The Shorturl.at Virus
The Shorturl.at virus is a page-redirecting and ad-generating application that falls into the browser hijacker category. Users who have the Shorturl.at virus in their browser may detect unauthorized changes to their homepage and search engine settings and may start to experience redirects to pre-defined websites.
This strange program can alter the settings of most browsers including Edge, Chrome, and Firefox, and can show dozens of pop-up advertisements, banners, and notifications on their screen. Normally, as a typical browser hijacker, Shorturl.at can take control over the system’s default web browsing app and make certain changes to its settings. For example, it may install some ad-generating components that display sponsored commercial messages during your browsing sessions. It may also replace your search engine with a different one that predominantly shows sponsored search results and set a new homepage address that redirects to a specific site. These new settings typically ensure that you get bombarded with streams of box notifications, pop-ups, banners, and other types of online advertising content the moment you open your browser.
The Shorturl.at Malware
The Shorturl.at malware uses automatic web page redirects – another infamous consequence of the presence of the Shorturl.at malware inside your browser. This program may reroute you to partnering sites the moment you type a URL in the search bar. This can not only be very annoying but also very risky because you can never know where you may land and what stands behind the websites that get loaded on your browser. The risk of bumping into virus-infected pages, phishing websites, and low-quality domains used for the distribution of ransomware, Trojans, and other malware is always present. Therefore, some caution is needed when it comes to the activities that a browser hijacker such as the Shorturl.at malware can perform.
What is probably the most disturbing fact about programs such as the Shorturl.at malware is that users often face difficulties when trying to uninstall them and to remove their browser changes. No matter how hard they try, the hijacker’s settings seem to stick to the default web browser in the system and even a change of one browser to another one cannot help eliminate the unwanted software and restore the previous search engine and/or homepage.
The www.shorturl.at Virus
Virus-like pages similar to www.shorturl.at typically install some helper elements to facilitate their activity and unless those helper elements are detected and fully removed, the user can’t gain control over their browser. The detection of all the hijacker-related elements, however, normally requires some help from a professional removal tool or detailed guide. That’s why, after this article, we have published a removal guide with a description of the whole uninstallation process of www.shorturl.at. The manual is free and quick to follow but we do advise you to combine it with the automatic removal tool for optimal results.
The reason is that sometimes it is not enough to simply remove the browser hijacker from the system because, by the time you eliminate it, you might have happened to click on some questionable web link or a fake web ad that could have injected some malware (such as ransomware, a Trojan, etc.) or virus into your system that you may not be aware of. And the best way to check your computer for hidden malware is to scan it with a reliable security tool.
SUMMARY:
Shorturl.at Virus Removal
To remove Shorturl.at Virus, you should try to find its extension in your main browser and delete it in the following way:
- Start the browser that has Shorturl.at Virus installed in it and select the browser menu.
- Go to the extension settings of the browser and try to find the hijacker among the listed items.
- If you find the hijacker extension, click on disable and select the remove button to remove Shorturl.at Virus.
- Look for other suspicious or unwanted extensions and if you find any delete them too.
The previous steps show a generalized way of deleting unwanted browser hijacker extensions from any browser. However, depending on what browser you use, there could be slight variations in those steps so if you need more specific instructions for your browser, check the rest of the guide – towards its end we’ve included browser-specific instructions for Chrome, Firefox, and Edge. Also, since many hijackers tend to “entrench” themselves in the computer system by making different changes to the system settings in order to be more difficult to remove, you may need to revoke those settings changes before you could successfully delete the hijacker. If Shorturl.at Virus is still bothering you even after you’ve attempted to delete its extension from your browser and/or if you were not able to find or delete its extension, then you should complete the rest of this guide.
Advanced Removal Instructions
Step 1: Find the Shorturl.at Virus process
If Shorturl.at Virus has been installed on your computer, you should try to find the process or processes that it is running and quit them.
To do this, first, open the Task Manager app. You can search for it in the Start Menu or evoke it by using the Ctrl + Shift + Escc keyboard combination.
Once the Task Manager opens, go to the section labeled Processes and there try to find a process named Shorturl.at Virus. if you don’t see a process with this name, you should look for other entries that grab your attention by seeming out of place due to their unusual names or by requiring large amounts of system resources (RAM and CPU) to run. If you see such a suspicious process (especially if it isn’t linked to any of the programs that are presently running on the computer), right-click on it and select the first option from the menu (Open File Location).
- It is a good idea to perform an online search with the names of any processes that seem suspicious. It is highly possible that a seemingly questionable process is actually a legitimate one from your system and if that turns out to be the case, you shouldn’t touch that process.
In the file location, you will see the files related to that process. To test if the process could potentially be linked to the unwanted hijacker, drag all of the files stored in the location folder to the free scanner posted below.
If the scan results tell you that at least one of the tested files is infected, switch back to the Task Manager, right-click on the process again, and then select the End Process Tree option to quit that process.
Afterwards, delete the location folder for the process. If the deletion cannot be completed, enter the folder, delete the files in there and if you see an error message preventing you from deleting one or more of the files, leave those for now and return later. Once you’ve completed all the remaining steps, you should be able to delete the remaining files alongside the location folder itself.
Step 2: Safe Mode
Operating while in Safe Mode is important as this will ensure that even if there are any unwanted processes that you didn’t quit during the previous step, those wouldn’t be allowed to run when your PC is in Safe Mode because only essential system processes are allowed to automatically start during that time. You will find instructions on How to start your Windows PC in Safe Mode if you click on the provided link.
Step 3: Startup settings and Hosts file
Those two parts of the Windows OS are often targeted by unwanted software so checking them and revoking any unwanted changes made to them is important if you are dealing with a browser hijacker such as Shorturl.at Virus.
