How to remove the shortcut virus?

Well! At present, all the advanced antivirus softwares remove all the latest and dangerous viruses that harm the system, but not this simple and tricky “shortcut virus”. The shortcut virus is one, which converts all the folders and files in a removable disk to shortcuts. You may get confused because even if it gets detected and removed from the removable disk, it still affects all the removable media inserted in to the system. The reason behind this fact is as follows.

The shortcut virus infects a pendrive or any removable disk and when that particular disk is inserted into the system it affects the ’c:’ drive. Once it affects the ‘c:’ drive of a system, all the removable media inserted in the system will get infected and through that infected media, it affects other systems and so on. So, even if it is detected and removed from a removable disk, it still stays in the ‘c:’ drive and affects all the removable media inserted into the system.

The only successful way to remove this virus is to do it manually. No need to worry. This is not a big issue and can be done simply as follows.

Step 1: Start the system in safe mode. You can do this by simply switching OFF (Long press the power button) the system without shutting it down. Now, if the system is switched ON you can find an option to login through safe mode. You can also do this through control panel.  

Step 2: Remove the infected removable disk, if it is connected to the system.

Step 3: Go to the Start menu.

Step 4: In the search box, type ‘msconfig’ and press ENTER.

Note: If you do this without starting up in safe mode, the msconfig window will close automatically.

Step 5: In the msconfig window, go to ‘Startup’ tab.

Step 6: In the stratup tab, find the files which have java extension '.js' (from the command). It will have ”Startup Item” name like ‘7sbd’ or some similar meaningless names. The Manufacturer will be ‘Unknown’.

Step 7: For such items, note where it is stored (The path can be found in the Command).

Step 8: Go to the location shown in the command path.

Note: If it is not found in the location, try these steps. Press F10 key and go to Tools -> Folder options. In the Folder options window, go to ‘View’ tab. Check the box “Show hidden files, folders and drives”. You can find this in the ‘Advanced settings’ area. Now, you can find the virus file in the location shown.

Step 9: Permanently delete the file (Shift+Delete).

Step 10: Now, again go and check the msconfig window. The Startup item will not be there. That is our Success!

Note: If the Startup item is still there, try this out. Go to start menu and type ‘cmd’ in the search box and press ENTER. In the command prompt, type the following command

rmdir c:\specified command path

To protect yourself from the further attacks, install “USB Disk security” or “SMADAV” Antivirus.

Good luck!

Please share if you like the post!