Trojan.Win32.Weelsof is a malicious Trojan that is created to launch various attacks on the compromised computers. It is associated with many infamous ransomware, such as UKASH virus which is known for intimidating affected computer users into paying 100 Euro and then get their computers unblocked. The Trojan is capable of spying on infected computer, leaking data, downloading or executing other malware from a server. When it is inside your computer, it will cause serious damages to make users in pain.
You will find your computer slows down and freezes all the time. Win32/Weelsof virus also tends to open a backdoor and steal confidential data such as banking logins, passwords and other financial data, then transmit it to a remote server. In a word, it can result in much more damage to the affected machine beyond your imagination. Once detected, an immediate removal is needed.
Slow down your PC speed notably.
Add other dangerous Trojan or Spyware to your system secretly.
Allow the hacker to access your entire system.
Collect all your personal information and transfer to a remote hacker.
Destroy critical system files and make PC unstable.
From malicious drive-by-download scripts from corrupted porn and shareware / freeware websites.
Through spam email attachments, media downloads and social networks.
When clicking suspicious popups or malicious links.
Open unknown email or download media files that contain the activation code of the virus.
Note: No matter how does the virus access your PC, users should know that there are no tools can remove this pesky Trojan automatically at this moment, it is suggested users not spend much time in downloading or paying any security software which claims can delete this stubborn virus. It is totally useless. To completely get rid of this pest, professional manual guide is needed.
1. Reboot your computer to safe mode with networking. As your computer restarts but before Windows launches, tap “F8” key constantly.
2. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
3. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
%UserProfile%\Application Data\random.exe
%SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\Startup\updates.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\”Optim1″ = “regdtopt.exe”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\”Optim2″ = “%UserProfile%\My Documents\regdtopt.exe”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\”Optim3″ = “%UserAppData%\Identities\regdtopt.exe”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\”Optim4″ = “%UserProfile%\Desktop\regdtopt.exe”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\”Optim[NUMBER]” = “[FOLDER CONTAINING INFECTED FILES]\regdtopt.exe
Manual removal of Trojan.Win32.Weelsof needs computer literacy, Please take cautions before performing the steps above. If you failed to remove this Malware, you are welcome to contact YooCare agents to fix the problem.
Published by on June 17, 2012 1:48 am, last updated on August 17, 2012 5:30 pm
Leave a Reply
You must be logged in to post a comment.