Acwzmain.accde is a legitimate Microsoft Windows file that can be found in C:\Program Files (x86)\Microsoft Office\root\Office16\ACCWIZ\ACWZMAIN.ACCDE. Sometimes, trojans find their way to infect such files and stay hidden under the antivirus programs radar. One such example is when Acwzmain.accde is linked to the recent malware threat called O97m/Mamacse.f

Recently, our “How to remove” team has received numerous reports of people claiming that their computer has been infected by some sort of a “virus” which goes by the name of Acwzmain.accde. Some of the users have reported that they have started to experience some unusual system activity such as sudden crashes, sluggishness and unusual software errors. However, in some cases, this infection may have no symptoms at all. This is because Acwzmain.accde is not a regular virus but a nasty Trojan Horse infection which can sneak in the PC silently and run multiple malicious activities in the background. As most threats of its category, this piece of malware is designed to stay in the system for as long as possible and to secretly launch harmful processes and tasks that serve the needs of the criminal hackers who stand behind the infection. Before you know it, Acwzmain.accde may have managed to collect information about your passwords and login credentials, and may have handed it over to the crooks or it may have made some modifications to your system’s registry and software. But this is not the worst a virus like this may be capable of – Trojans like this one can create security holes by blocking the protection of your security program and inviting other nasty infections such as Ransomware or Spyware in the system without your knowledge. They may also corrupt your data, delete and replace files or format the hard drives in no time. That’s why, if you have the slightest doubt that you might have been infected with a threat of this kind, it is best to read this article to the end and check your system for its hidden presence.

But, how do you know if your PC has really been compromised by a Trojan like O97m/Mamacse.f or “Drive-by exploit”  and how to remove the malware program once and for all? Well, there are some common symptoms that you should keep an eye out for in order to catch such threats before they damage your machine in an irreversible way. For instance, it is a good idea to observe the system’s performance and notice if it starts to experience sudden productivity drops and sluggishness. If your computer is struggling to run programs that have previously run smoothly, or if the system is running a lot of background stuff that you do not know the origin of or do not remember having installed, this could be a sign of some unauthorized background activity. Another possible symptom could be that your antivirus or system-maintenance programs may not work or may not be able to complete a system scan properly. This is because one of the first things that many Trojans do when sneaking in a computer is they block the processes of programs that can help identify and remove them. So if you find that programs like your antivirus, your online security tools or your scanner apps are not working properly, then this should be seen as a major red flag that something may be wrong with the computer. Sadly, some advanced Trojan-based infections, including the O97m/Mamacse.f Trojan, may have no symptoms at all until they complete their criminal agenda, which makes them extremely harmful and difficult to detect and remove.

So, what to do?

Well, before you go to the extreme measure of reinstalling your OS, there are a few steps that may help you catch and remove the Trojan virus without need for anything drastic. If you don’t know where to start, take a look at the removal guide below and use its instructions to get an idea on how to effectively deal with your problem.

SUMMARY:

[add_third_banner]

Acwzmain.accde Trojan Virus Removal

1: Preparations

Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.

2: Task Manager

Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.

If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.

Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.

3: IP related to Acwzmain.accde

Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.

Find where it says Localhost and take a look below that. 

If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the Acwzmain.accde.

[add_forth_banner]

4: Disable Startup programs

Re-open the Start Menu and type msconfig.

Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10,  it will send you to the Startup part of the task manager instead, as in the picture:

If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and Acwzmain.accde , disable those programs and select OK.

5: Registry Editor

Press Windows key + R and in the resulting window type regedit.

Now, press Ctrl + F and type the name of the virus.

Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.

6: Deleting potentially malicious data – Acwzmain.accde

Type each of the following locations in the Windows search box and hit enter to open the locations:

%AppData%

%LocalAppData%

%ProgramData%

%WinDir%

%Temp%

Delete everything you see in Temp linked to Acwzmain.accde. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.

