The Trojan-Banker.Win32.Capper has been just another addition in the famous trojan virus family that sneaks in the windows based computers secretly without the consent of the user. Once installed, it immediately reduces the speed of the system, and decrease the overall performance of your computer. Besides that, you will also face data loss issues, and important system files removed. This malicious application is developed by the notorious hackers to track your online activities, steal your passwords along with emails, and steal your payment details. These details are used by the hackers to steal your money through fraudulent ways. Once installed on any computer, the Trojan-Banker.Win32.Capper immediately creates a folder to save its malicious files. This dangerous virus spreads through trapping the innocent computer users by the name of famous social media website Pinterest. This virus uses a fake website named piteresf.org to attract the users. When you visit that website, you are encouraged to download a tool, which is actually a malicious code that infect your system badly.
The Manual Removal of Trojan-Banker.Win32.Capper
Once it is confirmed that your computer is compromised to the Trojan-Banker.Win32.Capper , the first thing comes in your mind is how to delete this virus. There are two different methods of deleting such malicious applications that include automatic removal method and manual removal method. The manual removal method detailed below:-
Start the System in Safe Mode
The first step of this long process is to reboot the system in the safe mode. You have to restart the infected machine and use the F8 key to see the boot options. From these options you have to select the safe mode and press the enter key.
Kill the Associated Processes
The next step of this process is to kill the malicious processes associated with this tricky Trojan infection. You have to access the task manager by holding the Ctrl+Alt+Delete keys together, and select the processes tab. Under this tab there is a list of processes running in the background of your computer. You have to find and delete the following associated processes of this virus from the list:-
- %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
Delete the Associated Files
Once you are done with the removal of malicious processes, you have to access the file explorer, and remove the following files from the system files folder:-
- %Desktopdir%\Trojan-Banker.Win32.Capper Virus.lnk
- %Programs%\Trojan-Banker.Win32.Capper Virus\Trojan-Banker.Win32.Capper Virus.lnk
Reverse the Modification in the Windows Registry
The final step of this process is to remove the corrupt entries associated with this threat. This can be done by through registry editor that can be accessed by using the regedit command through Run option available in the start menu. Once the registry editor started you have to remove the following entries:-
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan-Banker.Win32.Capper Virus\DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan-Banker.Win32.Capper Virus
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan-Banker.Win32.Capper Virus\UninstallString “%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM CHARACTERS] %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan-Banker.Win32.Capper Virus\ShortcutPath “%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan-Banker.Win32.Capper Virus\DisplayName Trojan-Banker.Win32.Capper Virus
Close the registry editor, and reboot the system in the normal mode to check success of this method. Run a complete system scan after updating the existing antivirus software.