The Win32/Flashbot.A Worm, Trojan Win32/Malagent (Microsoft), Variant.Strictor.2025 (Bitdefender) is a kind of worm that spreads via removable media such as flash drive, external drive, memory card, etc.
The worm searches for files and folders in the root folders of removable drives. It copies itself into the root folders of removable drives using the same filename of the existing files and folder. The extension of the file or folder will become “.exe” and the original content were hidden. When the infected file is executed, the original file is also run.Before you proceed make sure you have select and unhide the following
- Select Show hidden files, folders, or drives
- Uncheck Hide extensions for known file types
- Unchecked Hide protected operating files (recommended)
All the selection is located in My Computer, Tools, Folder Options Menu.
To fix the problem:
- Update the anti-virus into it’s latest virus signature
- Run a quick scan in your computer
- Run infected external storage; the “.exe” will automatically deleted
- Unhide file and folder in removable drive
To unhide the folder
- Right click the hidden file or folder
- Click Properties
- Uncheck or deselect “Hidden” and “Read-only”