USB drive virus, scan through, restart with external harddrive in

Hey!
So last night I started scanning through my computers, scanned the whole computer with MSE, MBAM, PANDA ONLINE and superantispyware and it was clean. Then I plugged in my external harddrive to scan, I scanned that one with MSE and then with superantispuyware and then MBAM. It didn't find anything. Then I scanned the whole computer AND the external harddrive. First with MSE, it came up clean. Then with superantispyware, it was also clean, but it found som tracking cookies on the pc, and I had to restart the pc. But heres the problem, I forgot to take the external harddrive out of the pc while restarting...

Can this (if there is a virus) have made it boot into the computer, so AV's can't find it anymore? (I had autoplay turned off through "control panel" - "hardware and sound" and "autoplay")

Lets say that there is a virus and it did do this, will reinstalling and formatting get rid of it anyways?

Is this tool to be trusted? Does it work? :
http://www.addictivetips.com/windows-tips/remove-autorun-inf-virus-with-autorun-eater/

please say if you know of any better ways to detect this.

*More backround info in my last topic here (including list of viruses that could have something to do with it.
https://www.instructables.com/community/USB-drive-virus-Do-I-have-it-What-should-I-do/ 

sort by: active | newest | oldest
jimc45676 years ago
If you've run MSE, MBAM, Panda and superantivirus with the latest updates, and they found nothing, you're probably okay. If you have a virus on your machine, it won't matter whether you have autorun on or off. Many viruses simply detect that a new hard drive (regardless of whether is an external, flash, or any other kind) has just come online and will identify the .exe's or whatever it attaches itself to and attach itself to the files. Usually CD and DVD drives are protected because they show up as read-only, or have no room left to add anything.

Tracking cookies are cookies that many web sites load. I don't believe they can contain viruses themselves.
kjelll (author)  jimc45676 years ago
I know the pc is clean, but not if the drivers is. you see a time ago i got a worm on another pc, which i didn't detect before after using the drives on it...

So do you think that if
-MSE and MBAM didn't find anything while scanning only the drives
&
-MSE, MBAM, superantispyware or Panda online scanner didn't find anything when I plugged all the drives in and took a full scan

I can be sure there isn't a virus there?


btw, Is this tool to be trusted? Does it work? :
http://www.addictivetips.com/windows-tips/remove-autorun-inf-virus-with-autorun-eater/
jimc4567 kjelll6 years ago
If you've downloaded the latest signature file for the different virus programs, then yes, I believe you should not have the virus. Can you be sure? never. But based on what you've stated you should be 99% sure.

Here's the problem. There are viruses being generated all the time. There is a time lag between a virus appearing in public and a new signature or virus definition file being generated is 48hours to 2weeks. The fact you haven't seen the virus again, is a pretty good indication that the virus probably isn't around. You can never say I'm 100% sure there is no virus. Different anti-virus programs detect differently. Some miss viruses, some give false positives.

That autorun-eater only removes autorun.inf. It is not a virus preventer. None of your hard drives, and many flash drives do not have autorun.inf files to begin with. I tried to download it and install it, but couldn't find the proper links. I can't answer the question.
kjelll (author)  jimc45676 years ago
So If I now scan through my pc with MSE, MBAM, PANDA Online scanner, SuperAntispyware and http://www.filehippo.com/download_spywareblaster/ (Can I use that with the previous mentioned?)

-and then each drive one at the time (with MSE and MBAM)

-and then the pc + all three drives (by plugging them in and choosing a full scan)

-and then doing like I've done in these pics: http://i.imgur.com/bvwuD.jpg http://i.imgur.com/jZbO7.jpg

-and then manually looking into every folder and view every file (do I need to check if pictures is autorun.inf, or do I just have to check if there isnt a single file named autorun.inf?)
(or is this that I do when I do what I did in the pics above?)

Can I then be 99.99999999% sure :) ?

sorry for still nagging, but please answer these last questions and I will shut up about this FOREVER! :p

thank you for you patience.
jimc4567 kjelll6 years ago
Dude !!!!

I'm guessing this virus really freaked you out. Autorun.inf is a standalone file, not built into other files. Your .jpg's look fine, I don't see anything wrong with them.

According to this link, you can remove the Ravmon.exe virus very easily and quickly. Just follow the steps. Note step 1. "Right-click on any drive, if you see invalid characters in the menu, you are infected." My guess is if you simply do this, you won't need to run the flurry of virus scans. But you will anyway.

http://www.flixya.com/post/agent47/18962/Remove_Ravmon.exe_virus_within_5_minutes

In the end you will have to satisfy yourself your drives are clean. If you run all the scans, you should be 99.999999% virus free.

Good luck
lemonie6 years ago

see what AVG says perhaps?

L