How to remove kenshyexuo.vbe shortcut virus

Please help me. This kenshyexuo virus started to infect my USB Flash drive when I inserted it on an office computer. After scanning it with several antivirus programs, I thought I have deleted and removed the virus. So, I was very confident that USB Flash drive is clean and have used it on my laptop.

What kenshyexuo.vbe virus does is placed kenshyexuo shortcuts on every folder of the infected drive. Now, it has taken over my hard drive. I have scanned the computer with my Avast and a couple of tools but kenshyexuo is irremovable. I mean, scans can delete the shortcuts including some malicious files but after I restart the computer, it will come back.

I did take a look at start-up folders, registry, and places where kenshyexuo.vbe can be launch and here is what I have found:

C:\documents and settings\lab\local settings\temp\kenshyexuo.vbe
C:\Documents and Settings\Lab\Start Menu\Programs\Startup\kenshyexuo.vbe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value data: wscript.exe //B “C:\DOCUME~1\Lab\LOCALS~1\Temp\kenshyexuo.vbe”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value data: wscript.exe //B “C:\DOCUME~1\Lab\LOCALS~1\Temp\kenshyexuo.vbe”

I have successfully deleted those items but then again it reinstates after restarting Windows.

Please help me remove kenshyexuo.vbe virus from my computer.

1 Response

  1. gregg says:

    My PC also got infected with this kenshyexuo.vbe virus. Here are the steps I tool to get rid of it.

    1. Press Ctrl+Alt+Del on the keyboard. Look for kenshyexuo process and click on End Process.
    2. Click on Start > Run, search or type MSCONFIG to open System Configuration.
    3. Go to Startup Tab and remove the check mark on item kenshyexuo. Click Apply and close this dialog box by pressing OK.
    4. Search the computer for file kenshyexuo and delete all found items.
    5. Click on Start > Run, search or type REGEDIT to open Registry Editor.
    6. Find and delete registry entries with kenshyexuo value.

    Hope this helps.
    Gregg