The post Remove Acwzmain.accde Trojan Virus (July 2019 Update) appeared first on Malware Complaints.

The Discord Virus is a cyber threat that can use phishing methods and direct malware to obtain personal information of the users. It is an infection that is distributed via the VoIP software program Discord. The application is legitimate and used by users all over the world to communicate while playing online video game. Unfortunately, some “users” also create chat servers in order to penetrate someones PC with a malware.

Kawaiibot Discord Virus

There are many forms of malware and all of them should be kept at a safe distance from your computer if you want a healthy system and secure personal files. However, not all malware types are equal and some are definitely more problematic than others. Needless to say, one of the top malware categories in terms of maliciousness and potential to cause problems are the infamous Trojan Horses. You have surely heard about the nasty Trojan Horse viruses and know that they must be kept as far away from your computer as possible. However, even the most cautious and knowledgeable of users make mistakes and that is when this type of hazardous programs get a chance to infiltrate their computers and carry out all kinds of malicious tasks once inside. The main focus of this article, however, will be one specific Trojan that is known as the KawaiiBot Virus. This threat is a new one and the information available about it is not sufficient enough to tell you about all the characteristics of this infection. However, there is still a lot that we can tell you about it and we advise you to read carefully as the information below may help you save your computer, your virtual privacy and your personal data from this insidious piece of malware.

The Discordgg.ga Virus

Trojans are nasty multi-functional cyber-attack tools and they can be used in many ways to achieve various criminal goals. In most cases, the attacker behind such malware would use the virus as means of getting their hands on some sensitive information such as credit card numbers or online account passwords and usernames. Later, such data could be used as means of blackmailing or of direct money theft without the user realizing what’s happening until the crime gets carried out in full. However, this is definitely where the versatility of the Trojan threats like Discordgg.ga, O97m/Mamacse.f, Acwzmain.accde ends. Infections like this one may also create massive networks of computers that have already been infected – such networks (called botnets) can be remotely controlled by the hackers with the help of the hidden Trojan and used to mine BitCoin or other cryptocurrencies, to conduct massive Denial of Service attacks, to spread spam and other harmful content as well as many more. Another increasingly popular Trojan Horse use is when a virus of this kind is utilized as a gateway for another malicious program (or multiple malicious programs) such as a Ransomware cryptovirus or a Spyware infection. As we said, the information that is currently available about the Discordgg.ga Virus is not sufficient enough and we cannot tell you if this malware is mainly aimed at one single goal or tends to get used for the completion of different malicious tasks depending on each case. The important takeaway from this paragraph, however, is that regardless of what the Discordgg.ga Virus may try to do in your computer, you cannot allow it to fulfill its task as the consequences can be very, very severe. Therefore, we strongly recommend that you use the next instructions and meticulously complete each of the steps from below in order to rid your system of the insidious the Discordgg.ga Virus infection.

SUMMARY:

[add_third_banner]

Discord Virus Removal

1: Preparations

Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.

2: Task Manager

Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.

If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.

Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.

3: IP related to Discord Virus

Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.

Find where it says Localhost and take a look below that. 

If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the Discord Virus.

[add_forth_banner]

4: Disable Startup programs

Re-open the Start Menu and type msconfig.

Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10,  it will send you to the Startup part of the task manager instead, as in the picture:

If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and Discord Virus , disable those programs and select OK.

5: Registry Editor

Press Windows key + R and in the resulting window type regedit.

Now, press Ctrl + F and type the name of the virus.

Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.

6: Deleting potentially malicious data – Discord Virus

Type each of the following locations in the Windows search box and hit enter to open the locations:

%AppData%

%LocalAppData%

%ProgramData%

%WinDir%

%Temp%

Delete everything you see in Temp linked to Discord Virus. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.

The post Remove Discord Virus (Kawaiibot Virus) July 2019 Update appeared first on Malware Complaints.