Categories: Browser HijackerMalware

How to fix browser shortcuts, modified by malware

Malware programs often modify the browser shortcut to force you attend numerous intrusive websites, show you ads and install additional adware on your PC. The problem is that antivirus programs and anti-malware utilities are able to kill malware but they often are unable to detect modified shortcuts and remove files which they are pointing to. As a result your browser can still direct you to a hijacking-webpage despite your computer is actually clean of malware. In this case you need to fix the shortcuts for your Chrome, Mozilla Firefox and other browsers manually.

How do I know if my browser shortcut has been modified (broken)?

Open the properties of the shortcut. Go to the Shortcut tab and have a look at the Target field.

Normally the last word in this field looks like chrome.exe, launcher.exe, firefox.exe – the file extension is .exe:

Broken shortcuts (those that have been modified by malware) usually point to .bat, .cmd or .url files instead of .exe. Besides that there may be various website address at the end of the line. In this case the path looks like ..\Application\chrome.exe” //example.com.

The path itself can be wrong as well. On the image below we can see that shortcut points to

C:\ProgramData\WrongFolder\wrongFile.bat

Example of broken shortcut:

Default paths for browsers  (Chrome, Firefox, Opera, IE)

Here are default paths for different browsers. You can use this information to fix your broken shortcuts which have been modified by malware.

Browser Target
Google Chrome C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
Opera C:\Program Files (x86)\Opera\launcher.exe
C:\Program Files\Opera\launcher.exe
Mozilla Firefox C:\Program Files\Mozilla Firefox\firefox.exe
Interner Explorer 11 C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe

How to fix the browser shortcut (Chrome, Firefox, Opera, IE)

Warning! Before you start fixing browser shortcuts please be sure to:
1. scan your system using AdwCleaner and Anti-malware and remove all active malware;
2. clean temporary files using CCleaner or at least manually empty \AppData\Local\Temp\ folder.

  1. Open shortcut’s properties:
  2. Click on Open File Location to go to the folder where the malicious file is located:
  3. Unpin broken shortcut from the taskbar:
  4. Delete the malicious folder (you will need to go one level up in file explorer):
  5. Go to the system folder of your browser and copy the path to the executable file (hold SHIFT, right-click on the file and select Copy as path):
  6. Fix shortcuts in Start menu using the correct path (works in Windows 7):
  7. Go to these folders and check all shortcuts. Fix them using correct paths: 
    C:\Users\username\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch
C:\Users\username\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
  8. Launch the browser directly and make sure it starts without third-party sites:
  9. Pin browser to taskbar if you need to:

Video: How to fix broken browser shortcuts

Please watch the video guide to better understand the issue:
Adam Swift

Adam is a real tech maniac. He likes to spend time testing phones, tablets, laptops, as well as any other technical devices, and write practical manuals on their functions. He often sleeps all day, but always works at night. Adam bought his first computer in 1999, being an absolute beginner who never held a computer mouse in his hands. He began to study Windows, constantly experimented and often crashed the operating system. But six months later, he was able to reinstall Windows 98 from a scratch on his own, fix almost any software problem on a PC, he also did hardware upgrades and realized that computers, operating systems and programs are now his biggest passion. In addition, Adam has always been a big lover of phones. With the advent of smartphones with Android OS, he began to pick at them much more than in computers. Now Adam loves to study privacy issues in instant messengers, blocking unwanted calls and other nuances related to privacy and security on the network. You can follow him on Twitter: https://twitter.com/tunecomp

Leave a Comment
Published by
Adam Swift
2016-01-30 23:08

This website uses cookies.

Read More