Win32/TrojanDownloader.Waski.A is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer. It can also spread itself by sending emails out on your behalf to people in your address book.
TrojanDownloader:Win32/Waski.A creates the following files on your computer:
c:documents and settingsadministratorlocal settingstemphij.exe (could be a random file name and administrator is the name of your Windows user)
Manual Removal Process:
Step 1: Restart the system in Safe Mode with Networking. Keep press F8 when the machine starts to boot up.
Step 2: Delete startup items of Win32/TrojanDownloader.Waski.A virus. Press Win+ R, type “msconfig” and click OK. Look for anything in the startup tab that has random characters as a file name and usually no Manufacturer associated with it (or a random name).
Step 3: Remove registry entries of Win32/TrojanDownloader.Waski.A virus. Press Win+R to open Run, type “regedit” and hit OK.
Remove this key, or change Shell to explorer.exe:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “Shell” = “[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][random].exe
Change these two registry keys:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableTaskMgr” = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableRegistryTools” = 0
Step 4: Try to find Folder Options in Control Panel, select the View tab, and then tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK. Click Start menu, select Control Panel, and search Folder Option.
Malicious Activities of Win32/TrojanDownloader.Waski.A Virus:
1) Win32/TrojanDownloader.Waski.A virus makes changes to some major system parts.
2) Win32/TrojanDownloader.Waski.A virus controls the affected system and disables certain programs.
3) Win32/TrojanDownloader.Waski.A virus could change or even remove some important system files.
4) Win32/TrojanDownloader.Waski.A virus helps remote servers enter the compromised PC for more illegal purposes.
5) Win32/TrojanDownloader.Waski.A virus downloads additional risky PC parasites like spyware, rogueware and adware.
6) Win32/TrojanDownloader.Waski.A virus consumes high system resources and slows up the whole PC performance.
7) Win32/TrojanDownloader.Waski.A virus monitors keyboard actions and steals crucial information.
You can check out my Virus Removal Page for some useful tools as well.
If you go through removal tools and find out your registry is disabled or your task manager, save these files to your desktop and try running them.
Enable Task Manager
Enable Folder Options
Restore Hidden Files[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]