Shortcut virus is a Trojan and Worm in one. It replicates files and hides data on infected storage devices. USB flash drive is known to be the easy target of this virus. However, HDD (hard disk drive) and even (Solid-state drive) SSD’s are also susceptible.
Advertisements
- How Shortcut Virus Infects Computer?
- How effective is antivirus against it?
- Types of Shortcut virus
- What to do when your Flash drive got infected by shortcut virus?
- Method 1: remove shortcut virus using Trojorm Remover Tool
- Method 2: remove shortcut virus using registry
- Fix-folder access denied error
- How TO remove stubborn shortcut virus from extremely infected PC or Flash Drive
- How to prevent shortcut virus from coming back?
- Trojan virus is known to be tricky. One of its characteristics is hiding the real file and pose a fake one, which is an executable file that carries a virus.
- Worm, on the other hand, is a malware that keeps on duplicating itself. Sounds great, the Trojan hides the data, front the Worm as the real one and once executed, you know what will happen next.
How Shortcut Virus Infects Computer?
A simple insertion of infected flash drive into your PC will get your computer infected, immediately and vice versa.
How effective is antivirus against it?
Unfortunately, not all antivirus can detect and remove shortcut virus. But there are handful can do, to mention a few, trojorm removal tool, smadav, and usbfix.
Are you worried? I have good news for you! In less than a minute, you can easily remove, terminate, and prevent shortcut virus from your computer by yourself. YES! All you need is to follow the step by step guide below.
Advertisements
Types of Shortcut virus
- Emsisoft – Trojan.VBS.TTE (B), Trojan.Generic.7206697 (B).
- ESET – VBS/Autorun.EY worm, Win32/Ramnit.A virus.
- Microsoft Security Essential – Worm:VBS/Cantix.A.
- McAfee – VBS/Autorun.worm.k virus.
- AVG – VBS/Worm.BH.
- Bitdefender – Trojan.VBS.TTE.
- ClamWin – VBS.Agent-35.
- Quickheal – VBS/Canteix.AK.
- Sophos – Troj/Agent-NXIMal/FakeAV-BW, Mal/Bundpil-LNK.
- ClamAV – W32.Trojan.Starter-2, W32.Exploit.CVE-2010_2568-1.
- Avira – W32/Sality.AB.2
- SmadAV – VBS.Serviks, Serviks.Shortcut, Ramnit.CPL and Bundpil.Shortcut.
- Norton – Trojan.Gen.2 (Shortcut virus)
Tips: For most of the time this virus ends with .EXE, .VBS. LNK and .INI file extensions.
Files and folder shortcut.vbs and .lnk will look like just your ordinary files such as; word processor, presentation, folder, audio, and video files.
Flash Drive shortcut.ini and .exe makes an imitation of your flash drive consolidates your real data into one folder and hide it.
Advertisements
What to do when your Flash drive got infected by shortcut virus?
The best thing you can do is to make-it-a-habit, not to open your portable devices or hard drive via autorun or on “My computer”. See the below lists:
- Do not open your Flash Drive via autorun and on My Computer.
- Open your Flash Drive and Hard Disk by right-clicking it, then click explore or type its drive letter in the windows address bar to prevent any script from running.
- Follow this, how to unhide files and folder hidden by the virus. To unhide your hidden data and avoid executing it.
Method 1: remove shortcut virus using Trojorm Remover Tool
1 You need to download the trojorm remover tool and Fix folder. Once downloaded, extract it using WinRAR or any other file decompressor.
2 Then, make sure that you run trojorm remover tool inside your flash drive, wait until the scan is complete and press enter.
3 Next, copy and paste the fix-folder.vbs (this is a good .vbs file) inside your flash drive, HDD, SSD, and external drive. Right-click it, choose open with and select notepad. Look for the cDrive = “H:”, change it according to your drive letter (ex. E, F, G and so on). Then exit notepad and save.
5 You must see a dialog box confirming that everything is fixed.
Method 2: remove shortcut virus using registry
Please take note that this guide is for advanced users only. I will not be held liable for whatever consequences that may take place after following this guide. I am not trying to frighten you but one mistake may affect your PC’s normal operation.
