Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Malware Analysis
Cleaning an infected USB flash-drive
Message
<blockquote data-quote="TheMalwareMaster" data-source="post: 815884" data-attributes="member: 47679"><p>Yeah, I noticed the latest Mcshield database update was of 2016, but it basically worked and removed some residual lnk files (maybe the worm was old). Just remove any lnk file on your pendrive and you are ok. Then, the worm was already cleaned by Windows Defender so there was not much work to do, and I had autorun and windows script host disabled on that machine using a registry tweak.</p><p>Here you have a guide with all the steps</p><p>[URL unfurl="true"]https://promotionaldrives.com/blog/how-to-get-rid-virus-usb/amp[/URL]</p><p>Do you know other alternatives? I will take a look at USBFix.</p><p>In any case, it's not recommended to insert again a flash drive in a windows computer (if you aren't 100% sure that the worm was already cleaned by an AV), as it may get infected. Just use a linux machine or live ISO.</p><p>In my case, I was almost sure the infection was gone (as it was), but in any case I had autorun and windows script host disabled, as well as Vodooshield realtime, MCshield and other second opinion scanners realtime (Zemana and Malwarebytes), which were installed just to check the USB and then removed. So in case the malware was still present, there was no risk of infection (especially because of autorun and windows script host disabled)</p></blockquote><p></p>
[QUOTE="TheMalwareMaster, post: 815884, member: 47679"] Yeah, I noticed the latest Mcshield database update was of 2016, but it basically worked and removed some residual lnk files (maybe the worm was old). Just remove any lnk file on your pendrive and you are ok. Then, the worm was already cleaned by Windows Defender so there was not much work to do, and I had autorun and windows script host disabled on that machine using a registry tweak. Here you have a guide with all the steps [URL unfurl="true"]https://promotionaldrives.com/blog/how-to-get-rid-virus-usb/amp[/URL] Do you know other alternatives? I will take a look at USBFix. In any case, it's not recommended to insert again a flash drive in a windows computer (if you aren't 100% sure that the worm was already cleaned by an AV), as it may get infected. Just use a linux machine or live ISO. In my case, I was almost sure the infection was gone (as it was), but in any case I had autorun and windows script host disabled, as well as Vodooshield realtime, MCshield and other second opinion scanners realtime (Zemana and Malwarebytes), which were installed just to check the USB and then removed. So in case the malware was still present, there was no risk of infection (especially because of autorun and windows script host disabled) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
