Be quick on how to prevent viruses on your USB Drives

Somebody commented in this blog to post an article about on how to git rid or prevent viruses on their USB drives. This is also for those who suffered for such inconveniences. So let us be quick and be aware in using our flash drives especially if you are using it in public computers such as internet cafés and public libraries. One of the best ways to be secure is by preventing your flash drive be infected with annoying viruses. One of the possibilities by which a virus can as well infect your PC is through USB drives.

There are common viruses such as Ravmon, New Folder.exe, and etcetera are spreading through USB drives. Sometimes most of the antivirus programs are incapable in detecting them and if they do, they are unable to delete the file, it is being quarantined. Below are the things in which you can get something done if you want to remove such viruses from your USB drives before it can infect your PC.

Each time you plug a USB drive in a computer system, a window will appear similar to the one shown below.

 
Never click on Ok, please select Cancel. Launch the command prompt by typing ‘cmd‘ in the run box. In the command prompt type the drive letter: and press enter. (Note: You can check the drive assignment of your USB drive in your windows explorer by double clicking My Computer icon in the desktop). Now type dir /ah, and press enter.

This will display lists of all hidden files in the pen drive but are not limited to the ones listed below. The folder N series is my personal folder I just hide.

Check whether the following files are present

  - Autorun.inf

  - Ravmon.exe

  - New Folder.exe

   - scvhost.exe

   - or any other .exe, .ini, .inf, .dll, .reg, .bat, .vbs files which may be suspicious.

If any of the above files are present, then probably the USB drive is infected. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and Hidden file attributes from all the files. You can hide your desired folder or file later or if you want you can unhide the attributes of the files listed above by specifying the folder or file you want to unhide. We will use scvhost.exe as an example. Type Attrib -r –a –s –h scvhost.exe and press enter. Now just delete the files using the command del filename. Example del scvhost.exe. Delete all the files that are suspicious.

Being preventive is to scan the USB drive with an anti virus program to check whether it is free of virus or not. Now remove the drive and plug it again. Most often, the real reason turns out to be the “Autorun.inf” file which mostly gets executed when someone clicks Ok in the dialog window which appears above. Thus the infections can spread.

Disable the Autoplay feature of USB drives. If you disable the Autoplay feature od USB drives, then there are lesser chances of the virus to spread out. Refer to this guide on how to disable it.