you distribute the links to those in need BEFORE the infection. Both are Free:
"G Data Outs Free Tool 2 block Win Shortcut Hits
The free tool prevents malware that exploits Microsoft's shortcut vulnerability from executing and also displays Windows icons correctly
The German security company G Data released a tool on Tuesday that blocks attacks using Microsoft's shortcut vulnerability but also preserves shortcut icons unlike the hotfix released recently by Microsoft.
?This recent security flaw gives cyber-criminals a wide range of new possibilities to infect a PC. They only need to make sure that a .lnk file is displayed on the computer. The file, which the link refers to, >>>>does not necessarily need to be on the computer ? it can even be on the Internet?, explains Ralf Benzmueller, head of the G Data SecurityLabs. ?Not only users of memory sticks are affected.<<<<
The tool, called the G Data LNK Checker, is a small piece of software that is independent of other security software. It monitors the creation of shortcuts and then will block the execution of code when a shortcut icon is displayed, according to G Data. The tool is free and can be downloaded from G Data":
"Sophos engineers have been busy developing and testing a free tool that protects users from malware exploiting the critical zero-day vulnerability known as the "Shortcut exploit".
Here are the details in a nutshell:
1. It intercepts LNK shortcut files that contain the exploit, telling you which executable code it was attempting to run. That means it will stop malicious threats which use this vulnerability if they are on non-local disks, such as a USB stick for instance.
2. You can run the tool alongside your existing anti-virus product. No need to throw the baby out with the bathwater. The tool supports Windows XP, Vista and Windows 7. It doesn?t support Windows 2000.
3.>>>> Unlike Microsoft's workaround, it doesn't blank out all the shortcuts on your Windows Start Menu - meaning your life (and that of your users) will be easier".<<<<<
4. It's free to download:
Want to know more? Here's the nerdy explanation:
Hope this is a helpful preventative!
I'm Working as an IT in a school and you would imagine the sum of the viruses we get everyday from students teachers and stuff. we are facing 2 different kind of viruses.
1- scan for virus,s ( right clicking an application and it will display scan for virus,s among the list such as open, Run as and etc. )
2- Open application as well a virus ( right clicking any folder or app. brings it in the list of choices)
1- Most antivrus is effective for this kind of virus was Escan. Tried Norton Mcafee Eset Trendmicro non were effective.
2- Downloaded and Installed ComboFix.
3- Deleting it manually from Shell folder in the regedit.exe
4- W32 removal that i found on one of the websites but it wasnt helpful.
can i resolve this in a less / easier way?
Another virus we are facing is shortcuts anytime some1 use his usb in an affected PC his folders disappear and everything turn to shortcut.
(As you know in schools if the teacher have saved his quizes sheets Tests and exams in his usb then it got damaged he will be in big trouble. since his computer is affected and there is no way to save his documents anywhere else).
1- Unhide the folders by chosing unhide protected files so we can remove the viruses.exe manually. antiviruses cannot detect all the viruses.
2- deleting the shorcuts. (got sample though)
3- using the command line to fully unhide the folders. attrib -r -a -s -h /s /d X:*.*
the problem is even after cleaning the computer and usb still they are getting the shorcuts and its really killing us in the IT department going and cleaning the 100s of PC and USBs over and over and over again.
is there a better way , am i missing something ? is there any auto protection for these viruses or spywares ?
( we do use the app. freeze in our labs so it will automatically delete any file that enter the pc.after restart)