To go to the startup settings, type system configuration in the search box below the Start Menu and select the System Configuration icon that shows up at the top of the results. In the System Configuration window, open the Startup section where you will see what third-party processes, programs, and apps start automatically when Windows boots up. If any of those items look sketchy like they could be linked to Shorturl.at Virus, uncheck those items (remove the tick from their respective checkbox).
In general, all items that you don’t recognize should be unchecked. Still, you can search online for information on any startup items that you are uncertain about. Obviously, if there is an item with the Shorturl.at Virus name on it or anything close to that, you should uncheck it.
After you are done with the Startup settings, click on OK so that the changes you’ve just made would be saved and then copy the following line and paste it in the Start Menu: notepad %windir%/system32/Drivers/etc/hosts.
Select the first result shown in the Start Menu – it should be a notepad file named Hosts and in that file, you must look at the bottom of the text and see if there are any odd-looking IP addresses written there. In general, if there is anything written below the “LocalHost” line, this means that a third-party app or program has tampered with the Hosts file.
Sometimes third-party changes made to that file are necessary for certain legitimate programs to function normally. However, oftentimes changes to that file are made by malware, adware, and hijackers like Shorturl.at Virus. Therefore, send us in the comments whatever IPs you may see in your Hosts file below the LocalHost line and we will look at them and tell you in our reply to your comment if the IPs aren’t supposed to be there in which case you will have to manually delete them from the file and then save the changes.
Step 4: DNS Settings
The DNS settings are also often targeted by unwanted software like Shorturl.at Virus so it’s best to check those as well.
Click on the Start Menu, type network connections, and hit Enter. This will take you to the different networks that you’ve used from your computer – right-click on the one that you are currently connected to and go to Properties.
In the Properties window, you will see a list with different items – click on the one named Internet Protocol Version 4 (ICP/IP) and then select Properties. In the next window, there is an option labeled Obtain DNS servers automatically – if that option isn’t enabled, enable it now and then go to Advanced and select the DNS tab. In there, you will see DNS servers list – if there are any items in that list, select them and click on Remove to delete them. Then click OK on all open windows to apply and save the changes and to close those windows.
Step 5: Registry Editor
The Registry stores many settings related to your OS and to third-party programs installed on your computer. To gain more permissions and to be more difficult to delete, most malware and unwanted software introduce their own entries to the system’s Registry. To successfully delete Shorturl.at Virus, you will have to check the Registry for items/settings introduced by this unwanted app and delete those. However, you must do so very carefully making sure to not delete anything that isn’t from the browser hijacker. Otherwise, you could end up causing more harm than good if you delete the wrong thing. Therefore, we strongly recommend that you always write us a comment while trying to complete the current step whenever you are unsure about whether a certain Registry item is from the unwanted software and if you should delete it.
One way to start the Registry Editor is by pressing Winkey and R from the keyboard, typing regedit in the Run window, and hitting Enter. Before the Registry Editor could start, you will have to give your Admin permission so click on Yes when required to do so.
When you see the Registry Editor window on your screen, press Ctrl and F and type the hijacker name in the search box. Select the Find Next button and wait for the search to complete. If a result is shown to you, select the found item, press Del, and confirm the deletion. Perform the search again to see if there are other items and delete the next thing that gets found. Repeat the process for as long as there are items with the hijacker name.
Once you’ve deleted all unwanted entries, find the following three Registry locations by manually navigating to them in the left panel of the Registry Editor:
- HKEY_CURRENT_USER/Software/
- HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run/
- HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main/
Check those directories for strangely-named folders/items. For instance, if a given folder/item there has a name that is much longer than the other ones and/or its name contains randomized characters, you should probably delete it. Again, it is better to consult us in the comments first unless you are certain that the suspected item is from the hijacker and needs to be deleted.
Step 6: Unwanted browser extensions
If you were not able to delete the unwanted Shorturl.at Virus extension from your browser at the start of this guide, try again now by following the browser-specific instructions below. If you are using a browser different from the ones we’ve shown here, know that the way to delete unwanted extensions in it should be very similar (if not identical) to the way extensions are deleted in either Chrome, Edge, or Firefox.
Chrome Instructions
Start the Chrome browser and click on the icon with three dots that you see in the top-right corner (below the X button).
Hover your mouse over More Tools and go to Extensions from the secondary drop-down menu.
Once the extensions page opens, disable all extensions that you don’t need or use as well as those that you don’t recognize and/or haven’t installed yourself by toggling off their respective switch buttons.
Remove all of the suspicious extensions by clicking on their Remove buttons.
Edge Instructions
Go to the Edge menu (three dots like with Chrome) and select Extensions.
Turn off/disable the extensions that you deem unwanted using the toggle button next to them.
Delete those same extensions using their Remove buttons.
- The reason we first tell you to disable the unwanted extensions is because sometimes they won’t get deleted if you first try to remove them without having disabled them first.
Firefox Instructions
Go to Add-ons from the Firefox menu (three lines icon) and click on Extensions from the left panel.
Delete any extensions you think could be linked to the hijacker as well as ones that you don’t normally use.
Click on Plugins from the left and if you see any suspicious items listed there, select their status setting and change it to Never Activate (if it’s not been already set to that).
Step 7: Professional removal software
In some rare cases, even if you have completed everything from this guide, the hijacker would still be felt in the system. If that’s your case, it’s best to use the help of a professional removal tool like the one we’ve included on the current page. This tool can help you delete the hijacker in a matter of minutes and also keep your system safe from other unwanted software and malware.
This is very helpful. Thank you very much for the effort and posting.