Files hidden on USB hard disk because of virus, how to clean?

This virus has been going around quite a bit recently and I have fixed it at least 10 times myself in the past couple of weeks.

Whilst the removers try to do a good job at removing the rootkit, they do not undo the actual damage caused by it. (Also, I have seen a few varieties that remain and can redirect Google search results, you may want to warn your friend).

I am not sure of a good/quick/easy way from a Mac, but, the easiest thing you can do from a Windows machine is to go to a command prompt (do not think you need elevated, but if you get an error, do it), and type the following:

x:
cd\
attrib -h /S

Replace x: with the letter assigned to the drive. This will go through all files on the drive and remove the hidden attribute. Unfortunately, if you have manually set it on any, this will be wiped - but not a lot of people do this on their own files.

Hope this helps, if you need any follow up help, especially as this isn't that easy, please write a comment and I (or someone else) will try to help you.


Try to kill the Autorun file by following these steps:

  1. Download the file AutorunExterminator

    Extract it --> Double-click on "AutorunExterminator" --> Plug in your external hard drive.

    This will remove the autorun.inf files from your external hard drive.

  2. Run the following command. Here I assume your external hard drive is G:

    attrib -h -r -s /s /d g:\*.* 
    

    You can copy the above command and then right-click in the Command Prompt to paste it. (Or do "Start" --> "Run" and type Ctrl+V.)

  3. Download Malwarebytes' Anti-Malware, update it, and perform a full scan.