Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do i format my usb with a virus on it


  • Please log in to reply
9 replies to this topic

#1 VJ94

VJ94

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 09 May 2011 - 08:02 AM

I've had the ramnit virus on my computer. Long story short, i had to nuke my laptop to get rid of it. My problem is that the virus is on the USB stick. So is there anyway i can format the USB stick without the virus jumping onto my laptop?

BC AdBot (Login to Remove)

 


#2 odin88

odin88

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NorthEast England U.K
  • Local time:03:16 AM

Posted 09 May 2011 - 08:32 AM

Hi,
You can only get re-infected if you run any files that are presently on that flash drive, plug it in and click out of the auto run box and run a virus/malware scan, I Personally would run Malwarebytes(free) on it .....

https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

if you have ccleaner(free) it has a drive wiper tool that you can run on it also, i would let it do at least three passes.This should remove any trace of infected files on the drive.

http://www.piriform.com/ccleaner

Iain.
our attitude toward life determins lifes attitude towards us.

#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:16 PM

Posted 09 May 2011 - 09:43 AM

External storage media and flash (usb, pen, thumb, jump) drives are prone to infections which involve malware that modifies/loads an autorun.inf (text-based configuration) file into the root folder of all drives (internal, external, removable) along with a malicious executable. When removable media such as a CD/DVD is inserted (mounted), autorun looks for autorun.inf and automatically executes the malicious file to run silently on your computer. For flash drives and other USB storage, autorun.ini uses the Windows Explorer's right-click context menu so that the standard "Open" or "Explore" command starts the file. Malware modifies the context menu (adds a new default command) and redirects to executing the malicious file if the "Open" command is used or double-clicking on the drive icon. When a flash drive becomes infected, the Trojan will infect a system when the removable media is inserted if autorun has not been disabled. Keep in mind that autorun.inf can also be a legitimate file which other legitimate programs depend on so the presence of that file may not always be an indication of infection.

Keeping Autorun enabled on flash drives has become a significant security risk as they are one of the most common infection vectors for malware which can transfer the infection to your computer. One in every eight malware attacks occurs via a USB device. To learn more about this risk, please read:Many security experts recommend you disable Autorun as a method of prevention and to Maximize the Protection of your Removable Drives. Microsoft recommends doing the same.Note: If using Windows 7, be aware that in order to help prevent malware from spreading, the Windows 7 engineering team made important changes and improvements to AutoPlay so that it will no longer support the AutoRun functionality for non-optical removable media.

Alternatively, you can use the Disable Autorun/Autoplay Tool - alternate link on almost any operating system.

However, disabling AutoRun is not enough. See Scott Dunn's One quick trick prevents AutoRun attacks. For most novice users, the easiest way to inoculate a USB flash drive is to create a Read-only folder on the drive, name it autorun.inf. This folder will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and executing malicious files as described in How to Maximize the Protection of your Removable Drives.

Another option for XP users is Flash_Disinfector by sUBs which will create a hidden "dummy" autorun folder/file with special permissions in each partition and every external drive that was connected when the tool was run. Do not delete this folder as it helps to prevent the installation of a malicious autorun.ini file on the root drive and executing other malicious files which can infect the computer. For more information about this tool, please read this explanation by Papakid.

Some USB flash drives have a "write protect" read-only switch integrated on the side or on the back for preventing the content from being erased or overwritten. If you're not familiar with this feature, see Looking for a USB Flash Drive with Read Only or Write Protect Switch. However, even with such a device you still need to be careful when using public computers as explainend here.

If your USB drive does not have such a read-only switch, there are alternatives and third-party utilities which can provide this type of protection.IMPORTANT NOTE: DSi USB Write-Blocker advises USB devices you wish to write-block must be disconnected from the computer before the write block is enabled.

USB Protection Tools:
Always scan USB flash drives after they have been used with other computers and never connect them to an untrusted computer or one without an anti-virus. In fact, you can install USBVirusScan, a freeware tool by Didier Stevens that triggers your antivirus to scan a USB drive each time it is inserted in your computer.

