• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1316
  • Last Modified:

shortcut virus

how do I get rid of the shortcut virus on my flash drive and computer
0
WIETIE
Asked:
WIETIE
2 Solutions
 
Thomas Zucker-ScharffSystems AnalystCommented:
Also for External drives you should be doing a couple of things.  

disable Autorun: http://support.microsoft.com/kb/967715 (you can use the fix it for me links)
Use a vaccine program like USB-Set: http://www.geekstogo.com/forum/files/file/378-usb-set/
(this will disable autoplay for all devices now and that you ever attach to your computer, if you set it correctly)

Note that the autorun/autoplay vector was the PRIMARY spreader of malware in 2010.
0
 
rpggamergirlCommented:
If it's just to clean the flash drive use Flash_disinfector.exe.

http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
and save it to your desktop.
Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
The utility may ask you to insert your flash drive and/or other removable drives etc. Please do so and allow the utility to clean up those drives as well.
Wait until it has finished scanning and then exit the program.
Reboot your computer when done.

Flash_Disinfector also creates a bogus folder "autorun.inf"(harmless autorun.inf) in the root of every partition to prevent loading point from getting created when an infected USB is inserted which should stop the spread.


To clean the system you can use your resident AV or use ComboFix and post the log here.
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

ComboFix tutorial:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix




OR do you mean a .lnk virus also known as Stuxnet? If so, try these also:

STUXNET Scanner, A forensic tool:
http://blog.trendmicro.com/stuxnet-scanner-a-forensic-tool/

BitDefender Free removal tool for STuxnet:
http://www.malwarecity.com/community/index.php?s=b2ba862408bd43ee17c124c656c0f6e8&app=downloads&showfile=12

MSE is supposed to detect and remove Stuxnet:
http://www.microsoft.com/en-au/security_essentials/default.aspx

USB worm exploits Windows vulnerability.
http://blog.trendmicro.com/usb-worm-exploits-windows-shortcut-vulnerability/ 
0
 
younghvCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now