Keep getting warnings from the antivirus program showing that your computer has been infected with a risky Trojan virus named Trojan:Win32/Rerdom.A? Why does it keeps coming back after a removal by the antivirus program? Have no clue about how to remove this Trojan? How to get rid of it completely?

Trojan:Win32/Rerdom.A Virus Description

Trojan:Win32/Rerdom.A is a nasty Trojan virus that can cause serious damages to the infected computer and collect user’s sensitive information. It is released by cyber criminals through spam email attachments, malicious websites or unknown links and some freeware from unsafe sources. Therefore, computers with Windows operating system will be attacked by it easily if users are careless when surfing the Internet. This virus is capable of sneaking into the computer without your permission and starting to perform a series of dangerous actions immediately.

Trojan:Win32/Rerdom.A consumes system resources greatly, which makes the infected computer run very slow both in starting up and running programs. It is annoying to work in a sluggish computer. Besides, you may keep getting the prompt saying “stop working” when you try to run some programs. The computer also will shuts down suddenly, which is similar to the shut-down by cutting off the power. This kind of frequent abnormal shut-down damages the system seriously. What is worse, it is able to record your personal information and send them back to the cyber criminals in backdoor. It is quite dangerous to use the computer with the virus in.

To absolutely clean out this virus, you can follow the guide here if you are a computer savvy. As the anti-virus won’t be able to help, manual removal is the most effective way to remove it completely. Contact YooSecurity Online PC Expert to get further help to sort it out.

How Dangerous Would The Virus be?

Like the above-mentioned, once successfully get into a target computer, Trojan:Win32/Rerdom.A modifies the master boot record, which may cause system crash and windows errors. The antivirus program cannot remove it and even could be shut down by it leaving the computer in a dangerous condition. There are some ways to check if this virus has hit your computer when the antivirus program is helpless.

This virus slows down your computer and then successfully crashes computer system. There are some symptoms of Trojan:Win32/Rerdom.A virus attacking the computer:

  • The desktop background image has been changed and the home screen icons have been rearranged.
  • While browsing websites several pop up advertisements are displayed.
  • The overall speed of the computer is slowed down and programs take longer time than normal to open. The Internet is also slowed down and simple tasks like shutting the computer down are also slowed.
  • Antivirus programs on the computer will be shut off and disabled to prevent detection of the virus.

Steps on How to Get Rid of Trojan:Win32/Rerdom.A

Step 1: Open Windows Task Manager to end processed related to the Trojan horse. To do that, press Ctrl+Alt+Del keys at the same time or right click on bottom Task Bar and select Start Task Manager.
Windows Task Manager

Step 2: Show hidden files. Go to Folder Options from Control Panel. Under View tab, select Show hidden files and folders and non-select Hide protected operating system files (Recommended) then click OK.
Folder Options

Step 3: Go to Registry Editor. First press Windows+R keys and then type regedit in Run box to search for virus. Delete all the following or those related to the following files and registry entries:
Run+Registry Editor

%AllUsersProfile%\random
C:\windows\system32\services.exe\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Trojan.Win32.yakes.coen
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe

Video on How to Modify or Change Windows Registry

Conclusion

In a word, Trojan:Win32/Rerdom.A is a dangerous Trojan virus that is able to escape from the removal of most antivirus programs and keep damaging the computer. It collects your personal information and sends them back to the cyber criminals who created it for profitable and even illegal use. Therefore, you shall remove it as soon as possible.

Note: Still having the same problem after every reboot? If you don’t know how to remove this virus from your computer and don’t want to make thing worse. Contact Online PC Experts 24/7 online in time to get professional help.

Published by Tony Shepherd & last updated on April 5, 2013 11:45 am

Leave a Reply