If you right click any shortcut folder inside your USB drive and go to Properties, you will be able to confirm that this is actually not a shortcut but properties of an executable file. Now let’s go through removing the shortcut virus step by step:
- Download Hijackthis and install it on your computer.
- Scan your computer with Hijackthis and preferably save the log file.
- Hijackthis gives your a list of entries with codes at the start of each line. Each code has a meaning. We need to look at the entries with code ’04′. These are the entries which are executed when a user is logged into the computer. These entries will display startup items for all the users in the computer
- Make sure you delete all entries which have the following file names inside them: fypuas.exe and fypuasx.exe
- Now open your Task Manager. Under Processes, make sure no process is running under the name fypuas.exe and fypuasx.exe
- Now go to your profile home folder (Run –> %HOMEPATH%), delete all files named fypuas.exe and fypuasx.exe
- Open command prompt (Run –> cmd) and go to your USB drive. For example, if my USB drive is E drive, I’ll need to type E: and hit the enter key. This will take me to the USB drive inside the command prompt.
- Run the following command: del *.lnk (This will delete all files with the extension of a shortcut.
- Now run the following command: attrib -h -r -s /s /d E:\*.* (This command will remove the following attributes from all files inside the USB drive; hidden, read-only, system).
Following these steps should remove the virus from the USB drive completely. If you open your USB drive folder from Windows Explorer, you will be able to see all your files and folders restored inside the USB drive.
After removing this virus, you should scan your system with a good antivirus so that it may be able to detect and remove traces of any virus inside your computer.
No comments:
Post a Comment