then enter.
The effect of this is the dos prompt goes to drive E and it look like this “E:\>” this means that you are in your pen drive.
6. Mostly autorun.inf is place in the root in your pen drive. So E:\> is the root. Just type in under the root prompt of your pen drive “attrib -r -h -s then the autorun.inf file” this will change the file attrib from hidden to unhidden. -r read -h hidden -s system.
So it’s gonna be look like this “E:\>attrib -r -h -s autorun.inf” then enter.
If you went right autorun.inf will be showed up but not yet. Don’t open your pen yet because you haven’t delete the autorun.inf.
7. So all you have to do is type in erase or del autorun.inf” It will be like this “E:\>erase autorun.inf” then enter.
So you’re done you can now exit command prompt. But you cannot open your pen because explorer cannot find the autorun.inf all you have to do is to eject your pen and insert it again. So that’s it.
This is just how to remove autorun.inf this is not how to remove virus from pen. There are steps to remove virus from a pen.
AUTORUN.INF is not a virus it’s an information file which locate a specific program scripted on it. A real autorun.inf is it’s script written inside is readable. The fake autorun.inf is which those EXE converted as INF which the script inside is unreadble and hard to understand.
Sorry for the bad english hope all of you guys understand it. ^_^
[...] remover. providing a link below which can be used in normal drives also to remove issues. How to remove Virus from USB Drives COMPUTER TRICKS: How to remove Virus from USB Drives __________________ Njan Avan Thanne, [...]
Yet another way of removing virus files from USB pen drives -
If you have access to a Linux computer put the infected drive in and you will see the virus files, even those invisible to Windows. Delete them. Some may be read-only but you can change this with the properties/permissions dialogue.
Yup another option is using linux. Windows Virus can’t run linux except if the virus design for linux.
Thank You Thank You Thank You~!
It totally worked and my flashdrive is clear! I wish I could hug you. lol
Thanks a lot man.
Hi there,
I am not convinced by the solution that you have given, because I tried the above mentioned steps and even then I could not remove autorun.inf. Actually I have got an .exe file called dsncb.exe, that gets executed every time.After following the steps as told by you, if I again try to open the autorun.inf file, it just pops up. It is reappearing….
Please help me to get rid of this problem.
Thanks Bye….
You can’t because the virus infect your PC. Once the virus infect your PC the above instruction is useless. You must kill the virus running inside your PC before removing your autorun.inf and virus in your pen. Because removing autorun.inf and virus in your pen while the virus is running in your PC is not possible. The virus well back and back again it loop itself base in the virus script. Now my question is do you know how to kill the virus running inside your PC? Once the virus is accidentally run by user it infect automatically in your PC. If you don’t know how to kill it manually the best option to kill the virus inside your PC is to update your anti-virus and scan it. “Un-updated anti-virus is useless..”