How to prevent yourself from USB drive Virus

Did you encounter USB viruses like “Recycler.scr”, “New Folder.exe”, “Ravmon”, Autorun.inf ? We all use USB drives as the common media for information exchange but there are some scrupulous Virus which circulates with these USB all the time. So the big question is, how to prevent yourself from such unwanted virus threat?

As an old saying, prevention is better than cure. You never need any additional software to detect or delete them, just follow the simple steps. Here are some pointers to prevent yourself from such viruses.


Disable autorun in windows:

You can either follow the Microsoft’s documentation on the same here (This can be referred for disabling USB over the network Group policy too) or follow below steps if you are on Windows XP

To get to the configuration screen for this setting, go to Start Menu \ Run and type in: gpedit.msc

You will see the Group Policy window. You should select Administrative Templates \ System in the tree view:

You will see an item in the right side pane called “Turn off Autoplay”

Double click the item, and set the radio button to Enabled, and change the “Turn off Autoplay on” to All Drives.

Once disabling this feature follow below giving instructions:


Open the Command Prompt by typing ‘cmd‘ in the run box. In the command prompt type the drive letter: and press enter . Now type dir /w/a and press enter.

This will display a list of the files in the pen drive. Check whether the following files are there or not

  • Autorun.inf
  • Ravmon.exe
  • New Folder.exe
  • svchost.exe
  • Heap41a
  • or any other exe file which may be suspicious.

If any of the above files are there, then probably the USB drive is infected. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files.

Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious. Now remove the drive and plug it again.

The real culprit is “Autorun.inf” file which gets executed once you click Ok in the dialog window which appears above. Hence, your machine gets infected  with these kind of malwares.