Jump to content

Best way to disinfect infected USB

ringo
By ringo
in Programs, Apps and Websites
 Share
Posted

My friend got some virus on his USB stick on work. She told me that is virus that turn applications in shortcut. Ransomware or something much smaller? Anyway what is the best way to resolve this situation, she is counting on some files from USB, what is the best protection and tool to disinfect? I am afraid that there is a small possibility that virus will break Avast free protection and do some damage to computer. Try to disinfect this by hiren boot (boot form some other USB stick) mini xp and than scan with anti virus programs?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Unless we know exactly what type of infection it has it's hard to say what action would be best to take (outside of smashing it so nobody accidentally uses it again). Depending on what it has it'd be best to plug it into a system that can read NTFS partitions but is incompatible with the bug that infected the drive. I don't know if it's a self-executing infectious file or if it has taken over the firmware of the drive.

 

It's possible that it isn't save to plug it into any machine because it may attack it at the hardware level.

 

If the data is really that important you may consider using a sacrificial machine to read the data and either copy it visually (like a text document, physically type the file to a different machine) or use something like a gmail account to copy the text data or export file from some application then throw away both the USB and the computer. Even then this method isn't full-proof.

Guides & Tutorials:

PROXMOX - Rebuilding ZFS RAID rpool After Disk Failure

Mass Deploying Customized Windows 10/11 Installs

Building a GNU/Linux Based Windows Deployment Server

GNU/Linux Installer Server: Installation & Configuration

How to: Use (i)PXE to Install Windows from a Network

Why Memorize IP's When You Can Self-Host DNS Instead?

Ventoy - The USB Multi-Boot Utility!

Introduction to PXE/iPXE Network Boot Featuring FreeBSD & Ubuntu Server

 

Don't see what you need? Check the Full List or *PM me, if I haven't made it I'll add it to the list.

*NOTE: I'll only add it to the list if the request is something I know I can do.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

If there's anything important on the drive that needs recovering (for pictures, documents and things like that), use a spare disconnected (from internet or any local network) pc with Linux. Grab the files, scan them on the linux machine, then proceed to move them off.

 

If the files are excecutables, documents that contain Macros, or compex .pdf files, it is probably not worth bothering as it is much more difficult to verify whether these are intact.

 

You may do a full format of the drive after, though if the firmware has been infected, it would be best to destroy the drive entirely.

 

If the files are worth money (due to lost time or some other reason), please contact a data recovery professional. If anyone can pull valuable files from an infected drive safely, it is likely to be these sort of people.

My eyes see the past…

My camera lens sees the present…

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programs, Apps and Websites

×