How To Remove Shortcut Virus

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.


This page will inform you how to remove Shortcut Virus from your PC, a virus that recently started spreading like a wildfire among Windows users. We aim to show you how to use the Shortcut Virus remover for USB, Pen Drives (PenDrives), SD cards and external HDDs removal. Many users are sending inquiries like “cara menghilangkan virus shortcut” and “cara menghapus virus shortcut” which shows that this is a problem not limited to the English speaking world.

This Shorcut virus is capable of attacking all types of USB devices – pen drives, flash drives and SD cards. Whenever a healthy drive is slotted into a computer infected by this virus, an invisible subroutine will be ran upon it. Essentially all the data inside the drive is moved to a hidden folder that is not accessible unless you use a Shortcut Virus remover first. The data is not lost – it is merely hidden and we’ll show you how to recover it, as well as how to get rid of the virus itself. The only thing visible on the drive is a shortcut file that apparently leads to the drive itself. This is a trap! This shows just how much a question like “cara menghilangkan virus shortcut” is relevant.

SUMMARY:

Name  Shorcut Virus
Type Trojan/Wurm hybrid
Danger Level High (Valuable data may be hidden, clicking on the shortcut .exe can lead lead to disastrous results of viruses and spyware installing on PC)
Symptoms All data from a drive seemingly erased and replaced by a shortcut.
Distribution Method Plugging a healthy USB drive into an infected computer.
Detection Tool

Navigation:
1: Enter Safe Mode.
2: Manually follow the instructions on how to remove the Shortcut Virus.
3: Permanently delete Shortcut Virus from Task Manager’s processes.
4: Uninstall the virus from Regedit and Msconfig.

DO NOT try to open this virus created shortcut!

This is the crux of the trap. Even if you try to open it you will find that your data is NOT located inside – on the surface it looks like opening the shortcut does absolutely nothing. In truth this is when the Trojan actually activates inside your computer – before you click on the shortcut it will be restricted to the USB drive only.

If the shortcut created by the Shortcut virus is opened from the computer the wurm/trojan will latch onto the computer as well and will immediately infect all other uninfected flash drives. In addition it will not function as a classical Trojan – it can be used as a backdoor into your computer’s defenses by the owner of the Shortcut virus. The hacker will not be able to install viruses and spyware into your computer at will and without your permission. If you have already tried to open the shortcut file then you also need to uninstall the virus – and fast.

How your USB device may have been infected with the Shortcut virus

It’s either:

  1. Your PC was originally infected and it spread to your USB device after you plugged it.
  2. Your USB device came into contact with another infected computer

If it was Case 1 then all other USB devices you have had plugged-in are likely infected too, so please take the necessary measures to remove Shortcut virus from them as well. The same applies if you already tried to open the shortcut file as the Trojan inside has now spread to your machine.

The Shortcut virus is a hidden threat that may lurk unnoticed in infected computers for a very long time. If you colleague’s computer was the source little can be done, but you should do your best to make your computer safe before worrying for potential problems from other computers. Viruses such as Shortcut virus are most often distributed via the following methods:

  • Тhrough software bundles. These are installers for software that include more then one program for installation inside of them. Whenever the Default installation option is picked all included programs will get inside your PC. That’s generally a bad idea – the extra problems are seldom useful and the chance of getting a virus, an Adware or some other type of malicious application is quite high. We recommend to all of our reads to use the Advanced installation option whenever able. It allows you to block any unwanted extra programs from installing
  • Hidden in infected executable files. Most often these are obtained from torrents or free online storage sites. This method relies on the fact that there is no control over the quality of such files. They will pretend to be some different software, but what’s really inside is the virus.
  • Another tricks associated with unsafe online sites is the Ads. On certain sites you may see multiple download buttons – in fact if there is a working one it will be only one of them (or none!). All the fakes will download a file named in the same way as the file you search for. Hidden inside is, of course, the virus.
  • Through an Ad created by an Adware. If you are seeing a large increase of Ads displayed on most pages you visit then it’s likely your computer has been infected with some type of Ad-based virus. These are not very dangerous except for when they install things like the Shortcut virus on the affected computer.

If you have to occasionally plug USB devices into computers that you suspect are not safe we recommend that you keep a backup of all the data stored on such a drive someplace safe. Also use an anti-virus or anti-malware program to scan such a drive if it has been connected to a computer you suspect was infected.

Note that locating this virus on your own is like finding a needle in a haystack. In addition if your PC has already been infected by the Trojan there is a very good chance that it has one or more additional viruses installed by the Trojan itself. You do not need the Shortcut Virus remover to get rid of them – the rest of the guide should help you by itself.

However, without knowing what these viruses are we cannot deal with them. Our detailed method will deal with all hidden files on the USB drives and restore your data. It is your own responsibility to make sure there are no leftover viruses after. Use an anti-virus or anti-malware scan tool for this task. If you have no such program installed on your machine (or you suspect it doesn’t work – your PC was infected after all) check out our recommendation.

Also please remember that a Format will clean the virus from your drive should all else fail. Use this as a last resort, because it will wipe your data as well as the virus! Now it’s time to indulge our readers and show you “cara menghilangkan virus shortcut”.

Shortcut Virus Remover


Step1

The first thing to do is a reboot in Safe Mode. Enabling Safe Mode is necessary to prevent the virus from creating any new shortcuts while you remove it in real time. If you already know how to do it, just skip this and proceed to Step 2. If you do not know how to do it, continue reading:

For Windows 98, XP, Millenium and 7:

Restart your computer. To be sure you don’t miss the time when you need to press it, just spam F8 as soon as the PC starts booting. Then choose Safe Mode With Networking.