USB Anti-virus Tools:Flash/External Drive Scanning Tools:
  • Malwarebytes' Anti-Malware. For usb flash drives and/or other removable drives, perform a Full scan. The option for a Flash Scan will analyze memory and autorun objects but that option is only available to licensed users in the paid version.
  • Norman Malware Cleaner. For usb flash drives and/or other removable drives to scan, use the Add button to browse to the drives location, click on the drive to highlight and choose Ok.
  • Dr.Web CureIt. Choose Custom Scan after the Express Scan has finished to add your usb or external drive to the scan.
  • McAfee Avert Stinger Tool.
-- As an extra precaution, hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present. Then perform your scans.

Quietman7 is the author of these instructions.

Edited by dc3, 09 May 2011 - 11:19 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:10:16 PM

Posted 10 May 2011 - 10:36 AM

Quick and easy answer. At the price of thumb drives don't take the chance. Smash it and through it away. If someone give you that usb stick already infected use the same cure.

#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:16 PM

Posted 10 May 2011 - 11:04 AM

If someone give you that usb stick already infected use the same cure.


That's not cool.<_<

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 caperjac

caperjac

  • Members
  • 1,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NS. CAN
  • Local time:12:16 AM

Posted 10 May 2011 - 03:28 PM

I've had the ramnit virus on my computer. Long story short, i had to nuke my laptop to get rid of it. My problem is that the virus is on the USB stick. So is there anyway i can format the USB stick without the virus jumping onto my laptop?

had you plugged the usb in when you ran the program to nuke the harddrive it would have shown in the list of disk space and you could have done the usb drive then too

My answers are my opinion only,usually


#7 ThunderZ

ThunderZ

  • Deactivated
  • 4,454 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:16 PM

Posted 10 May 2011 - 03:47 PM

Hi,
You can only get re-infected if you run any files that are presently on that flash drive, plug it in and click out of the auto run box and run a virus/malware scan, I Personally would run Malwarebytes(free) on it .....


Not necessarily true depending on the type of virus, it`s trigger.

Please read Dc3`s post for the most concise\preferred method(s) of safely using\disinfecting a flash drive.

#8 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:10:16 PM

Posted 10 May 2011 - 04:10 PM

Your correct dc3, sorry. I did have somebody do that to me as a joke, I'm still not laughing and it's been a year.

#9 James Litten

James Litten

    Ԁǝǝ˥q


  • BC Advisor
  • 1,946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:10:16 PM

Posted 12 January 2012 - 12:41 PM

...
Quietman7 is the author of these instructions.


Where does Quietman7 have these instructions? I couldn't find it when I tried searching the forums.

The post is a great source for when I have a client use a USB flash drive between clean and dirty machines and I was hoping that it is being kept up to date somewhere .

James

#10 hamluis

hamluis

    Moderator


  • Moderator
  • 56,299 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:16 PM

Posted 12 January 2012 - 06:50 PM

<<Where does Quietman7 have these instructions?>>

As I suspected...that reply was from a now discarded canned which Staff used for response to given situations.

It no longer exists in that particular format, but you might take a look at the following and use them as resource material for a guide you may want to prepare...or use them as is, giving due credit.

Best Practices for Safe Computing - Prevention and How Malware Spreads - How did I get infected pinned topics

Updated list of tools follows.

USB Anti-virus Tools:USB Scanning Tools:
  • Malwarebytes' Anti-Malware. For usb flash drives and/or other removable drives, perform a Full scan. The option for a Flash Scan will analyze memory and autorun objects but that option is only available to licensed users in the paid version.
  • Norman Malware Cleaner. For usb flash drives and/or other removable drives to scan, use the Add button to browse to the drives location, click on the drive to highlight and choose Ok.
  • Dr.Web CureIt. Choose Custom Scan after the Express Scan has finished to add your usb or external drive to the scan.
  • McAfee Avert Stinger Tool.

USB Protection Tools:
Hope this helps.

Louis

Edited by hamluis, 12 January 2012 - 06:52 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users