Your IP : 216.73.216.40

Current Path : /var/www/html/venkat/blockchain-2019/
Upload File :
Current File : //var/www/html/venkat/blockchain-2019/shortcut.txt

Short cut Virus 
---------------

Removal from External drive
Step 1: Open the Command Prompt
Step 2: Go to the external drive folder in command prompt
Step 3: Remove the short cut files by typing  'del *.lnk' (after successful execution of this command,  
        the external drive will not have any files that is everything is hidden)
Step 4: To view the file then type 'attrib -s -r -h  /s  /d'
Now your shortcut virus is removed from the system. However, attrib command must be enabled in your system


Removal from the Windows (XP) system
Step 1 : Open the task manager by pressing  Ctrl + Alt + Delete key
Step 2 : Find the Wscript.exe process in the processes list of Windows task manager
Step 3 : Right click on the WScript.exe and click the end process. 
Now the shortcut virus will be removed.

Instead of doing it every time after switch on the system, 
Permanently avoid the execution of Wscript.exe by removing it from the default startup at the time of the windows startup.
Step 1 :  Goto start of the windows
Step 2 : Click on Run
Step 3 : Type 'msconfig' and click enter or press ok.
Step 4 : Now 'System Configuration Utility' will open. 
Step 5: Go for startup menu in that.
Step 6: Search for  'wscript.exe' either in command or startup item.
Step 7: Untick the particular item and click ok.

If it asks for restart the system then restart it and again you check in the task manager then that wscript.exe will not run.
Even though wscript.exe is the genuine file, the attacker will modify it through the malware and asked to perform the malicious activity.

We can find the infected wscript.exe file and correct it by visiting the location  
Step 1 :  Goto start of the windows
Step 2 : Click on Run
Step 3 : Type 'regedit' and click enter or press ok.
Step 4: Press 'Ctrl +F' or go to edit and find the wscript.exe
Step 5: In the right hand side, it will show the files. Delete the infected files.
Step 6: Do the same process for WINLOGON.vbs or YPSAN.F  files also.

References
http://blog.vilmatech.com/fix-wscript-exe-problems-wscript-exe/ , date of access: 23/03/2015