For W8 and 8.1:

Click the Start button, then Control Panel —> System and Security —> Administrative Tools —> System Configuration.Administrator permission required

msconfig

Then check the Safe Boot option and click OK. Click Restart in the pop-up.

For W10:

  1. Open the Start menu.
  2. Click the power button icon in the right corner of the Start menu to show the power options menu.
  3. Press and hold down the SHIFT key on the keyboard and click the Restart option while still holding down the SHIFT key.

W10 will perform the reboot. Next do the following:

Click the Troubleshoot icon, then Advanced options —> Startup Settings. Click Restart.
After the reboot click on Enter Safe Mode With Networking (Fifth Option).

Step2

WARNING!
To remove parasite, you may have to meddle with system files and registries. Making a mistake and deleting the wrong thing may damage your system.
Avoid this by using SpyHunter - a professional Parasite removal tool.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

This step will restore your files and delete the treacherous shortcut created by the virus. Instructions for deleting the virus follow after it. However none of these steps can remove any extra viruses that may have been loaded into your machine while Shortcut Virus was operational. To do that use an automated scan tool from an anti-virus or anti-malware program. If you don’t have one or the one you use did not find the virus (your computer was infected after all) please look at our recommendation above.

How To Remove Shortcut Virus

Hold the Start Key and R together. Write cmd in the field, then click OK.

CMD command

You are now in the Command Prompt panel. Now go to My Computer and see which name windows assigned to your drive.

drive letter

In my case it’s drive F. Now you have to go to the Control Panel window that we opened and type the letter of the drive followed by semi-columns – in my case it is like this F: Then hit Enter. A new like will appear that will look like this F:\>

F

Now type the following: attrib F:*.* /d /s -h -r -s . (Replace F: with the drive name of your drive)

drive command

Now hit Enter. All of your files will now be recovered and the Shortcut virus deleted from this drive.

Repeat this step for all affected drives – simply change the F letter from the example with the proper letter assigned to the drive you are currently cleaning!

  • NOTE: it is entirely possible you have contracted a virus that is the first step towards a “ransomware.” Ransomware completely encrypt your personal files and demand money to release them. Trojans are the primary source of such threats – and the shortcut virus comes via Trojans. Be careful to observe not only how to remove Shortcut virus, but look around for other problems. It is highly recommended to use a professional scanner as well.  

Step 2B (Optional)

Perform this step if the instructions of Step 2 somehow didn’t work and you can still see the shortcut virus on your drive.

  1. First create a new .txt file (Mouse right click -> New->Text Document) and open it via NotePad
  2. new file
  3. Copy the following instructions in the NotePad file:
    @echo off
    
    attrib -h -s -r -a /s /d F:*.*
    
    attrib -h -s -r -a /s /d F:*.*
    
    attrib -h -s -r -a /s /d F:*.*
    
    @echo complete
  4. As beforel F: is just a placeholder! Replace F with the appropriate Drive letter on your computer!
  5. Now go to Files (found upper left site of window)->Save As… and change the save as type to “All files(*.*)” from “Text documents” and rename it to cleaner.bat and save it on your desktop. remover
  6. Simply close NotePad and double click on the newly created file.
  7. All shortcut viruses from the respective drive will now be removed and your data will be restored!
  8. Repeat these instructions if necessary for each affected drive (don’t forget to change the letter!).

You are not done yet! We have to remove any traces of the virus that remain. Please keep reading.

Step3

Open the Task Manager by right clicking on the Taskbar and choosing Start Task Manager.

virus-taskbar123

Once it opens, choose the Processes Tab. Look at all of the processes in front of you and try to determine which one contains the virus. It should look like wscript.exe or similar. Google any unfamiliar processes if you are unsure of them or ask us in the comments and we will provide the best assistance we can.

A BIG WARNING! READ THIS BEFORE PROCEEDING!

The final step involves deleting files from your computer’s registry. This is a potentially dangerous process, but is required to deal with Shortcut virus. Please be very careful. as doing this wrong can damage your Windows installation or other programs. If you are worried that you might delete something wrong please use a professional shortcut virus remover!

malware-start-taskbar

Right click on  the virus process (wscript.exe or similar) and select Open File Location. Also, End the process after you open the folder. Just to make sure we don’t delete any programs you mistakenly took for a virus, copy the folders somewhere, then delete the directories you were sent to.

Step4

Take a look at the following things:

Type msconfig in the search field and hit enter: you will be transported to a Pop Up window.

msconfig_opt

Go in the Startup tab and Uncheck entries that have “Unknown” as Manufacturer.

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type odwcamszas. Right click and delete any entries you find with a similar name. If you can’t find them this way, look in these directories, and delete/uninstall the registries manually:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious, but bear in mind they are always different.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run–

Step5

If these things fail to help you find Shortcut Virus you need to resort to a professional scanner – obviously this is a malware that was created to steal your credentials and credit cards – meaning the people who created it spent a lot of resources to make it as dangerous as possible.

Remember to leave us a comment if you run into any trouble!

Did we help you? Please, consider helping us by spreading the word!

Was this guide helpful?

';
  • HowToRemove.Guide Team

    Hello Cindy,

    If you are absolutely sure that you don’t have the Shortcut virus on your PC then you don’t need to follow all of our instructions. If you have any doubts though make sure to be thorough and follow them to the letter.