Hey, so my USB drive is acting weird since I plugged it into a college computer.
https://i.imgur.com/RQX6K2V.png
Now, whenever I open it, it shows me a shortcut that sends me to a hidden folder inside the drive.
https://i.imgur.com/wCu44Gd.png
Using 7-zip’s File Manager, I can see these folders.
https://i.imgur.com/GmrmGxA.png
Inside the rootdir folder are these files.
https://i.imgur.com/LGNhL4Z.png
Here is the .bat file contents. (didn’t run it, just viewed it with notepad)
https://i.imgur.com/KbpEaBa.png
I looked for a few solutions online and nothing works.
I formatted the drive, nothing.
I used usbfix, nothing.
I deleted the files in the rootkit, they come back with different names almost instantly.
I remove the contents of the files and save them, it solves it until the drive plugged in again.
I think my pc is now infected with this script that does this to USB drives.
im so confused pls help
This post is an automated archive from a submission made on /r/techsupport, powered by Fediverser software running on alien.top. Responses to this submission will not be seen by the original author until they claim ownership of their alien.top account. Please consider reaching out to them let them know about this post and help them migrate to Lemmy.
Lemmy users: you are still very much encouraged to participate in the discussion. There are still many other subscribers on !techsupport@poweruser.forum that can benefit from your contribution and join in the conversation.
Reddit users: you can also join the fediverse right away by getting by visiting https://portal.alien.top. If you are looking for a Reddit alternative made for and by an independent community, check out Fediverser.
First off… don’t use the drive. Period.
Secondly, you’ve basically two realistic options. Using a tool called TDSSKiller by Kaspersky Labs to detect and remove a rootkit.
Or, you can fully wipe your drive and reinstall windows.