.tmp virus (initsrv.exe) (.netshrink)

A new virus is released that cannot be deleted and creates shortcuts,  which are not really shortcuts, and when the shortcuts are deleted, the original files will be deleted as well. This file is a fake seduction  from the internet having the name download.exe. 
What I mean is when the user is searching for certain software, sometimes he or she will find their search on a fake website having infected files.  The .tmp is a monitoring virus and will be duplicated automatically whenever the user deletes it, and when it stuck with his or her USB drive, it becomes very dangerous, and creates shortcuts for all kind of apps and software.  The text files will disappear, and the user cannot see them.  They appear and disappear accordingly.  To check the virus, Ctrl + Alt + Del to open Task Manager. The Task Manager differs from one Windows to another, and that will be the user experience to locate it. I am going to show you the Windows 8 way. So start by clicking on the keyboard on the keys Ctrl + Alt + Del together to open Task Manager, and then move to the Details Tab, and I End Task for Csrss.exe file. There are 2 or 3 csrss.exe files, and the one that needs to be stopped is the capital letter one (Csrss.exe), since the rest are windows files.  This is only a checkup for the virus, but it will not be removed unless the user uses  a trick that I discovered by myself, since I could not find a way to kill it on the net. The .exe file this time is a hash file, and people who work on Mac know what a hash is. The hash is a program that used to define the Linux Backtrack Versions, and all kinds of hash files. It is a very small app, but it is harmless, and creates a very long extension. This .tmp virus real name is "3ce3978f78e2110ed9959c4be04814bd.exe", so imagine how long this name is, and how you are going to search for a virus remover (antivirus) to kill it, and if you write this name on Google search engine, it will not recognize it.  The Adware Malware remover defines it as a Trojan called MiS or C.MiS. I forgot the middle letter because I deleted it, but the hash is the most important, and we need to find the hash.exe to delete the virus. Deleting the Virus: I open the folder that has the virus, and then I enter inside Win 7/8 My Computer, then I move to the upper toolbar Tools/Folder Options/View, then I scroll down to the area of Hidden Files and Folders, and I check on Show Hidden Files. Now I can see the hash '3ce3978f78e2110ed9959c4be04814bd.exe', but I need to select it, and I right click on it, and I uncheck Hidden from the General Tab. Here the virus appears quickly, and the malware catches it, and Quarantines it. If you want to know its real name go to your malware quarantine files, and you will see its name, whether MiS or C.MiS. That's is!

Regards
Simon G. Hadid
Tripoli - Lebanon