Clear backupuser.exe manually
hey guys, you can remove it from this method.
- plug in all affected thumdrives/external hard-disk when your PC/laptop is shutdown.
- go into safemode (without networking, etc..) by continously hitting "F8" button when you start up your machine
- log in to an account with administrator rights.
- open My Computer. Under Tools --> Folder Options --> "view" tab --> select "show hidden files and folders" and uncheck "Hide protected operating system files"
- manually delete (shift + delete) files: backupuser, _backupuser, recycled (shown as a red recycle icon), autorun.inf
- These files are commonly found at C:\, C:\Program Files\Common Files\Microsoft Shared\MSInfo.
- Look up for secondary partition, your thumdrives, external hard disk that were previously plugged in and delete the files.
PLEASE NOTE THAT ALL THE DELETION MUST BE DONE AT THE SAME TIME DURING YOUR SAFEMODE SESSION. OTHERWISE, THIS TROJAN WILL COME BACK AGAIN.
Note: DO NOT DELETE THE FILE FROM YOUR PC FIRST (WHERE IT IS CLEANED), AND AFTER WHICH YOU PLUG IN YOUR THUMDRIVE. - THIS WOULD DEFEAT THE PURPOSE.
open My Computer. Under Tools --> Folder Options --> "view" tab --> deselect "show hidden files and folders" and check "Hide protected operating system files"
The trojan should clear.
- plug in all affected thumdrives/external hard-disk when your PC/laptop is shutdown.
- go into safemode (without networking, etc..) by continously hitting "F8" button when you start up your machine
- log in to an account with administrator rights.
- open My Computer. Under Tools --> Folder Options --> "view" tab --> select "show hidden files and folders" and uncheck "Hide protected operating system files"
- manually delete (shift + delete) files: backupuser, _backupuser, recycled (shown as a red recycle icon), autorun.inf
- These files are commonly found at C:\, C:\Program Files\Common Files\Microsoft Shared\MSInfo.
- Look up for secondary partition, your thumdrives, external hard disk that were previously plugged in and delete the files.
PLEASE NOTE THAT ALL THE DELETION MUST BE DONE AT THE SAME TIME DURING YOUR SAFEMODE SESSION. OTHERWISE, THIS TROJAN WILL COME BACK AGAIN.
Note: DO NOT DELETE THE FILE FROM YOUR PC FIRST (WHERE IT IS CLEANED), AND AFTER WHICH YOU PLUG IN YOUR THUMDRIVE. - THIS WOULD DEFEAT THE PURPOSE.
open My Computer. Under Tools --> Folder Options --> "view" tab --> deselect "show hidden files and folders" and check "Hide protected operating system files"
The trojan should clear.
Labels: backupuser.exe
posted by James Bob at 11:49 am
