Video Screencast Help

Shortcut of folders creating by virus/worm

Created: 17 Mar 2013 • Updated: 12 Apr 2013 | 7 comments
This issue has been solved. See solution.


I am facing virus/worm issue. Shortcut of folders creating by virus/worm . I have googles and searched in symantec connect but still no resolution.

Do I need any ADC policy to prevent this. Pleasehelp urgently as it is spreading day by day and our resorces consuming this worm.

Also find the snapshot and sample of shortcut of files.

<<<<CMD.rar file removed - Mithun Sanghavi>>>>

Comments 7 CommentsJump to latest comment

Ambesh_444's picture


Please disable autorun.

Preventing a virus from using the AutoRun feature to spread itself

Check the below articles on handling infections.

Best practices for troubleshooting viruses on a network

Security Best Practice Recommendations

How to Use the Web Submission Process to Submit Suspicious Files

Security Response recommendations for Symantec Endpoint Protection settings

Thank& Regards,


"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

kishorilal1986's picture

Hi Santosh,

I also facing same issue of shortcut creation of folders.Please let me know the the name of virus and its ipacts til. What are u doing prevent  spraed of this

Mithun Sanghavi's picture


I would advise not to upload any .exe file on the Symantec Threads.

I would advise you to upload this suspicious file to the Symantec Security Response Team on -


Secondly in your case, it is advisable to follow few important steps:

1) Make sure all these machines are Patched with ALL Latest MS security patches and service packs.

2) Make sure the machines are installed with the Latest Symantec virus definitions.

3) Disable the Autorun Feature on the machine.

Preventing a virus from using the AutoRun feature to spread itself

Later, incase of suspicious activity still happening, then follow the steps provided in the Article below:

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

kishorilal1986's picture

Hi Santosh ,
This issue is resolved and will share the resolution soon.
till refer below thread

kishorilal1986's picture

Hi Santosh,

also check this

With reference to recent virus/worm issues, Symantec has strongly
recommended us to update the below mentioned patches on priority as this
helps worms/viruses to gain advantage of the vulnerabilities found on
unpatched machines. Also recieved virus defination from symantec for submitted worm.

Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution
Microsoft Security Bulletin MS10-046/ (KB2286198)

Microsoft Windows Server Service RPC Handling Remote Code Execution
Nortel Response to Microsoft Security Bulletin MS08-067/ (KB958644)