How to remove Virus from USB Drives
One of the ways by which a virus can infect your PC is through USB/Pen drives. Common viruses such as ’Ravmon’ , ‘New Folder.exe’, ‘Orkut is banned’ etc are spreading through USB drives. Most anti virus programs are unable to detect them and even if they do, in most cases they are unable to delete the file, only quarantine it. Here are the things which you can do if you want to remove such viruses from your USB drives
Whenever you plug a USB drive in your system, a window will appear similar to the one shown below
Don’t click on Ok , just choose ‘Cancel’. Open the Command Prompt by typing ‘cmd‘ in the run box. In the command prompt type the drive letter: and press enter . Now type dir /w/a and press enter.
This will display a list of the files in the pen drive. Check whether the following files are there or not
- Autorun.inf
- Ravmon.exe
- New Folder.exe
- svchost.exe
- Heap41a
- or any other exe file which may be suspicious.
If any of the above files are there, then probably the USB drive is infected. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious. To be on a safer side, just scan the USB drive with an anti virus program to check whether it is free of virus or not. Now remove the drive and plug it again. In most of the cases, the real culprit turns out to be the “Autorun.inf” file which mostly gets executed when someone clicks Ok in the dialog window which appears above. Thus the infections can spread
Security Tip
Disable the Autoplay feature of USB drives. If you disable the Autoplay feature of USB drives, then there are lesser chances of the virus spreading. A tool which can perform such a function is Tweak UI. Download it from here install it.
Run the program. Now you can disable the Autoplay feature of the removable drives as shown above. By following the above steps, you can keep your USB drives clean. If there are any other methods which you use, then share it with me through comments.
http://www.techtola.com/2008/01/ways-to-prevent-70-virus-malware.html
Check out software restriction policy in that post…
You can prevent many viruses
PLease PLease give me ur comments to improve that article
http://www.techtola.com/2008/01/ways-to-prevent-70-virus-malware.html
Check out software restriction policy in that post…
You can prevent many viruses
Please give me ur comments to improve that article
Good morning,
1. Thank you for sharing your experience with us. We removed RavMonE.exe from my usb flashdrive. We followed the steps you’ve mention and it works. Thank You for sharing your inputs to us.
2. I still have one (1) usb left 4gb. I’m sure that there are virus in it, because the computer cannot detect my 4gb usb but i can see or it is appearing on my computer. I followed the tip you’ve mention. I opened start button, then go to “RUN” and type CMD. After that i changed the drive to my flashdrive, but the computer cannot detect my flashdrive (“cmd.exe – no disk”). How can I open my flashdrive? Please help me to remove the virus? Kindly email me the steps on how my computer can detect my usb flashdrive. (TAKE NOTE THAT, I CAN SEE “REMOVABLE DISK” ON MY COMPUTER, BUT THE COMPUTER WILL SAY “PLEASE INSERT DISK ON DRIVE D:”
Please help me. Thank You very much in advance!
hey man
my usb drive was infected with some unknown virus
i scanned it with updated antivirus softwareS but no result
than i searched on google and found ur post
i did ur trick and still cant belive it was gone
amazing U
amazing ur TRICK
thanx a lot
the suspicious names were
fotoku.exe
tikno.exe
and plenty of them were there
i had the same problem like u
u shd try this
insert ur pen drive
press cancel when asked for autorun (as madhur said)
click on safety remove to open the SAFETY REMOVE box
now dont remove pen drive
go to it select the bad files (fotoku astry etc)
shift+delete
u r done
try n reply
i am having a pen drive after some time it again appears earlier it was empty but two days ago i found there were two folders named application and love when i delected those files it was deleted but after 3or 4 seconds it again appeared i formatted my pen drive but still it is showing those two files help me out gettin rid of those two files plzzzzzz and yes thanx in advance
@karthik
Thanks, will try that too
@rajat
Try the above mentioned steps in Safe mode and definitely remove the Autorun.inf file
see madhur ihave tried what u hav suggested
evrything worked but at the fianl stage i.e. at deleting for example:”if i type del newfolder.exe” it gives me a back answer saying cannot find new…
and i hav another problem too
i hav an net connecion and whenever i download any file from IE the download box appears but the download does not start
and
any change i make in my pc gets reseted by itself
pleaseeee help me
see madhur ihave tried what u hav suggested
evrything worked but at the fianl stage i.e. at deleting for example:”if i type del newfolder.exe” it gives me a back answer saying cannot find new…
and i hav another problem too
i hav an net connecion and whenever i download any file from IE the download box appears but the download does not start
and
any change i make in my pc gets reseted by itself
pleaseeee help me
[...] How to remove Virus from USB Drives by Madhur. [...]