Removing Virus in a USB drive like Newfolder.exe, Shortcutlink(.lnk) and more [Plus one]

Removal of Shortcut Link Virus
Now a days, when you plug your USB/Flash Drive in the system, it creates a shortcut link in the drive, in a way that the Original Folders are created as Shortcut. Its a virus, Most of the Antivirus programs are not detecting it.

Here is the way to remove the Virus using Command Prompt.

1. Enter the command prompt by clicking start –> run –> CMD 
2. Type the Drive Path assigned by the system to the Flash Drive. The Directory will be in the flash drive path. For Example the Drive assigned is E:
3. Now type this in the command prompt as

     E:>attrib -r -a -s -h *.*
         press enter.


4.Type     E:>del *.lnk and press enter.
5. Now check the Flash drive all the Shortcuts have been removed.

Some Other Virus Removal Techniques:

One of the ways by which a virus can infect your PC is through USB/Pen drives. Common viruses such as ’Ravmon’ , ‘New Folder.exe’, ‘Orkut is banned’ etc are spreading through USB drives. Most anti virus programs are unable to detect them and even if they do, in most cases they are unable to delete the file, only quarantine it. Here are the things which you can do if you want to remove such viruses from your USB drives


Whenever you plug a USB drive in your system, a window will appear similar to the one shown below

Don’t click on Ok , just choose ‘Cancel’. Open the Command Prompt by typing ‘cmd‘ in the run box. In the command prompt type the drive letter: and press enter . Now type dir /w/a and press enter.

This will display a list of the files in the pen drive. Check whether the following files are there or not


Autorun.inf 
Ravmon.exe 
New Folder.exe 
svchost.exe 
Heap41a 
or any other exe file which may be suspicious. 

If any of the above files are there, then probably the USB drive is infected. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious. To be on a safer side, just scan the USB drive with an anti virus program to check whether it is free of virus or not. Now remove the drive and plug it again. In most of the cases, the real culprit turns out to be the “Autorun.inf” file which mostly gets executed when someone clicks Ok in the dialog window which appears above. Thus the infections can spread


Leave a Reply

Your email address will not be published. Required fields are marked *