Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

folder Shortcut

Created: 29 Jun 2013 • Updated: 29 Jun 2013 | 13 comments

When u insert my pendrive in my system my all folder being shortcut and i cant able to open it.

I'm using symante endpoint protection 11.1,

 

Please give me solution

Operating Systems:

Comments 13 CommentsJump to latest comment

raju123's picture

Have you antivirus update with lates defintion?

Microsoft Security Patches Updated?

Check thread

https://www-secure.symantec.com/connect/forums/shortcut-folders-creating-virusworm

Update patches

Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution
Vulnerability
Microsoft Security Bulletin MS10-046/ (KB2286198)
http://www.securityfocus.com/bid/41732/solution
 
Microsoft Windows Server Service RPC Handling Remote Code Execution
Vulnerability
Nortel Response to Microsoft Security Bulletin MS08-067/ (KB958644)
http://www.securityfocus.com/bid/31874/solution
 
Edit---
 
If virus still running then submit the virus file tosymantec secuirty team
.Brian's picture

Have you scanned the drive for an infection? Is SEP not detecting anything?

You can submit the file here:

https://submit.symantec.com/websubmit/gold.cgi

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Sumit G's picture

Update your system with Latest Defintion.

Make sure your system are update with Latest MSPatches.

Scan your system in safemode.

If it not be clean then submit the suspicious files to symantec security team

http://www.symantec.com/security_response/submitsa...

Collect the log and also submit to symantec

https://www-secure.symantec.com/connect/articles/u...

Regards

Sumit G.

Ashish-Sharma's picture

Shortcut virus are create some Microsoft patch are missing in your system.

You can check some of fourms for same problem releated

https://www-secure.symantec.com/connect/forums/short-cut-virus

https://www-secure.symantec.com/connect/forums/vir...

Thanks In Advance

Ashish Sharma

 

 

AjinBabu's picture

HI, 

Update your System as well the OS and run a full scan on safe mode. And let us know the outcome.

Regards

Ajin

 

Sachin Sawant's picture

Apply the MS patch (KB2286198), block the autorun.inf via SEPM and full scan the machine.

Mithun Sanghavi's picture

Hello,

W32.Changeup.C  is a worm that spreads through removable and shared drives by exploiting the Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability (BID 41732).

W32.Stuxnet!lnk is a detection for .lnk files created by the W32.Stuxnet worm.

Bloodhound.Exploit.346 is a heuristic detection for files attempting to exploit the Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability (BID 41732).

New Trojan.Shylock wave

https://www-secure.symantec.com/connect/blogs/new-trojanshylock-wave

The Shylock “LNK” Awakening

https://www-secure.symantec.com/connect/blogs/shylock-lnk-awakening

Could you please zip each of the files and submit the zip files (without password) to the Symantec Security Response Team on : 

https://submit.symantec.com/websubmit/essential.cgi

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

Check these Articles:

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

So, as we see these above Threats appears when there are open vulnerabilities on the machines.

In your case, I would suggest the below Plan of Action:

1) Make sure ALL Computers are installed with Symantec EP with latest / updated with virus defintions.

2) Install ALL Latest Microsoft Secuirty Patches / Sevice Packs on ALL machines.

3) Make sure ALL the client machines are using the Latest Vendor Patches installed.

4) Disable Auto play with GPO

http://support.microsoft.com/kb/953252

5) Disable the System Restore with GPO

http://support.microsoft.com/kb/283073

6) Disable Scheduled Tasks with GPO

http://support.microsoft.com/kb/310208

7) Incase of any shared / mapped drives present, make sure these are password protected.

8) Scan ALL the machines...

Here are some excellent suggestions on how to keep your computers, their users and data safe:

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

raju123's picture

Please update the current status in thread or mark as Solved with the helpful one.

Amit K Patel's picture

Thanks All Dear, But I Didn't Try this

But I ll Try recently

.Brian's picture

This user is no longer active

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.