OS, Uncategorized, Windows

This article is a basic little fix for the regular windows problems. At times your flash behaves funny but when you  scan the antivirus claims it is clean. This is especially the case with new viruses. Its nice to do a quick check incase you suspect foul play for malware.

So basically what we will do is:

  • View a list of all hidden files
  • Change attributes of hidden files
  • Delete the files that are malicious

View Hidden Files

To do this navigate to the USB Drive or drive you suspect is infected. we will use the dir command:

G:\>dir /ah

If the result lists no files or folders or in other words is “clean” in that perspective it will return a result similar to the one below:

Volume in drive G is OS2
Volume Serial Number is 7C6F-223D
Directory of G:\

In event it lists files we move to step 2. For illustration Purposes let’s take it it shows zpharaoh.exe which is not a file you own. This is a suspicious file.

Change Attributes of Hidden Files

In order to change attributes of hidden files we invoke the attrib command. If a file is hidden but it is yours and it isn’t suspicious you will not proceed to step 3.

attrib -s -r -h zpharaoh.exe

Delete Malicious Files

This can be done via GUI on explorer. open the flash drive in folder view to avoid autorunning then select the file you want to delete and use the shift+delete key.

Windows Explorer Folder View

Windows Explorer Folder View

Or via command line using del command.

In this case we will do.

del /q zpharaoh.exe

repeat for all malicious files and folders replacing zpharaoh.exe with the name of the malicious file or folder.

Leave a Reply

Your email address will not be published. Required fields are marked *

April 2024