Posted February 27, 201410 yr Hello, My PC is infected with something called kenshyexuo, it isn’t detected AVAST (Up-to-Date) Initially my flash drive was infected with – it has shortcuts of document rather than the file it self, I was removing by deleting all shortcuts in windows – Shift + Del and then going to cmd and attrib -h -r -s /s /d F:\*.* - which revealed kenshyexuo. I used Sysinternals Process Explorer & Hi Jack This! To find and delete kenshyexuo from every where it was detected but it always comes back after the system restarts also it does not show in the startup folder – not even if I display the hidden file option from the folder option, it sits in the following locations + windows registry at the windows Logon: C:\documents and settings\lab\local settings\temp\kenshyexuo.vbe Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run String name: kenshyexuo Value data: wscript.exe //B "C:\DOCUME~1\Lab\LOCALS~1\Temp\kenshyexuo.vbe" C:\Documents and Settings\Lab\Start Menu\Programs\Startup\kenshyexuo.vbe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run String name: kenshyexuo Value data: wscript.exe //B "C:\DOCUME~1\Lab\LOCALS~1\Temp\kenshyexuo.vbe" Continue reading...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.