1 Press the windows key + R, type “regedit” to enter the registry.
2 Navigate through hkey_current_user / Software / Microsoft / Windows / CurrentVersion / Run. Normally, you shouldn’t see any key except the default as you can see in the image below. Any key that is unusual such as
3 Press the Windows key + R again, type “MSConfig” click “OK“, in “Startup” tab uncheck everything except your antivirus. Click “OK” and “Restart now”.
Fix-folder access denied error
Solutions:
Open fixfolder with notepad, see to it that you change the drive according to your Flash drive and hard disk drive letter.
What if you did everything right, from changing drive letter and typing the attrib command accurately as it is and still receive the access denied error?
Run CHKDSK command using CMD. If you don’t know how to do it? Please visit this guide Windows detected a hard disk problem.
How TO remove stubborn shortcut virus from extremely infected PC or Flash Drive
You followed the virus remover guide above and found it helpful. In fact, your shortcut-virus problem is now solved. However, after plugging again your Flash drive, external hard drive (HDD) and SD card it became infected again. Why this happen?
1 Download RogueKiller and run it as well. To remove any variants of trojans.
2 Download Malwarebytes , install, update and run a scan. For more malware removal that RogueKiller might miss.
3 Install SmadAV Antivirus. A finishing touch, this also removes Bundpil.Shortcut-virus and act as computer shield against it. Thus, preventing future infections.
Note: Please do not restart your PC until you finished installing SmadAV antivirus.
How to prevent shortcut virus from coming back?
Install SmadAV as your primary defence and a good antivirus. Then do a weekly scan with Malwarebytes, for better protection. Do not let anyone insert portable devices into your computer unless it is virus scanned and found safe to use.
Your comments and suggestions are highly appreciated to improve this How to Remove Tutorial. Speak up your mind in the comment box below.
sosie says
August 3, 2017 at 3:01 am
Thanks a lot 🙂 ! this is the best “How to remove shortcut virus guide” I ever read. I was able to remove shortcut virus easily and permanently. Plus all my files are saved.
buddhika says
thank you sir very much smadAV is working. thank you again.
I.C Tiempo says
Hello Biddhika,
You are very much welcome! It’s my pleasure to help you, remove shortcut virus with this guide.
ranzu says
Dear sir,
when I open a flash drive in my pc, the files are not remain in the original type and also when I copy anything in a flash drive and open it to other pc , the same thing happens. Is it a shortcut virus or other things?
Any help will be appreciated.
I.C Tiempo says
Hello Ranzu, if you mean that your files’ format has change, mostly to .exe or .lnk then it’s a shortcut virus. If you are having no important files in your flash drive I would recommend to format it. But not quick-format, uncheck the quick-format before clicking format.
Helpme says
I followed SVR V3.1 guide and removed the virus .lnk file but once I plugged back the flash drive the virus is back aka the it turned again to a shortcut
I.C Tiempo says
Hi, it means that your computer is infected with shortcut virus. Please try to install SmadAV and scan all your hard drive partitions.
Big Smoke says
Dude please how about the files and folders shortcut in the local disk not in the flash drive?
I.C Tiempo says
Hi, you can follow the same process on removing shortcut virus in flash drive. It will work in your hard disk partition as well. Simply, run the trojorm tool in your drive c: or d: or in any partition.
Yuna says
Hi. I just bought a used computer from someone. It was already restored to factory settings, but I asked the person I bought it from to install some programs for me..
I installed Avira after. Then Avira detected about 400+ of infections.. most of them I see as ramnit and are in the program files( I haven’t really checked the folders but I think they’re in the programs I asked to be downloaded).. so my question is.. do I paste the virus removal tool in my computer, or do I have to find the exact folders where the virus is hiding..?
I.C Tiempo says
Hello Yuna, thanks for dropping by. You don’t have to find the virus or the folder, it will take much time and effort. All you have to do is to paste the shortcut virus remover (Trojorm tool) in your drive C: and run it as per the instruction above. You can also install SmadAV to complete the cleaning process.