What Is Shortcut Virus and How Can You Get Rid of It?

The Shortcut virus can hide all of your files and documents, rendering them inaccessible. Here’s how to remove it.

As the name suggests, Shortcut virus is one that converts files and documents in the infected system into shortcuts. You will therefore be left with no ability to access these files and documents.

The virus does the job of hiding your real documents. Instead, you’ll see the file’s name and file extension; but it would only be a shortcut. What’s more, if you try to access the file by clicking on the shortcut, this virus is capable of further multiplying and spreading.

Here are more details about the Shortcut virus and ways to remove it from an infected machine.

Could Infect Your PC from External Drives

Experience has so far indicated that the Shortcut virus first lodges itself in external storage devices like flash drives and SD cards. Users may have the “AutoPlay” option enabled in their computers and that is invitation enough for the Shortcut virus to make an entry and go about causing havoc.

Experts classify the Shortcut virus as a Trojan as it operates stealthily without your knowledge. Besides hiding your documents and replacing them with the shortcuts, this virus is capable of reading the information from your files. In a typical data loss situation, you may be able to reconstruct some of the documents through other locations like cloud storage or from email attachments.

However, the consequences can only worsen when the virus gains access to sensitive data like financial information or banking passwords. This is why you have to act fast and get rid of the Shortcut virus. It has to be removed not only from your PC and laptop but from USB drives and other sources before you can restore your security.

Using the Command Prompt to Remove Shortcut Virus

It should be noted that if you use USB drives or SD cards, you need to remove the Shortcut virus on these devices before you do it on your PC. This is critical because if you fail to do this, the next time you use the external device, the virus can make a comeback.

The default PC assumed here is Windows, as most commands and key selections represent a Windows 10 environment:

  1. Before starting, make sure to note the drive in which the external drive is inserted. You can find that by using File Explorer from the Start menu. Check the letter associated with the corresponding drive. It should be followed by a colon symbol, “:
  2. As always, there are two ways to reach the Command Prompt window.
    1. Right click on the power button and choose Run.
    2. OR, press the Windows key and the letter R
  3. In the Run box, type “cmd” and hit Ok to reach the Command Prompt.


4. Type the letter associated with the external device, followed by a colon (:) symbol. Click Enter.

5. Then type out this prompt: ATTRIBUTE -H -R -S AUTORUN.INF

6. After typing the above text, click Enter.

7. Next, type DEL AUTORUN.INF and then click Enter.

Note: If you were wondering what the letters s, r and h stand for in the command above, they represent system, read-only and hidden, respectively. The command, when executed, will take care of each of the issues the Shortcut virus had created with your documents.

After following these steps, your documents should have been released from the clutches of the Shortcut virus, whether on the system or on the drive.

Removing the Shortcut Virus from the Registry

  1. The starting point here is the same Run dialogue box, via the Windows + R
  2. Type regedit to open the Registry Editor window.


3. The next navigation route is: HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run

4. There will be a list on the right side of this window resulting from these commands.


5. If you find any registry keys labeled WXCKYz, ZGFYszaas, OUzzckky or odwcamszas, then they need to be removed. The way to do is to right-click on each and choose the delete option.

A Simpler Solution: Use an Antivirus Program

Most experts advise that amateur computer users who wouldn’t necessarily categorize themselves as tech-savvy should use anti-malware or antivirus software programs to eliminate viruses from their computers. This eliminates the large number of manual steps as suggested above.

Expert users have the option to handle the manual method with ease. Others face the risk that if they end up entering a command incorrectly, they could end up damaging the computer instead of recovering it from the virus.

This is the reason why the automatic route, installing a good antivirus program, is recommended.

Prevention and Cybersecurity Best-Practices

What’s more important is the attitude to not let any virus enter the computer in the first place. By taking some simple steps, this can be achieved. The hackers who create these viruses and malware look for vulnerable devices to target. Vulnerability in any computer comes from a few ways.

If your antivirus package is out-of-date, or if you don’t have one at all, you may be at risk. Since Windows computers appear to be more prone to cyberattacks or virus attacks, users of Windows-run PCs and laptops need to take more careful precautions than others.

Despite having the best antivirus package, if you aren’t disciplined enough, your system could get exposed to viruses or malware.

Also, one of the most-repeated cybersecurity best-practices is to avoid opening emails or email attachments that appear suspicious. Even if the sender sounds familiar, be absolutely certain before clicking on it. Make sure the sender’s email address hasn’t been altered in any way. In phishing attacks, hackers often impersonate legitimate email addresses by simply changing one letter or number.

And lastly, don’t ever download freeware unless it is totally reliable and from a legitimate source. Malware developers often create fake antivirus software and market them for free order to lure in unsuspecting victims. Make sure the antivirus program is from a reputable company; do a couple of Google searches and check user reviews to confirm.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.