As you know Antivirus software is the major way to prevent and remove computer virus, but this time we’re talking about a new kind of shortcut virus that was undetectable by many Antivirus programs. When it comes to your storage device (e.g., Computer Hard drive, USB Drive, SD Card), converts all files to the shortcut link. So when you click on those shortcuts the file may not open instead a malicious program will execute on your computer.

shortcut-virus-demo-usb

If the data on your USB storage and computer drive goes invisible, you can use the below command prompt method to visible the data.

About the shortcut virus problem, first of all I got mad, not be removed by antivirus programs. When I try to scan the infected storage with an Antivirus, it shows ‘No Threat Detected’. If the USB flash drive / SD Card didn’t contain any important data, you can connect it to a different computer and format to remove the virus, else follow the below command prompt method.

What is the source of shortcut virus?

I can not tell you the exact origin of this virus, but I have to say that you should be safe on the Internet and third-party unknown software applications should not be installed if there is no paid antivirus program on your computer. Free antivirus can not keep your computer safe with the latest threats, so I advise you to use a paid and genuine antivirus software.

If a computer has a shortcut virus, then all USB storage will be infected when connected to that computer.

Remove shortcut virus from a USB flash drive, SD card etc.

I have written various methods to remove this virus from USB flash drive, SD card and Windows computer. For secondary storage devices, I recommend you to use the command prompt method. I recommend you first scan the infected storage device with the antivirus program installed on your computer.

Follow the steps below to remove the shortcut virus using Windows Command Prompt (CMD):

  1. Launch Command Prompt app as an administrator (press the window key, type ‘cmd’ in the search, right-click at the Command Prompt and select ‘Run as Administrator’).
    cmd-admin-vt
  2. Connect your secondary storage device with computer that are infected with shortcut virus (e.g., USB flash drive, SD card, etc.)
  3. Scan storage with an antivirus program and delete any threat detected.
  4. Type the following command at the command prompt and press Enter:
    attrib -h -r -s /s /d X:\*.*
    (Change the X with the drive letter on your USB storage. For example, if your drive is letter D, this would be the command: attrib -h -r -s /s /d D:\*.*)

    cmd-attrib-cmd

  5. Your files now appear as normal.
  6. Some unknown files may generate during the process, so copy your files out of secondary storage.
  7. Format the USB drive and copy all the data back into storage.

Learn more about Attrib command at the Microsoft TechNet site.

The problem of the shortcut has been fixed and now all the files will appear in normal form, if the shortcut virus is available on your computer, then again when you reconnect it to the computer, the secondary storage will be re-infected.

Permanently remove shortcut virus from your Windows computer

It is a bit tricky to remove this virus from your computer because it is undetectable by antivirus program. If your antivirus program supports the full system and boot time scan feature, then run it first, if the boot time scan is unable to remove this virus, then use a malware removal tool.

Prevent your computer from creating shortcuts on USB flash drives, SD cards etc.

In Windows Task Manager, I have seen a VBScript name that is running wscript.vbs, which helps to automatically spread the shortcut virus on external USB drives. So when I end this task, the computer stops making shortcuts on external storage.

To end this script, launch the task manager (Ctrl + Shift + Esc) and go to the Process tab (Windows 7) or select more details (Windows 8/10). Scroll down and search for a task name as ‘wscript.vbs’. Right-click on it and end the task. This is a temporary solution until the computer restarts.

Fix shortcuts that are already created in your Windows hard drive partition

The shortcut virus can spread on your computer hard drive, if you have a shortcut in the partition drive, then the above command prompt method helps you repair those files.

For example if the partition ‘E’ is infected, then use the following command:

attrib -h -r -s /s /d E:\*.*

Do not use this command for Windows Drive (like C :). If Windows Drive is infected, you should install a clean installation of Windows on your computer.

Remove shortcut virus permanently using USB fix (software application)

USB Fix by SOSVirus is a freeware malware removal tool for Windows that helps you remove malware (including shortcut virus) from USB storage and computer. I do not believe 100% on these applications, so I specifically recommend that you should copy important data from your computer to an external hard drive or to a different computer.

To use USB Fix on your Windows computer, follow the steps below:

  1. Close all programs in the taskbar as software can kill all running programs.
  2. Install and Launch USB Fix on Your Computer.
  3. Press the ‘Clean’ button and confirm the action.
    usbfix
  4. Malware removal tool will now analyze your computer and fix the shortcut virus problem for permanent.

The application can make changes to your Windows, so after the clean process is complete, restart your computer.

Tips to prevent shortcut virus or other malware

  • Install a genuine and paid antivirus software on your computer and keep it up to date via the internet.
  • Do not explore files on the connected USB storage before scanning with the antivirus program.
  • Do not exchange data with computers that do not have antivirus programs.
  • Always download software application from these software download sites.
  • Use the Boot Time Scan feature in your antivirus once in a month.
  • Note when clicking on any content on hacking, cracking and pirated websites.

And stay safe on the internet.


Pin It