Manual Removal of W32/Wisdoor.AO Trojan
W32/Wisdoor.AO is a trojan. The trojan will infect Windows systems.
This trojan Copies its files to Windows Folder as hidden files.
This trojan information updated on May 12, 2009.
Other names of W32/Wisdoor.AO Trojan:
This trojan is also known as Infostealer.Onlinegame, Trojan-GameThief.Win32.Wisdoor.AO, Trj/Lineage.BZE
This trojan Copies its files to Windows Folder as hidden files.
This trojan information updated on May 12, 2009.
Other names of W32/Wisdoor.AO Trojan:
This trojan is also known as Infostealer.Onlinegame, Trojan-GameThief.Win32.Wisdoor.AO, Trj/Lineage.BZE
Damage Level : Medium/High
Distribution Level: Medium
W32/Wisdoor.AO Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
Distribution Level: Medium
W32/Wisdoor.AO Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
End the Following Active Process Before Removal
- [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Wisdoor.AO Trojan Known File Removal Tool
- %Windows\SYSCFG16.EXE
[ No Exact Information about Files, search above related files in Program files Folder ]
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg [ Right Click - Save Target As/Linked Content As ]
Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Wisdoor.AO Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
- Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only. - After booting into the Safe Mode or VGA Mode
- Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
W32/Wisdoor.AO Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete : SYSCFG16.EXE
Delete file entries from right side
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete : SYSCFG16.EXE
Delete file entries from right side
Search Registry For W32/Wisdoor.AO Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.
Edit Menu - Find, enter Keyword and remove all value that find in search.
Exit the Registry Editor,
Restart your Computer.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)