How to Remove the Pendrive Virus
The pen drive virus is a type of Trojan horse that infects a computer via a "pen," flash or other removable drive. These Trojans typically create multiple files on the infected hard drive that are stored within legitimate files and folder names. In addition, files will begin to randomly appear and disappear for no apparent reason. The following steps will assist in the detection, removal and prevention of the pen drive virus.
Other People Are Reading
Instructions
-
-
1
Insert your pen drive into one of the available USB outlets on your computer. If a program dialog box displays, select "cancel." Do not double-click on the drive icon to open the drive.
-
2
Double-click on the "My Computer" icon on the desktop. Select "Tools," "Folder Options" and "View" from the menu bar. Make sure that the radio button next to "Show hidden files and folders" is selected. Uncheck the box next to "Hide extensions for known files." Uncheck the box for "Hide protected operating system files (Recommended)." If a warning message displays, click "OK." Click "Apply" and "OK" to save all changes.
-
-
3
Verify the drive letter that represents your USB or pen drive. For example, if the drive displays as Kingston (M:), the drive letter would be "M".
-
4
Click on "Start," "Run"; type "cmd" and press "Enter" to open the command prompt window.
-
5
Type the drive letter, for example, "M" followed by a colon (":"), and press "Enter" at the command prompt to open the root directory of the drive.
-
6
Type "dir/w/o/a/p" and press "Enter" to display a list of files and folders present on the flash drive. Note the existence of any of the following in particular:
Autorun.inf
New Folder.exe
Bha.vbs
Iexplore.vbs
Info.exe
New_Folder.exe
Ravmon.exe
RVHost.exe
svchost.exe
Heap41a
Any miscellaneous file name with an .exe extension
Any unfamiliar files -
7
Unprotect the files to enable deletion. From the command prompt, type "attrib -h -r -s autorun.inf" and press "Enter."
-
8
Repeat Step 7 for each of the files identified in Step 6.
-
9
Delete each of the files that have been unprotected by typing "del", pressing the space bar and typing the file name, for example, "del autorun.inf".
-
10
Type "exit" and press "Enter" to return to the Windows operating system. Your USB flash drive is now virus free.
-
1
Tips & Warnings
These viruses duplicate and copy themselves to different locations and folders that may use legitimate file and folder names. DO NOT double-click on these folders or any programs they launch.
Manual removal of pen drive viruses may be difficult, as the removal process requires knowledge of the operating system command prompt. In addition, different versions of this malware rename and relocate various file components. If not performed properly, your computer system might experience permanent damage. Consequently, manual removal might be best for experienced users. Less experienced users might want to consider using an automatic spyware removal application such as that offered by Trend Micro.
