Attention: The forums are currently placed on Read Only.

Thank you for visiting the CNET forums. Our site is currently undergoing some maintenance. During this period (6:30 AM to 8 PM PDT,) you can read the forums content, however posting in the forum will not be available. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

General discussion

Shortcuts & Scan for virus,s

by TotallyMuse / November 8, 2010 11:39 AM PST

Hi,

I'm Working as an IT in a school and you would imagine the sum of the viruses we get everyday from students teachers and stuff. we are facing 2 different kind of viruses.

1- scan for virus,s ( right clicking an application and it will display scan for virus,s among the list such as open, Run as and etc. )
2- Open application as well a virus ( right clicking any folder or app. brings it in the list of choices)

Solution :

1- Most antivrus is effective for this kind of virus was Escan. Tried Norton Mcafee Eset Trendmicro non were effective.
2- Downloaded and Installed ComboFix.
3- Deleting it manually from Shell folder in the regedit.exe
4- W32 removal that i found on one of the websites but it wasnt helpful.

can i resolve this in a less / easier way?

<Shortcuts>

Another virus we are facing is shortcuts anytime some1 use his usb in an affected PC his folders disappear and everything turn to shortcut.
(As you know in schools if the teacher have saved his quizes sheets Tests and exams in his usb then it got damaged he will be in big trouble. since his computer is affected and there is no way to save his documents anywhere else).

Solution :

1- Unhide the folders by chosing unhide protected files so we can remove the viruses.exe manually. antiviruses cannot detect all the viruses.
2- deleting the shorcuts. (got sample though)
3- using the command line to fully unhide the folders. attrib -r -a -s -h /s /d X:*.*

the problem is even after cleaning the computer and usb still they are getting the shorcuts and its really killing us in the IT department going and cleaning the 100s of PC and USBs over and over and over again.
is there a better way , am i missing something ? is there any auto protection for these viruses or spywares ?
( we do use the app. freeze in our labs so it will automatically delete any file that enter the pc.after restart)

thank you

Discussion is locked
Collapse -
These Should Help Re: "Shortcuts" If
by tobeach / November 8, 2010 1:49 PM PST

you distribute the links to those in need BEFORE the infection. Both are Free:

"G Data Outs Free Tool 2 block Win Shortcut Hits

The free tool prevents malware that exploits Microsoft's shortcut vulnerability from executing and also displays Windows icons correctly

The German security company G Data released a tool on Tuesday that blocks attacks using Microsoft's shortcut vulnerability but also preserves shortcut icons unlike the hotfix released recently by Microsoft.

?This recent security flaw gives cyber-criminals a wide range of new possibilities to infect a PC. They only need to make sure that a .lnk file is displayed on the computer. The file, which the link refers to, >>>>does not necessarily need to be on the computer ? it can even be on the Internet?, explains Ralf Benzmueller, head of the G Data SecurityLabs. ?Not only users of memory sticks are affected.<<<<

The tool, called the G Data LNK Checker, is a small piece of software that is independent of other security software. It monitors the creation of shortcuts and then will block the execution of code when a shortcut icon is displayed, according to G Data. The tool is free and can be downloaded from G Data":
http://www.gdatasoftware.co.uk/support/downloads/tools.html
***********

"Sophos engineers have been busy developing and testing a free tool that protects users from malware exploiting the critical zero-day vulnerability known as the "Shortcut exploit".

Here are the details in a nutshell:

1. It intercepts LNK shortcut files that contain the exploit, telling you which executable code it was attempting to run. That means it will stop malicious threats which use this vulnerability if they are on non-local disks, such as a USB stick for instance.

2. You can run the tool alongside your existing anti-virus product. No need to throw the baby out with the bathwater. The tool supports Windows XP, Vista and Windows 7. It doesn?t support Windows 2000.

3.>>>> Unlike Microsoft's workaround, it doesn't blank out all the shortcuts on your Windows Start Menu - meaning your life (and that of your users) will be easier".<<<<<

4. It's free to download:
http://www.sophos.com/shortcut

Want to know more? Here's the nerdy explanation:
http://www.sophos.com/blogs/gc/g/2010/07/26/shortcut-exploit-free-tool/

Hope this is a helpful preventative! Happy

Collapse -
@ tobeach
by TotallyMuse / November 8, 2010 2:47 PM PST

thank you for your help and solving one of my problems , ill give it a try and let you know as soon as possible.

i'm still hoping someone can help me on the app. scan for virus,s

thanks again

Collapse -
These Should Help Re: "Shortcuts"
by TotallyMuse / November 9, 2010 12:57 PM PST

Shortcuts problem still persist and not yet solved ..
i tried the 2 sofwares and after that when i put the usb back to the pc it gets infected again.
i need an auto-protection thank you
I have installed those 2 softwares on the infected PC.

Collapse -
Scan the system and the USB drive.
by Donna Buenaventura / November 10, 2010 2:22 PM PST

Hi,

Please try to remove the infection by scanning the computer using any of the following:

1. Hitman Pro
Configure the settings of Hitman Pro by checking the box before "Show 'Scan with Hitman Pro' on files and folders in Windows Explorer"
Insert the USB drive and then open Windows Explorer or My Computer. Scan the USB drive using Hitman Pro. See if it detects any. Then scan again using Hitman Pro for infection on whole system.
If Hitman Pro will not run, press ctrl key when opening Hitman Pro.

2. Windows MRT - This free scanner by Microsoft will scan the computer for infections that is in the wild or impacted many.

If any has helped, please disable autorun feature in Windows by installing security updates for Windows or other components so any malware in USB will not autorun.

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!