Hey, so my USB drive is acting weird since I plugged it into a college computer.

https://i.imgur.com/RQX6K2V.png

Now, whenever I open it, it shows me a shortcut that sends me to a hidden folder inside the drive.

https://i.imgur.com/wCu44Gd.png

Using 7-zip’s File Manager, I can see these folders.

https://i.imgur.com/GmrmGxA.png

Inside the rootdir folder are these files.

https://i.imgur.com/LGNhL4Z.png

Here is the .bat file contents. (didn’t run it, just viewed it with notepad)

https://i.imgur.com/KbpEaBa.png

I looked for a few solutions online and nothing works.

I formatted the drive, nothing.

I used usbfix, nothing.

I deleted the files in the rootkit, they come back with different names almost instantly.

I remove the contents of the files and save them, it solves it until the drive plugged in again.

I think my pc is now infected with this script that does this to USB drives.

im so confused pls help

  • DestinyForNone@alien.topBEnglish
    1·
    1 year ago

    First off… don’t use the drive. Period.

    Secondly, you’ve basically two realistic options. Using a tool called TDSSKiller by Kaspersky Labs to detect and remove a rootkit.

    Or, you can fully wipe your drive and reinstall windows.