This article is a basic little fix for the regular windows problems. At times your flash behaves funny but when you scan the antivirus claims it is clean. This is especially the case with new viruses. Its nice to do a quick check incase you suspect foul play for malware.
So basically what we will do is:
- View a list of all hidden files
- Change attributes of hidden files
- Delete the files that are malicious
View Hidden Files
To do this navigate to the USB Drive or drive you suspect is infected. we will use the dir command:
G:\>dir /ah
If the result lists no files or folders or in other words is “clean” in that perspective it will return a result similar to the one below:
Volume in drive G is OS2
Volume Serial Number is 7C6F-223D
Directory of G:\
In event it lists files we move to step 2. For illustration Purposes let’s take it it shows zpharaoh.exe which is not a file you own. This is a suspicious file.
Change Attributes of Hidden Files
In order to change attributes of hidden files we invoke the attrib command. If a file is hidden but it is yours and it isn’t suspicious you will not proceed to step 3.
attrib -s -r -h zpharaoh.exe
Delete Malicious Files
This can be done via GUI on explorer. open the flash drive in folder view to avoid autorunning then select the file you want to delete and use the shift+delete key.
Or via command line using del command.
In this case we will do.
del /q zpharaoh.exe
repeat for all malicious files and folders replacing zpharaoh.exe with the name of the malicious file or folder.