Monday, October 21, 2013

Shortcut Virus on Kindle

I wanted to upload a book to my Kindle last week, but Calibre refused to connect to the device. After the initial moment of panic, I opened the drive to see what was wrong. Instead of the usual directory structure, I found only shortcuts to the top folders and files, and they of course led nowhere.

It wasn't my first encounter with the shortcut virus, so I knew my files weren't lost but only hidden. I also knew how to fix it for a flash drive (backup the files + quick format), but I wasn't so sure it would work the same for a Kinde and I didn't want to risk and ruin it.

After wasting an entire weekend browsing the internet in search of a solution and finding only posts on how to unhide the files, I figured it out by myself and decided to write a blog post about it. Maybe this will help someone else too.

The Shortcut Virus

Source: It usually comes with an infected flash drive.

Behavior: Once your PC is infected, whenever you connect a flash drive, it infects the flash drive too. Shortcuts to the top folders and files are created, and the original files and folders are hidden. You can still access the files if you set Windows Explorer or Total Commander to show the hidden files, but it's annoying, and of course the flash drive is still infected.

Solution: At the time I'm writing this post, the only free online antivirus able to detect it is Karpesky. I tried four others and no luck.

1. The first thing you need to do is clean your PC so download Karpersky Virus Removal Tool (it asks for your e-mail address, but other than that it's free) and run it. It's enough to do a scan of the C: drive. The virus (VBS/Kryptik.I trojan) is a vbs file and it hides in
C:\Documents and Settings\user\Local Settings\Temp\    
C:\Documents and Settings\user\Start Menu\Programs\
When the antivirus finds it, choose to delete it.

2. Do the same thing for all of the infected flash drives (it turned out we had three in the house, plus the Kindle).

3. Next, it's time to fix the directory structure of the flash drive.
Delete all shortcuts (extension lnk).
There's a DOS command for unhiding files (attrib -h -r -s /s /d drive_letter:\*.*), but I'm lazy and prefer to use Total Commander. The shareware version is perfectly functional, and it's a better file manager than Windows Explorer.
Set it to display hidden files (Configuration - Options - Display - Show hidden/system files).
Select all the files from the flash drive and unhide them (File - Change attributes - deselect Archive, Read-only, Hidden, System).

And ta-dah! You're done.

You're welcome. :)

2 comments:

Anonymous said...

Hi!
I have a kindle with the same problem as yours. I followed all the steps you have explained but now I can't even add new books and I don't know why. Did you have this problem afterwards?

Thank you in advance.

Ax.

Weird Vision said...

No, for me these 3 steps solved the problem. Did you try adding books with Calibre? And can you access the content of the Kindle with Windows Explorer or some other file manager?