Dec 25, 2014

Remove Win32/SweetIM Virus

MSE found Win32/SweetIM virus in a few hours ago in my computer. I have tried for 2 hours, but still cannot get rid of it. I tried some other antivirus programs including Norton and AVG, but they all failed. My computer is worse than before. Random restarts happen automatically every few minutes. My network connection often cuts off. How to remove this nasty virus and save my computer?

Details of Win32/SweetIM:

Win32/SweetIM is classified as a malicious Trojan virus that has plagued many computer users in a very long period of time. Malicious software, browser hijacker, ransomware, spyware and Trojan virus have become major computer problems. Usually, antivirus programs can prevent Trojan viruses from attacking computers. However, some of them are specially designed by computer hackers to bypass most antivirus programs so as to stay in the target computers firmly and steal as much private information as possible from the computer users. In addition, Win32/SweetIM differs markedly from malicious software, browser hijacker, ransomware and spyware, it won’t show up for you to see it on the computer screen. Computer users know that it is in the computer only through the pop-up alerts from antivirus programs after its successful penetration.

The Win32/SweetIM Trojan infection is waiting for an opportunity online to enter the vulnerable computer systems from around the world. It is able to attack the computer as long as the computer system becomes weak or lacks of protection. When the computer users access to suspicious web sites, download corrupted “free” programs, click on unknown links and open spam email attachments, it will enter the computer easily. Once getting into the computer successfully, it is very active in the background and but does not cause too much concern at the beginning. With the passage of time, the infected computer will act worse and worse. Through changing system settings, it can set itself as a system process, which increases the difficulty for the antivirus programs to remove it. Win32/SweetIM also helps computer hackers to collect your personal information. Therefore, it should be removed immediately from your computer.

Processing manual removal is supposed to have a certain level of computer literacy. If you are not sure how to start and are afraid of making any critical mistakes damaging the computer system, please live chat with YooCare Expert now.

What Can the Vicious Virus Do?

1. Win32/SweetIM has the ability to download additional components and other infections in the target computer in order to fully complete its penetration.
2. It is able to cause system crash and destroy some of your programs in the infected computer.
3. It facilitates the virus makers to intrude your computer remotely without letting you know.
4. It is capable of collecting your browsing history and other private data.

Manual Removal Guide:

Win32/SweetIM has the ability to evade the removal of the antivirus programs. Therefore, we should try to remove it in another way. Here you are advised to remove it manually, which can ensure a complete clearance. This Trojan virus can be linked to some other malware and spyware. After its installation is complete, it can help those malicious things get unauthorized access to the infected computer. Hence, we should have it removed as soon as possible.

1. End Relevant Processes

(1). Press Ctrl+Shift+Esc together to pop up Windows Task Manager, click Processes tab

Windows Task Manager

*For Win 8 Users:

Click More details when you see the Task Manager box

Win 8 Task Manager

And then click Details tab

Details Tab in Win 8 Task Manager

(2). Find out and end the processes of Win32/SweetIM

2. Show Hidden Files

(1). Click on Start button and then on Control Panel

(2). Click on Appearance and Personalization

(3). Click on Folder Options

(4). Click on the View tab in the Folder Options window

(5). Choose Show hidden files, folders, and drives under the Hidden files and folders category

(6). Click OK at the bottom of the Folder Options window

*For Win 8 Users:

Press Win+E together to open Computer window, click View and then click Options

View in Computer Window

Click View tab in the Folder Options window, choose Show hidden files, folders, and drives under the Hidden files and folders category

View Tab in Folder Options Window

3. Delete Relevant Registry Entries and Files

(1). Delete the registry entries of Win32/SweetIM through Registry Editor

Press Win+R to bring up the Run window, type “regedit” and click “OK”

While the Registry Editor is open, search and delete the related registry entries

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\[RANDOM CHARACTERS].exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ‘Random’

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Random

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “CertificateRevocation” =Random


(2). Find out and remove the associated files




%AllUsersProfile%\Application Data\random

%AllUsersProfile%\Application Data\~random

%AllUsersProfile%\Application Data\.dll HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Random “.exe”

Video Shows You How to Safely Modify Windows Registry Editor:

Computer has become a necessity in our daily life. However, more and more computer viruses have become more stubborn, because they are specifically designed by computer hackers to steal valuable info from computer users. Win32/SweetIM is able to escape a lot of antivirus programs. Usually, the Trojan is hidden in some online resources with attractive features. For example, it may be put in some unknown “free” programs. It is able to not only steal your personal information, but also damage the stability of the infected computer system. Win32/SweetIM is a huge threat to your privacy stored in the computer. Thus, you should get rid of it as early as possible.

The above manual removal is quite dangerous and complicated, which needs sufficient professional skills. Therefore, only computer users with rich computer knowledge are recommended to implement the process because any errors including deleting important system files and registry entries will crash your computer system. If you have no idea of how to process the manual removal, please contact experts from YooCare Online Tech Support for further assistance.

Published by & last updated on December 25, 2014 2:14 am

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On