5

I have been noticing this problem in a few pen-drives for quite a lot of time, and now this has occurred to mine.

When I double click on the pen-drive icon, I find a pen-drive short-cut icon to %windir%\System32\rundll32.exe  \~$n.dqu,cxcxcscxgxcbgpzm.

Here is a screen-shot: problem1

When I open it, this appears: problem2

What is the problem? Is it safe? And how can I make it normal?

If it helps, I am using this pen-drive on Windows 8.1 and 7 laptops. The problem started after plugging it to the Windows 7 one (not immediately after plugging it, but after a few weeks).

3 Answers3

4

This appears to be a long-standing virus.

I recommend ensuring that your virus checker is up-to-date and running a full scan. You might want to also investigate some additional anti-malware tools such as:

  • SuperAntiSpyware
  • Malwarebytes
  • SlimClean
  • BleachBit

There are a number of places giving advice on how to remove the virus including "How to Remove Shortcut Virus in PC and Flash Drive". They have a tool for removing the virus though they don't claim a 100% success rate and offer alternative approaches if it doesn't work.

To be able to see your files directly without having to click on the shortcut (which activates the virus), from a command prompt:

attrib f:*.* /d /s -h -r -s

Where f: is the drive letter of your pen drive.

Julian Knight
  • 14,749
  • 3
  • 31
  • 46
4

I bet this is a virus. This occurs when you plug your USB on a system that has this virus. It just hides all the files in the drive, and creates a shortcut to a virus exe. That shortcut surprises the users of other systems, and when they run it, it's activated.

You can simply get rid of this with a boot time antivirus scan, and WinRar (Trial version works) or also 7-zip if you want opensource free tools. Using it, type the drive letter in the address bar, you can see all the files, and the shortcut along with the virus executable.

Delete all of them, un-hide your files (right-click and properties). Now do a boot scan (scanning before the OS boots, avast supports this in the free edition) to prevent any other viruses that might be crept in.

EDIT: I have got this virus again when I used my pendrive in a cafe, so I made a video showing how to recover the files.

https://www.youtube.com/watch?v=jyf1U1uSx2E

Sri Harsha Chilakapati
  • 399
  • 4
  • 17
1

Check for some other common problems like:

  • Unable to make visible hidden and system files
  • Unable to Safely remove that external device
  • Same kind of shortcuts started appearing in other external devices that you connect
  • Some new unusual processes found in task manager

If some of these problems are there in your system then it is most probably occurring due to some Trojan Horse already present in that system. That Trojan Horse might replicate itself to any external device that is attached to this computer.

You need to install a good anti-virus program that you trust the most. As per my recommendation you can use:

In addition to these you can generate hijackthis report and show it to a security expert for detailed analysis.

n0noob
  • 125