In more recent years, one of the most common ways for a virus to spread itself has been through the autorun.inf file that resides on the root of your removable device such as a USB stick or hard drive. When you insert the device into a computer, the autorun file then executes the program it’s told to which in many cases can be malicious file, and then you have a problem on your hands.
Thankfully in Windows XP and above the Autorun.inf virus issue is now pretty much redundant as the inf file no longer gets executed by default in Windows when it’s inserted and so the malicious file cannot get launched. The problem with removable USB devices is they are so portable that the drive could have been plugged into several other computers before it comes back to you. And with that in mind, there’s always a chance that it could have been infected and other types of malicious files might have been transferred onto it along the way.
USBVirusScan is a small program that will launch any program you provide as a command line parameter each time a USB drive is inserted. As you might guess, the author uses it to start a full virus scan on the inserted USB drive, and named it as such. But the program can actually be used to launch any program, batch file or script you tell it to and isn’t limited to just running security software.
USBVirusScan isn’t really a tool for beginners though because it doesn’t have graphical user interface (GUI). The configuration and launching is done from a batch file called Start.bat and the tool itself only has an About screen that looks like the image below which shows the command line options.
The only thing you need is an Antivirus package installed. If you don’t have one and don’t want to pay for one, have a look at our comprehensive list of free Antivirus software. Then you’ll need to find out the commands that need to be on the line that can perform a scan when you insert a USB drive. Once you have the command line, just edit the Start.bat file in the USBVirusScan folder.
The command line options can be a bit confusing for some users and finding the correct syntax and commands is not always easy because every antivirus software is different. So for your convenience we’ve provided a few command lines for some popular antivirus software. If you’re using a 64-bit Windows, you may need to change the \Program Files\ entries to \Program Files (x86)\ depending on which folder your Antivirus uses. The simplest way to check is to browse and see which folder the Antivirus is in and use the correct one in the batch file.
Place “Start USBVirusScan.exe” without the quotes at the beginning of Start.bat and add one of the commands to the line depending on the Antivirus software package you have. Then simply execute the bat file and the program will sit in the system tray waiting for a USB drive to be inserted. Memory usage is small occupying only 1MB on our Windows 7 64-bit test system, so can easily sit in the background all the time if you come into contact with lots of USB flash drives.
On the next page we’ll show you the command line options required for USBVirusScan in 15 popular antivirus and internet security packages.
AVG (Free) Antivirus 2013
"C:\Program Files\AVG\AVG2013\avgscanx.exe" /CLEAN /SCAN=%%c:
Look here for more AVG commandline scan parameters.
Kaspersky Anti-Virus 2013
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.com" scan %%c:
Kaspersky Internet Security 2013
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.com" scan %%c:
Here are the commands for Kaspersky 2010 which are still the same for 2013.
"C:\Program Files\Norton Antivirus\Engine\188.8.131.52\navw32.exe" %%c:
Norton Internet Security
"C:\Program Files\Norton Internet Security\Engine\184.108.40.206\Navw32.exe" %%c:
Find more scanning commands on the Symantec website.
ESET NOD32 Antivirus
"C:\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" /aind /action=clean %%c:
ESET Smart Security
"C:\Program Files\ESET\ESET Smart Security\ecls.exe" /aind /action=clean %%c:
"C:\Program Files\ClamWin\bin\clamscan.exe" --database=C:\ProgramData\.clamwin\db --show-progress --recursive=yes %%c:
ClamWin needs the location of the virus definition database in the command line, the default is C:\ProgramData\.clamwin\db in Windows Vista/7/8 if you installed it. To check the current location of the virus definition database, run the ClamWin program and go to Tools -> Preferences -> File Locations.
Microsoft Security Essentials
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" -Scan -ScanType 3 -File %%c:
For a full list of MpCmdRun commands, download this text file.
Windows Defender (Windows 8)
"C:\Program Files\Windows Defender\MpCmdRun.exe" -Scan -ScanType 3 -File %%c:
Appears to be supported by the command bdc.exe but this program never got installed on any 2013 product we tested.
Avira Free Antivirus
Download this configuration file and place it in \Program Files\Avira\, don’t try to put it in the AntiVir Desktop folder. Then place the following command into the USBVirusScan batch file:
"C:\Program Files\Avira\AntiVir Desktop\avscan.exe" /CFG="C:\Program Files\Avira\USBscan.txt" /PATH="%%c:"
There is also a more traditional command line scanner available from the Avira website.
Not Supported because none of the Home products have the command line feature built in.
Avast! Antivirus Pro / Internet Security
"C:\Program Files\AVAST Software\Avast\ashCmd.exe" %%c: /P=
Avast! Free Edition
The free edition does not support command line scanning in the same way as the Internet Security or Pro versions although it has a quick scanner tool with no arguments apart from a drive letter, this will simply popup a message if it detects anything suspicious during the scan.
"C:\Program Files\AVAST Software\Avast\ashquick.exe" %%c:
There are number of other command line arguments to use in USBVirusScan such as hiding the program from the tray (-i), disabling the exit button in the tray (-e) and scanning all removable drives when the program starts (-s) etc. Double click the executable or right click on the tray icon -> About for the full list of supported arguments.