Some of the researchers working for Phrozen Software have found out an easy way to create deceptive shortcuts that malicious programs can use to make an unsuspecting user run commands or launch programs that might cause harm to the system. Combined with some of the well known tricks of cyber-criminals like spear-phishing and social engineering, these malicious shortcuts could become very harmful to the victim’s computer. For example, the cyber-criminals could pretend to be from a reputed software firms and make the victim download some shortcuts that would be declared clean by most of the antivirus software, but when launched these malicious shortcuts can change various settings in your system and infect it further.
Now they have developed a program called Shortcut Scanner that can tell you if a shortcut is harmful or not. The portable program has a drag-n-drop interface. You can drag the suspicious looking shortcuts on its window and it will scan them for you. You can also select disks, partitions, or folders to scan them for any malicious shortcuts.
The results are displayed instantly and all the dangerous shortcuts are already checked for quick deletion. It displays the target of the shortcut, the arguments as well as if the arguments use the overflow technique to hide the real arguments. You can select any shortcut from the list to see the command and arguments. In order to delete these shortcuts, you can click on the erase icon in the toolbar.
In general, if a shortcut is masquerading as some other program by using that program’s icon and then has some other target (program or command) and arguments containing too many spaces, then it should be treated as suspicious and not used without making sure that it came from a legitimate source. If you are unsure then you can delete such shortcuts.
You can download Shortcut Scanner from https://www.phrozensoft.com/2017/01/shortcut-scanner-20.