Table of Contents
Introduction
Counter.wmail-service.com serves as a Command and control (C&C) server for the VenomSoftX malware, a potent JavaScript-based RAT (remote access trojan) with a focus on cryptocurrency theft and browser manipulation.
Step 1: Terminate Malicious Processes with Rkill
Download RKill:
Visit BleepingComputer.com to download RKill.
Click “Download Now” for the renamed version, iExplore.exe.
Run RKill:
Execute iExplore.exe to terminate known malware processes.
The program may take time to search for and end various malware programs.
Step 2: Uninstall Malicious Programs
Access Windows Settings
Press Windows key + I or right-click the Start button and select “Settings.”
Navigate the Apps and Features
In Settings, click on “Apps” and then “Apps & Features.”
Uninstall Suspicious Programs
Identify and uninstall any unknown or suspicious programs.
Step 3: Remove Malicious Browser Policies
Open Command Prompt as Administrator
Type “cmd” in the search bar, right-click Command Prompt, and select “Run as administrator.”
Execute Commands:
Type the following commands:
RD /S /Q “%WinDir%\System32\GroupPolicyUsers”
RD /S /Q “%WinDir%\System32\GroupPolicy”
Gpupdate /force
Step 4: Delete Malicious Files and Folders
1. Delete Malicious Scheduled Tasks:
Search for “Task Scheduler” and delete any suspicious tasks.
2. Delete Malicious Files in AppData\Roaming:
Open Run (Windows key + R).
Enter %AppData% and click OK.
Delete unknown folders with suspicious names.
3. Delete Malicious Files in AppData\Local:
Open Run (Windows key + R).
Enter %localappdata% and click OK.
Delete folders named Default, WindowsApp, and ServiceApp.
Step 5: Reset Browser Settings
Reset Chrome Settings to Defaults
Click the three dots in the upper-right corner of Chrome after opening it.
Go to “Advanced” > “Settings” > “Reset and clean up.”
Please click on “Reset settings to their original defaults” to confirm.
Step 6: Use Malwarebytes for Trojan Removal
Download Malwarebytes:
Visit Malwarebytes and download the application.
Install and Run Scan:
Click “Confirm” after selecting “Reset settings to their original defaults.”
Click “Scan” to detect and quarantine malware.
Restart your computer if prompted.
Step 7: Scan with HitmanPro for Rootkits
Download HitmanPro
Visit HitmanPro and download the program.
Install and Run Scan
Double-click the HitmanPro file to install.
Click “Next” to perform a system scan.
Remove detected items and activate the free license if needed.
Step 8: Use AdwCleaner for Adware Removal
Download AdwCleaner
Visit AdwCleaner and download the tool.
Install and Run Scan
Double-click the AdwCleaner file to install.
Click “Scan” to detect and quarantine adware.
Click “Continue” to complete the removal process.
Conclusion:
By diligently following these steps, you can effectively eliminate the Counter.wmail-service.com Trojan and associated malware from your system. Ensure your antivirus is regularly updated, practice caution online, and adhere to security best practices to prevent future infections.
Note: If issues persist, seek assistance from security forums or run additional scans with tools like Emsisoft Emergency Kit.
Please explore our site for more exciting content if you liked dis article.
