Spyware, Viruses, & Security forum

General discussion

Shortcuts & Scan for virus,s

by TotallyMuse / November 8, 2010 11:39 AM PST


I'm Working as an IT in a school and you would imagine the sum of the viruses we get everyday from students teachers and stuff. we are facing 2 different kind of viruses.

1- scan for virus,s ( right clicking an application and it will display scan for virus,s among the list such as open, Run as and etc. )
2- Open application as well a virus ( right clicking any folder or app. brings it in the list of choices)

Solution :

1- Most antivrus is effective for this kind of virus was Escan. Tried Norton Mcafee Eset Trendmicro non were effective.
2- Downloaded and Installed ComboFix.
3- Deleting it manually from Shell folder in the regedit.exe
4- W32 removal that i found on one of the websites but it wasnt helpful.

can i resolve this in a less / easier way?


Another virus we are facing is shortcuts anytime some1 use his usb in an affected PC his folders disappear and everything turn to shortcut.
(As you know in schools if the teacher have saved his quizes sheets Tests and exams in his usb then it got damaged he will be in big trouble. since his computer is affected and there is no way to save his documents anywhere else).

Solution :

1- Unhide the folders by chosing unhide protected files so we can remove the viruses.exe manually. antiviruses cannot detect all the viruses.
2- deleting the shorcuts. (got sample though)
3- using the command line to fully unhide the folders. attrib -r -a -s -h /s /d X:*.*

the problem is even after cleaning the computer and usb still they are getting the shorcuts and its really killing us in the IT department going and cleaning the 100s of PC and USBs over and over and over again.
is there a better way , am i missing something ? is there any auto protection for these viruses or spywares ?
( we do use the app. freeze in our labs so it will automatically delete any file that enter the pc.after restart)

thank you

Discussion is locked
You are posting a reply to: Shortcuts & Scan for virus,s
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Shortcuts & Scan for virus,s
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
These Should Help Re: "Shortcuts" If
by tobeach / November 8, 2010 1:49 PM PST

you distribute the links to those in need BEFORE the infection. Both are Free:

"G Data Outs Free Tool 2 block Win Shortcut Hits

The free tool prevents malware that exploits Microsoft's shortcut vulnerability from executing and also displays Windows icons correctly

The German security company G Data released a tool on Tuesday that blocks attacks using Microsoft's shortcut vulnerability but also preserves shortcut icons unlike the hotfix released recently by Microsoft.

?This recent security flaw gives cyber-criminals a wide range of new possibilities to infect a PC. They only need to make sure that a .lnk file is displayed on the computer. The file, which the link refers to, >>>>does not necessarily need to be on the computer ? it can even be on the Internet?, explains Ralf Benzmueller, head of the G Data SecurityLabs. ?Not only users of memory sticks are affected.<<<<

The tool, called the G Data LNK Checker, is a small piece of software that is independent of other security software. It monitors the creation of shortcuts and then will block the execution of code when a shortcut icon is displayed, according to G Data. The tool is free and can be downloaded from G Data":

"Sophos engineers have been busy developing and testing a free tool that protects users from malware exploiting the critical zero-day vulnerability known as the "Shortcut exploit".

Here are the details in a nutshell:

1. It intercepts LNK shortcut files that contain the exploit, telling you which executable code it was attempting to run. That means it will stop malicious threats which use this vulnerability if they are on non-local disks, such as a USB stick for instance.

2. You can run the tool alongside your existing anti-virus product. No need to throw the baby out with the bathwater. The tool supports Windows XP, Vista and Windows 7. It doesn?t support Windows 2000.

3.>>>> Unlike Microsoft's workaround, it doesn't blank out all the shortcuts on your Windows Start Menu - meaning your life (and that of your users) will be easier".<<<<<

4. It's free to download:

Want to know more? Here's the nerdy explanation:

Hope this is a helpful preventative! Happy

Collapse -
@ tobeach
by TotallyMuse / November 8, 2010 2:47 PM PST

thank you for your help and solving one of my problems , ill give it a try and let you know as soon as possible.

i'm still hoping someone can help me on the app. scan for virus,s

thanks again

Collapse -
These Should Help Re: "Shortcuts"
by TotallyMuse / November 9, 2010 12:57 PM PST

Shortcuts problem still persist and not yet solved ..
i tried the 2 sofwares and after that when i put the usb back to the pc it gets infected again.
i need an auto-protection thank you
I have installed those 2 softwares on the infected PC.

Collapse -
Scan the system and the USB drive.
by Donna Buenaventura / November 10, 2010 2:22 PM PST


Please try to remove the infection by scanning the computer using any of the following:

1. Hitman Pro
Configure the settings of Hitman Pro by checking the box before "Show 'Scan with Hitman Pro' on files and folders in Windows Explorer"
Insert the USB drive and then open Windows Explorer or My Computer. Scan the USB drive using Hitman Pro. See if it detects any. Then scan again using Hitman Pro for infection on whole system.
If Hitman Pro will not run, press ctrl key when opening Hitman Pro.

2. Windows MRT - This free scanner by Microsoft will scan the computer for infections that is in the wild or impacted many.

If any has helped, please disable autorun feature in Windows by installing security updates for Windows or other components so any malware in USB will not autorun.

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?