Celas Trojan, the latest virus which compromises the security of your computer system. Generally, they are distributed through other malwares and spiteful adwares. Malware, Trojan and rootkit are the ones that damage your computer system and also blocks your internet browser by redirecting to its partner website. Certain websites might not work due to Celas Trojan because it changes the registry values of your computer system. Your computer might show slow performance due to Celas Trojan. Celas Trojan disables the windows firewall and antivirus programs and also introduced many other security vulnerabilities. As an identity theft, Celas Trojan could steal your personal information like passwords, credit card, bank account information and also they may use it for their own purposes, such as, transferring it to its partner company. As many other rogue Trojan viruses, Celas Trojan is also almost impossible to remove manually if you do not know all the system files clearly and the procedure to remove it effectively. Is your system infected with Celas Trojan? To solve the dangerous problem and to fix the infected computer system yourself and remove malware like Celas Trojan, follow these simple steps stated below.

Remove Celas Trojan Processes

  1. Celas Trojan processes can only be stopped from working using the Windows task manager or process explorer.
  2. We will use windows task manager to remove the Celas Trojan processes.
  3. Go to Start button and then click on run.
  4. Type taskmgr in run program and press Ok.
  5. When the windows task manager opens; select the tab named ‘processes’ which will be at the top of the task manager window.
  6. From the list of active processes, find out the Celas Trojan processes which is:

%Program Files%\\AV\\Antivirusv8.exe

  1. All the processes are arranged alphabetically so you will easily find out the required process.
  2. Right click on the found Celas Trojan process and select ‘End processes’.

Remove Celas Trojan Registry entry values

  1. Open the Run program using above mentioned steps.
  2. Type regedit and click Ok to open the registry editor.
  3. Select the left in the registry editor and click on Edit.
  4. After that select the option Find from the menu and type the registry values in there.
  5. When the required Celas Trojan registry values are displayed; select them and press Delete.
  6. The registry values are:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions

[HKEY_CLASSES_ROOT\\.exe]

[HKEY_CLASSES_ROOT\\.exe\\shell\\open\\command]

[HKEY_CURRENT_USER\\Software\\Classes\\secfile\\shell\\open\\command]

[HKEY_CURRENT_USER\\Software\\Classes\\.exe\\shell\\open\\command]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions]

NoBrowserContextMenu = 0×00000001 = > Must be changed to 0

The subsequent Registry Values were modified:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

Shell = = > Must be changed to explorer.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot]

AlternateShell = = > Needs to be changed to 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]

AlternateShell = = > Should be changed to 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “CertificateRevocation” = ’0′

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = ’0′

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop “NoChangingWallPaper” = ’1′

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = ‘/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:’

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = ’1′

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = ’1′

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “DisableTaskMgr” = ’1′

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main “Use FormSuggest” = ‘yes’

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “Hidden” = ’0′

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced “ShowSuperHidden” = 0′

Remove Celas Trojan other files

  1. Open Run.
  2. Type cmd and press Ok.
  3. Type ‘regsvr32 /u [dll_file_name]’ and press enter.
  4. The Celas Trojan other files that should be removed are:

%AllUsersProfile%\Application Data\~

%AllUsersProfile%\Application Data\.dll

%AllUsersProfile%\Application Data\.exe

%UserProfile%\Start Menu\Programs\Trojan:Celas\Uninstall Trojan:Celas.lnk

%UserProfile%\Start Menu\Programs\Trojan:Celas\Trojan:Celas.lnk

%UserProfile%\Desktop\Trojan:Celas.lnk

%UserProfile%\Start Menu\Programs\Trojan:Celas\

 

How to remove Celas Trojan?
Tagged on:                 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>