You mean shortcuts placed in the All Users Desktop/QuickLaunch/StartMenu folders? (I'm guessing it's just "hiding" them with a Desktop.ini entry, rather than truly deleting them?)
That's probably fine, actually, as long as the user (i.e. malware) isn't allowed to create their own shortcuts to replace the deleted ones. I assume there's a GPO to disable the per-user Desktop/QuickLaunch/StartMenu folders, so that only the results from the All Users ones show up?
Nope. Windows allows deletion of "protected" shortcuts e.g. from your desktop and launch bar.